People here don't know anything about tech regulation or privacy even though they pretend to and almost every criticism I see is just straight up wrong. And I'm a data engineer who works in tech focused on privacy.
I have a feeling this is the case for any technical subject that happens to be diiscussed on social media. Mostly everything I read about my own domain of expertise is often flat out wrong, but repeated with such confidence and appeal to authority that it makes you wonder what else here is wrong.
Yep, it is always those with just enough knowledge to be dangerous. Some guy who watched a youtube video, took a 101 class, or just started in the field. It is crazy really, and of course it is very hard to convince those people of anything because sometime the wiser, non-newbie opinion will seem overkill to them since they believe the issue to be very simple and clear-cut.
What do you believe are the best practices to protect ones privacy would be, regardless of complexity (something extremely effective, but not necessarily easy to set up/use)?
Reject society, become a hermit, and move to the woods off grid, because otherwise you can't.
Sure, you can refuse to sign up for every big tech company that does targeted advertising, but if you want to participate in society at some point you'll need to join a financial institution and you'll probably need insurance. I've worked in insurance and by nature the data collected is way more personal and intrusive than anything needed for targeted advertising, but they can fly under the radar because everyone is laser focused on targeted advertising tech companies right now. Imo the most concerning data leaks of our time have been financial institutions like Equifax, which everyone forgot about almost immediately, but we're still obsessing over which of your personal preferences Google knows.
But for the vast majority of people, none if this really matters, because on a personal level nobody actually gives a shit about you.
I'll end it with a disclaimer that there are exceptions (e.g. if you're looking for an out of state abortion in America use E2E encrypted apps) and overall I do think privacy regulations like the GDPR and CCPA have made good progress across the industry into keeping sensitive data safe, but the community on Lemmy is looking for big tech blood that they'll never get.
idk I mostly agree with you. Although, how do the insurance companies collect that information? I know there's car insurance apps that sense how good your driving is, but other than that is it mostly just datamining of publicly available documents etc like those background check or people finder sites do?
I worked in Canadian health benefits, everything you submit is data. Not just your SIN and address, but which drugs you're on, which paramedicals you use, all that good stuff.
When I signed up for life insurance they came and took my blood to run tests too, that's pretty personal lol.
at least you mostly know what data insurance companies get though, with tech its somewhere between all of your internet activity ever, and nothing because its too expensive.
personally it seems worth it to me to avoid large tech companies simply because I have the time to deal with some lost convenience, and if they are storing everything then they will have less on me, and if they aren't, well I've learned loads about IT, and its been kinda fun.
if you're looking for an out of state abortion in America use E2E encrypted apps
Even talking about it at all on non e2ee apps can get you caught, not just "hey doc.." but even "hey ma, I'm gonna.." Know what though? We can expand this to any crime, seditious materials, not wanting the contents of your messages to be stored in perpetuity in case something like abortion laws change or databases get hacked or seized. And not every country is the US btw, some people in this world need Tor to access Facebook without being sent to Lake Laogai. Not to mention, the NSA, FBI, and CIA, love that they can buy your data in bulk, they don't want to go back to needing warrants, personally, I like warrants, as they have to at least ask a judge and it at least ostensibly has to be for a reason, as opposed to "here's $50 gimme data." Btw while we're talking about buying data, did you hear about the fact that you can buy life360 data for a neighborhood at $45, and this data tells you when people usually leave the house/come back from work, and you or me could buy this data and use it to rob every life360 user in the neighborhood. Sure we don't know who we're robbing, but we do know that it's 2pm and nobody will be home for another 4hr.
If you don't like or need privacy, please post your credit card numbers, exp date, sec code, full address, and SSN, medical records, and leave that door unlocked for me, but trying to convince me there's no reason to be mad about it or to try and limit the scope of their warrantless surveillance ain't gonna work, it is a problem that needs fixing, not apathy.
Edit: Downvote, but not expound upon your point? Seems to me that is a tacit admission of a lack of truth. Especially considering everything I referenced is known to be true, not some conspiracy theory, if all you've said is "misinformation" but can't explain how I'll have to trust the sources.
Even talking about it at all on non e2ee apps can get you caught, not just "hey doc.." but even "hey ma, I'm gonna.."
No, that's not how E2EE works.
Not to mention, the NSA, FBI, and CIA, love that they can buy your data in bulk
They can't, this is illegal in the majority of first world countries.
Btw while we're talking about buying data, did you hear about the fact that you can buy life360 data for a neighborhood at $45
Life360 only shares aggregated data with 3rd parties, not personal data.
and this data tells you when people usually leave the house/come back from work, and you or me could buy this data and use it to rob every life360 user in the neighborhood.
Lol no it doesn't
If you don't like or need privacy
Never said I don't need or like privacy, it's literally my job and I'm quite passionate about it. I said people here share bullshit misinformation, which you just did. Your sources prove absolutely none of your claims.
Uhh, yeah it is. E2ee (with keys controlled by the users) does "work" by keeping your conversation data encrypted (assuming the encryption isn't cracked and the keys aren't held by attacker). Messages that are not e2ee are not encrypted, so they can be read without breaking the encryption they don't have simply by obtaining a warrant or in some cases simply requesting (by the government).
It literally is "the whole point" of e2ee, that is how it works.
They can't, this is illegal in the majority of first world countries.
In November, Vice reported that US Special Operations Command had purchased location data collected by a third-party data broker from an Islamic prayer app called Muslim Pro. The app maker later said it would stop selling its users' location data. The same month, the US Department of Homeland Security came under investigation by its inspector general after Buzzfeed reported an internal memo showed it was collecting phone location data without warrants for immigration enforcement.
Life360 only shares aggregated data with 3rd parties, not personal data
I disagree, I think that knowing my every move throughout the day is personal, whether they know my name or not, they know where I sleep, they know where I work, they know where I hang out, that is pretty personal. Not to mention if you know who lives in "House A" and you buy the location data for the area "House A" is in, you have just deanonymized them and can now use it for stalking purposes.
Listen you say you do this for a living, but you provide no sources debunking the claims, the DHS isn't even denying they do it, their lawyer is claiming it is legal, they literally admit it, idk what else to tell you man, it looks like they do. From the life 360 TOS:
G. De-Identified Information
We may share with third parties, including advertisers and service providers, anonymized, aggregated and/or anonymous data we collect about you and other members, such as de-identified demographic information, de-identified location information, and information about the computer or device from which you access our Services, or the results of hashing your email address.
They literally admit to selling location data, even if it is "de-identified" that still means my home address can be easily figured out, my name isn't the problem, the problem is the "precise location data" they admit to selling. Sorry my dude but it all seems to be the case.
Admission is good enough for proof in my book, barring coercion which I don't think the DHS lawyer or life360 was being subjected to at the time. If they aren't doing it why should they lie and say they are? Furthermore, you assert that it is "illegal" for them to buy the data, the DHS lawyer disagrees, so does the US Government (here's the NBC article I got that from), in this US Government document, and frankly it does seem to be a loophole. Can you direct me to the law preventing federal agencies from buying data from data brokers? If it is in fact illegal, there is a law somewhere that says so, can you point me to that?
You're wrong my dude.
Edit: Back to downvoting with no argument, eh? I'm starting to think you're one of these feds trying to gaslight me tbh.
Jesus man, I'm not sitting around waiting to reply to your comments, this is not a real time conversation, this is social media, get used to latency for fucks sake. Yeah sure, I'm secretly a federal agent tasked with spreading evil agendas across Lemmy, whatever.