Ugh. Eye roll on the whole “make the world better”. So few SV products remotely make the world better. The purpose of the vast majority is to make money at all costs. I also disagree with what most people claim is making the world better. All in all, I think social media is a net negative for the world for any good that might be found. Every SV thing after that is just chasing the recketship to the moon dream.
I think a big part of the ability of these shady companies pulling the brightest minds away from more clearly beneficial fields is that important flavors of ideology necessary to motivate people to take less lucrative work have been stripped from "business". There's a lot fewer appeals to art, history, cultural stewardship, or empire-building present in things like transportation, medicine, construction, etc. than there were in the past. Any flavor of "for the glory of God/the nation/the People/the Art" etc. is pretty effectively stripped out of American business, and I think that's the only kind of thing that would motivate someone who could make $250k in Adware to make $100k in something else.
People are now very well-trained to look out for their own bottom line, and take jobs accordingly.
Doing things because they increase some non-monetary value has fallen out of fashion for sure. A colleague of mine recently shared, in a group social setting, a sense of disappointment that his daughter was studying to be a doctor. I was, as far as I could tell, the only one to note that there is practical utility to having doctors.
But the "be part of our mission" was shown to be hollow over and over too. First and foremost, you as an enployee are making the investors and CEO rich. The mission is usually exploiting the employee, even when it's not exploiting the world. Employees have recognized the real social ethic (money over everything) and are just playing the same game. Which is sad.
Ideally the people who see these choices would make alternative choices that will leave their grandchildren better off in the world. It has taken only a generation for the "greed is good" mentality to drop us into this fetid soup.
I think the phrase you called out--"be a part of our mission"--that most corporations (and, mimicking them, government agencies) regurgitate is itself the approach to socialization that causes people to feel less inclined to work for any non-profit reason. "Part of OUR mission" redefines the company as the entity to be loyal to, rather than casting the company as part of society itself. You can't replace constructs that tend to inspire people to heroism and selflessness with a corporate avatar and expect the fabric of society to remain similarly motivated. It does make a set few people a hell of a lot of money in the short term, though.
I have the same question. It did not seem easy for me to find a job where we are at least not writing malware (according to my judgement). But it's far from making the world better :|
I read an interesting newspaper article about how the police confiscated a hired gun's iPhone and found that he ran a search on the city his victim lived in. It is these little digital breadcrumbs that makes life easy for the prosecution.
Seriously if you are going to do illegal things never ever buy a smartphone.
It’s funny how in recent headlines the NSA & FBI have been saying to use secure messaging app. Yet the FBI is infamous for claiming the need for back doors into these encrypted apps. What are we to think of the opposing views? Are they really being benevolent for the citizens, or do they no longer need the back door, or do they have a back door whether intentional or not?
It seems that they have changed their minds about surveillance back doors, after some devastating attacks, where Chinese state actors (among others) used back doors created for compliance with warrants to get in.
But that was the pre-Trump NSA and FBI. Now the Chinese and the Russians just need to get some DOGE volunteer to give them whatever they want, since Elon now has root on all the government payment systems and is too undisciplined to do things in a secure way.
The world is changing fast and reasons for actions may be more complex
and interesting than you assume.
Were they ever _not_ benevolent to US citizens as a whole, even if
misguided? There may be last-ditch attempts to extend benevolence to
US citizens as a takeover looms. If leaks from the Office of Personnel
Management are to be believed, then right now US government is in the
process of a soft coup, being dismantled along lines of political
loyalty. I expect those working in intelligence and law enforcement
who support democracy see the writing on the wall and will act sooner
or later.
Reliable end to end encryption is an important tool for citizens of a
nation that may need to organise in a hurry. We might see new Edward
Snowden type revelations of programmes, naming key people or giving
clear advice not to trust certain US based entities or services. Civil
servants may act professionally as non-politically as they can, but in
the end, if only to protect their jobs, they're going to come down on
the side of democracy.
They're not homogenous organizations. Not sure about the FBI, but AFAIK the NSA has always been in an awkward spot of being split between defensive and offensive missions. It wouldn't be particularly surprising to have one arm going "you should all use encrypted messaging, it's the most secure" while the other arm is frantically trying to break or backdoor said encrypted messaging.
That just sounds like a standard cross-merchant loyalty program? I don't think there are many examples in the US, but once you realize it's a loyalty program you really shouldn't be surprised that they're tracking your purchase history. That's basically the entire premise.
