This is similar to law enforcement saying: "You mean we cannot track everything you say and do. How in the world are we supposed to do our jobs safely and efficiently?" Answer is, you basically can't. Not safely and not (as) efficiently. Because the world will turn dystopian and will destroy the very thing we are trying to create/maintain. (Happiness, etc)
It's nice to be able to A/B test your blog or product. It's cool and efficient, but it also hurts and to me that hurt outweighs your company's marginal benefits although it is a nuanced and difficult discussion to be fair. I'm being simplistic here to make the point clear. I hope.
How is simple analytics or A/B testing that's NOT internet-wide tracking (that is, only for the website you're on) or sold (which would be outright illegal without explicit consent) hurting you? Genuine question, because I don't see it. Internet-wide tracking across many sites: sure. But that's a very different thing – it's the difference between "I'm home Darling, I saw Sander at the mall today" vs. "Hello everyone, here is everything Sander did this week".
I bet HN keeps server logs; would you say you're being surveilled by viewing this page and posting that comment? If not, why not? What's the difference between that metadata and any other?
Surveillance is a deliberate action. If some incidental metadata is temporarily stored at HN and then evicted and deleted permanently in reasonable timeframes then it is not a surveillance. But as soon as it's analyzed, and/or specifically stored for prolonged periods, and/or unnecessary metadata is collected (not required for basic tech support and server administration), and/or linked to the user profiles more than needed to save and display our posts - then it's surveillance.
If I passed by your house and saw you walking your dog at 10:34 18/05/2023 and then promptly forgot about it, it is not a surveillance. If I set up a permanent observation post across the road from your door and will tail you daily everywhere you go - it's a surveillance. Even if I pinky promise that it is my own internal information and I would not share it, sell it, exchange it etc.
> set up a permanent observation post across the road from your door and will tail you daily everywhere you go
But I don't really see how that is happening here? I agree that would be bad, but merely checking "a user visited my website" is a very thing than seeing what someone does all over the interwebz. It's very questionable this minimum of information can even be tracked to you when done right.
I'm not claiming the relation is causal. I don't know what happens between happy world -> happy world with constant surveillance -> dystopian hellscape. The same is true for HN logs. I'd say, yes those logs are a form of surveillance. If that matters is where the debate is. It's hard to say, because these things are slippery and take (a long) time.
Of course they’re being surveilled on Hacker News. Keeping a finger on the pulse here is the epitome of low hanging fruit for law enforcement and intelligence. Why would anyone suspect otherwise?
The data is that of "I have a person who likes monkey paws" and then they can sell that to the monkey paw conglomerate. Next thing you know you're getting monkey paws in the mail!
The entire premise of my question is that data is kept private between the two parties (the website owner and the visitor). I don't see how this connects with that at all.
And how do you even get someone's mail address without an extensive internet-wide profile (which, again, isn't what the premise of my question was in the first place)?
It’s one thing to say that you’ll keep the data private between you, but from the user’s perspective there’s no guarantee. Whether that’s because you change your mind and decide to sell the user’s data, or there’s some sorta data breach, or or or.
I get the feeling. But to make things very simple, it's again like law enforcement tracking everything you say and do. Let's say it's a single agency, with a single employee doing the tracking to keep it easy.
How is that hurting you? How is your every movement being tracked by a single agency such an issue? They said they would keep it private, pinky promise.
Law enforcement tracking everyone can have serious and unintended consequences in away that a SaaS tracking visits are unlikely to have.
An extreme case is on the other side, is to compare simple site limited tracking to a coffee shop being able to see who enters the door. Why should they track how I look and the way I'm dressed? Does it make service harder if you have to work blindfolded? Though luck, my privacy is more important than your wish to provide your customers with good service.
“Unlikely” being the keyword here. I know it’s unlikely, but just the act of collecting all this data makes it dangerous. IMO the benefits are small compared to the longterm risks so I lean towards, don’t track, just deliver “good coffee”. No need for hyperoptimalization of the coffee experience.
In your example they are only looking. It would be different if they were recording their observations in a structured manner (aka cameras). Even writing it down by hand would raise flags, would it not? Sure, being a human means looking at me and my coffee to brew it, but recording everything I do in (semi)permanent storage? Is that human? Is that necessary to brew coffee?
The problem is that there are good and bad cookies:
- session cookie: good
- tracking cookie: bad
I remember a time when browsers would ask you for every website if you wanted to keep the cookies and because most cookies were good cookies, everybody agreed to accept them. Later came the ad industry and started to introduce bad cookies.
It's nice to be able to A/B test your blog or product. It's cool and efficient, but it also hurts and to me that hurt outweighs your company's marginal benefits although it is a nuanced and difficult discussion to be fair. I'm being simplistic here to make the point clear. I hope.