It's the normal term, in that it has been normalized as such. But it is otherwise not accurate except in the barest, most monetaristically self-fulfilling-prophecy way.
So called loyalty programs should be illegal on multiple fronts,
- Privacy: There's obvious tracking of purchasing trends. This derails into selling user data to everyone that makes people increasingly easy to track.
- Customer-dependent pricing / Price-discrimination: This is awful for economy, in econ 101 you learn that business want to charge each customer as much as they are willing to pay, but this differentiated pricing is just getting their hands into everyone's pockets.The free market principles rely on perfect knowledge, and every step made to make pricing harder is an attack against self market regulation.
Price discrimination is not a priori bad. A fixed price with enough margin to support the business may be too high for price sensitive consumers. If you can charge more to less price sensitive consumers, you can, at the margin, make a little bit on these price sensitive consumers, and overall everyone is better off - more consumers are satisfied and their marginal willingness to consume a unit of the thing being sold is more equalized.
There are ways to adequately approximate that kind of price discrimination without detailed tracking though, like giving discounts to students, seniors, and people receiving various kinds of welfare benefit upon showing proof of status.
Yeah it isn’t as accurate as the privacy-invasive kind of tracking, since students and seniors can be wealthy and eligibility for welfare benefits doesn’t always consider assets or gifts from well-off family. But it’s accurate enough to give the economy most of the same benefit without the privacy downside.
I do think it’s fine for people to opt in to more tracking as a separate consent choice beyond merely participating in a loyalty program, for example to get more personalized and therefore more useful offers, but not as a condition of participation to merely receive at least standard offers and accumulate points. That’s how they generally work in Germany.
>I do think it’s fine for people to opt in to more tracking as a separate consent choice beyond merely participating in a loyalty program, for example to get more personalized and therefore more useful offers, but not as a condition of participation to merely receive at least standard offers and accumulate points. That’s how they generally work in Germany.
Sounds like that'll push retailers to switch from a system where they give points/discounts to everyone, to one where points/discounts are "targeted", which of course requires opting into tracking. Like I said before, the whole premise of loyalty programs is that you're being tracked in exchange for rewards. You really can't expect to have your cake (discounts) and eat it too (not being tracked).
my grandmother collected green stamps from the grocery store, which she saved for food discounts.. I don't think that there was any customer ID involved at all..
honestly, describing pervasive tracking of purchasing associated with govt ID as "normal" is .. its a sickness and parts of it are illegal now. It is not required or "normal" at all, from this view
> Sounds like that'll push retailers to switch from a system where they give points/discounts to everyone, to one where points/discounts are "targeted", which of course requires opting into tracking. Like I said before, the whole premise of loyalty programs is that you're being tracked in exchange for rewards. You really can't expect to have your cake (discounts) and eat it too (not being tracked).
As I said, in Germany you can indeed have your cake and eat it too in this regard, if you’re okay with the offers you receive being less targeted and therefore less appealing.
My understanding is that GDPR requires them to offer the option to decline the personalized targeting without being blocked from participation overall, and this is probably the same anywhere in the EU. But I don’t have personal experience with this in other EU countries and could be misunderstanding.
>As I said, in Germany you can indeed have your cake and eat it too in this regard, if you’re okay with the offers you receive being less targeted and therefore less appealing.
The "cake" in this case refers to the offers you had before GDPR came into effect and/or regulators started enforcing it. They might give opt-out people some token offers to appease regulators, but I doubt it'll be anywhere close to the offers they had before.
> They might give opt-out people some token offers to appease regulators
It’s not an opt-out situation. As per GDPR requirements, these programs have a specific opt-in prompt for personalized targeting, separate from the one which is for generally collecting and redeeming points as a member, and it’s not pre-chosen by default.
I think one can assume that many people will decline to opt in, especially in a culturally privacy-focused country like modern Germany and since not opting in is far behaviorally common than explicitly opting out, but also that many others will knowingly consent in exchange for the benefits. So I think they would generally want to give decent offers to both categories of people, since the non-consent group is large enough to matter. Of course the personalized ones would be better, otherwise nobody would want to give that consent.
Myself, I’ve consented to some but not all of the personalized targeting and information sharing from the loyalty programs I participate in here, after reading the descriptions of the requested consents in detail and making a conscious choice. In at least one case I converted a no to a yes after thinking about it longer. It’s good to have that transparency and control, and not to have the legalese surreptitiously remove your right to sue the store should that become necessary as is common in the US (forced arbitration is generally illegal here in B2C agreements).
As for the rest of your most recent comment, I wouldn’t know; I didn’t ever live in Europe before the GDPR.
Yes, this is the reason why it's sort of illegal, but done anyways.
Honestly, beyond paying fewer fees on the bus as a kid, I'm pretty sure I'm being scammed everytime I experience price discrimination.
I feel it's easier to make it illegal and give away reasonable credits to all consumers. I wouldn't discriminate in credits either, I'd rather have public transportation being free for all than claim to save money that society needs to spend anyway.
It doesn't help that lying about the price at any point just makes accounting harder, and creates space for wrong, uncompetitive pricing, or awful deals that would hurt business and society in the longer term anyway.
pricing is all made up to begin with though. your can't take the cost to make an item, add a reasonable amount of profit and that's the "real" price. that's just not the reality of running a successful business. human psychology is far too complicated.
at the end of the day, prices are just a number you make up, and hopefully it's a big enough number that your stay in business. hopefully it's a big enough number that you get rich. but sometimes it's a fire sale and you just end up owing less money to your vendors.
> at the end of the day, prices are just a number you make up, and hopefully it's a big enough number that your stay in business.
The only requirement is to make up a single for all your customers that are getting the same thing back. It'll be made up and account for business factors like risks, profits, etc.
I don't think everyone is better off, at best the "less price sensitive" is unaffected. But then you have to have have some way of stopping arbitrage via the customers paying the lower price through some sort of identity checks or restrictions. I think that's an unavoidable negative outcome and it's not clear that it would always be outweighed by allowing more people to consume the product.
In Germany, the major cross-merchant loyalty program Payback gives you one or two rounds of extra consent choices about the tracking, and the type we see here is absolutely not mandatory for participating. It does of course let them give you more personalized and useful coupons, but one can participate while declining that permission.
Hopefully exclude? By whom? At some point, somebody has to decide it was sensitive, by what standards? Does Bilt decide to not use it after they were already sold the data? Does the aggregator after already been sold it by the harvesting seller? Does the harvesting app reduce the appeal of their data by deliberately excluding the data? Does the harvesting app care to spend the money on doing that?
You might want to discover about sophistication and pervasive facial recognition technology used by major retailers. Paid by cash? It can still be tracked to you. For "fraud prevention", of course.
>Paid by cash? It can still be tracked to you. For "fraud prevention", of course.
They can already track you through your phone and/or credit cards. Why bother setting up a massive facial recognition system for people paying with cash when they only account for 10% (or whatever) of overall shoppers, and have less disposable income than average?
Word of mouth: retailers in China have been using face recognition technologies to identify key customers so that they can be greater by name when delivered their favorite drink upon entering the premises.
The trouble with "word of mouth" is that you can't tell whether something is actually real, or vaporware that some account executive dreamed up to close a deal.
I agree, which is why I qualified it. I was working at a retailer, building it's cloud systems at the time. It was told to me by a colleague who claimed to be told that by a peer from China at a conference.
Facial recognition on a small corpus of known faces (what everyone experiences on Facebook, their phones, etc) is an easy problem.
Walmart picking up a face walking into a store and matching it against 30 million possibilities is going to return so many false positive matches it’s going to be completely useless.
Facial recognition is illegal where I live, both for gov't and commercial uses. Several major cities in the US have banned it (e.g., San Francisco, Boston, etc.).
Is there any documentation on this to read further? I.e. what the different levels contain and how much on average is the cost reduction for the merchant.
The cost reduction is very small, it’s applied to interchange fees. I’ve been directly responsible for implementing this functionality on payment gateways for multiple processors because it helps reduce fraud holds as well.
Separate question, what are your ethics around the surveillance of Americans' economic activities by private actors? What "rights" are relevant in this space and which do you subscribe to?
I'm not going to debate you about anything, I just don't get the chance to ask insiders any of these questions.
My ethics are “this is unequivocally wrong without consent”.
Thankfully my work was on payment products that serviced businesses and government entities, so I did not really have to deal with that moral quandary.
However it gets muddier in other spaces as well. There are types of cards, like HSA/FSA that require something similar to level 3 data called IIAS that is used to determine what parts of your purchase are eligible. In the parts of the systems I have worked with, this is covered by HIPAA, but I have no idea if there are “clever” methods to sneak that data out of the chain elsewhere.
It makes me wonder, if everyone 'owned' their own data, I wonder if it could be used as a form of UBI. Everyone has data from using services, everyone owns it, everyone can sell it to make a living just doing whatever they are doing everyday.
This is only just a shower thought I had the other day though, there are probably many pitfalls when it comes to such an idea.
Unlikely. I'd think the most valuable data is generally the type that can be used to extract money from you. Targeted ads and such. So, your data's value would increase in proportion with your spending power.
Honestly the path to "UBI" is probably just socialized/subsidized basic needs.
Build masses of government housing, make a healthcare public option with sliding-scale costs, and you're 90% of the way there - food and decent low-end broadband are frankly already cheap enough for the government to cover with maybe some "Don't gouge Uncle Sam or else" clauses and that's about everything.
I don't support UBI but that's a fascinating idea. Unfortunately the data is worth micropennies in the individual, so only worth something in aggregate, like a class action settlement where you end up with a cheque for $0.34 for damages which makes it not even worth your time, it'd only be good as the backdrop for a science fiction novel or as an experiment by a YouTube video by a well known creator to see how little money it would make. I would read the hell out of that book and watch that video tho!
IDK, I think almost all interesting data has no obvious single owner, because it gets created as a side effect of an interaction between two or more parties.
Take the transaction information from example above. The record of you buying products X, Y, Z for total t=x+y+z at time T, with card C - both you and the store could argue they're entitled to it. It's about you and money you spent and products you received, but it's also about them and the money they received and the products that were taken off their inventory. Then the card issuer will interject saying, "hey, the customer uses a card we provide as a service, so we're at least entitled to know which card was use to pay, to whom, when, an what the total amount was!". Then both yours and stores' banks will chime in, and behind them, also the POS terminal provider.
Truth is, they all have a point. We like to think that paying for groceries with our watch is like a medieval peasant paying for fruit with metal coins at a town market. It's not. Electronic payments always involve multiple steps handled automatically, in the background, by half a dozen service providers linked by their own contracts and with their own legal reporting requirements, and each of them really do need to know at least some details about the payment they're participating in.
A simpler example: this comment. It's obviously mine. It's also a response to you, and it only makes sense in context of the whole subthread. Should anyone reply to it, they'll gain a stake in it, too - and then, arguably, everyone following this discussion have a right to read it, now and in the future. After I hit the "Reply" button, I can't in good conscience claim this comment is mine and only mine. This is why I'm personally against the practice of unilaterally mass-deleting of comments on open discussion boards, like e.g. plenty of people do on Reddit, forever ruining useful discussions for the public.
(It's also why I like HN's approach to GDPR, which is, you can get your account disassociated from your comments, and you can request potentially identifying content be removed, but the site won't just mass-delete your comments automatically.)
Connecting information to that kind of personal gains sounds dangerous. There is probably non-negligible abuse potential, like college kids legally printing money at weird scale.
You will never generate enough money from information about your consumption to fund your consumption. Obviously there's other data, but you get the point.
UBI isn’t meant to fully fund consumption. It’s “basic” income such as rent or groceries. I will accept that consumption data doesn’t cover consumption and that the value is already priced in but I don’t accept that it has no value or that UBI is meant as complete income replacement.
This is fairly easily answered through legislation like the GDPR which classes this data as personal data if it’s associated with an identified or identifiable person.
A legislative body writing something down doesn’t mean society has agreed to it.
If someone journals and writes down everyone they met with locations and dates, they will laugh you out of the room if you tell them they are violating GDPR.
This also leads to stupid shit like people not being sure if they can point a camera at their driveway to catch vehicle break-ins.
Finally, classifying something as “personal data” because it’s about me still doesn’t make it “my data”.
Health data in the US is strictly regulated, very personal, but is definitely not mine. I cannot remove things from it or prevent it from being shared between healthcare institutions.
Or phrased less inflammatory manner: "Corporations can enter into contracts and engage in legal action just like people can". Even the much maligned Citizens United v. FEC basically boils down to "groups of people (corporations or labor unions) don't lose first amendment protections just because they decided to group up".
Except not everyone in a corporation has the right to speech. I'm prohibited by my employer to say anything on the company's behalf, but the C-suite and board are able to speak on my behalf. So, the company's leadership has a right to free speech, I don't.
>Except not everyone in a corporation has the right to speech. I'm prohibited by my employer to say anything on the company's behalf,
Yeah, that's how organizations typically work? You might have "freedom of movement", but that doesn't mean you can work in your CEO's office. Organizations also limit who has access to its bank accounts, but that doesn't mean it's suddenly illegitimate for companies to engage in transactions.
You still have that right; you simply entered into a voluntary agreement with your employer not to exercise it in exchange for money. Happens all the time.
Let's bring back indentured servitude, you have a right to not be a slave but you should still be able to enter into a voluntary agreement not to exercise that right.
That’s a facetious reply and you know it. Agreeing not to say certain things is practically a universal requirement of employment, for example, to preserve trade secrets. And indentured servitude is illegal.
That's just life. Modern society obligates us to do things like feed, clothe, and house ourselves; they aren't just going to result because you exist. Getting a job is an sacrifice we make to fulfill those other basic obligations.
To discuss further would require us to go into the rabbit hole to debate whether capitalism is the right structure for society, but so far, everything else that's been tried has been worse.
In theory you’re already paying the merchant fee in the “price”. So merchant found a way to improve margins and credit card companies found a new revenue source
Unfortunately the GDPR is largely toothless if a company without an EU presence chooses to ignore it.
I live in Ireland and my data is in the databases of several US data brokers. Thise conpanies can't be forced to to comply with the GDPR because they simply do not have an EU presence. You don't have to search far to find stories from people people who made complaints to their local Data Protection office about such issues only to be told there's nothing that can be done.
HN rants about it because it’s not a good solution. It identified a problem but caused an idiotic fallout (cookie banners) and failed to actually put in a framework to enforce that companies aren’t just lying.
> failed to actually put in a framework to enforce that companies aren’t just lying.
That's not true. I work in an European company and we were contacted by the agency to give a complete list of partners that we use, reasons for why it is justified, which routines we have for deleting old data etc.
I guess in theory we could have lied and made up data, but only an idiot would risk lying to the government. Everyone at my company took it seriusly and tried to provide as accurate data as possible. There were also several follow up questions that had to be answered.
The mindset of lying to the government to "protect" your employer seems so far fetched. Why should an employee lie to the government? If it turns out that the company was in violation of GDPR the worst case scenario for the company is a fine. If the government finds out you are lying, the employee faces jail time. The trade-off is simply not worth it.
Maybe it's easier to lie to the government in some countries, but not in my country. The government agencies actually checks and verifies your claims.
The lie doesn’t have to be intentional. All it takes is a really simple accidental debug logging flag to collect what amounts to a GDPR violation.
The point is that no effort was made to implement a technical solution to protect privacy. So it’s upsettingly trivial to violate the GDPR unknowingly and any company that is even a little unscrupulous (of which there are hundreds) can easily ignore the law.
> The point is that no effort was made to implement a technical solution to protect privacy.
And you want the government to do that?
Why haven't the companies who at every turn shout how privacy conscious they are haven't done that?
It's now been 8 years of GDPR. Why hasn't the world's largest advertising company incidentally owning the world's most popular browser implemented a technical solution for tracking and cookie banners in the browser? Oh wait...
Yes, it’s their job. Building codes have technical specifications and don’t allow people to opt out. Airspace is very tightly regulated with technical specifications.
> Why hasn't the world's largest advertising company incidentally owning the world's most popular browser implemented a technical solution for tracking and cookie banners in the browser? Oh wait...
Because the government is the thing that is supposed to produce useful regulations, not an advertising company.
GDPR is like trying to solve smog by passing a law that says people can opt out of smog by staying out of the city. No regulations to actually reduce smog.
I’ve had to deal with Bilt [0]. In case you’re not aware, they have a “feature” called Instant Link that automatically pulls ALL of your personal and sensitive financial data from financial institutions, including your credit card accounts, balances, etc. They apparently do this via a partnership with a company called Method Financial [1].
It’s frankly the most intrusive thing I’ve ever encountered in any software I’ve ever used—I’m not sure how it’s even legal, but this is America where we have no real privacy rights.
Instead of giving you the option to opt in for them to get this level of access, they automatically enroll you into it when your account is created, pull your data, and then allow you to “opt out” afterward, which enables them to have access to your personal and sensitive financial data anyway. And since you literally must have an account with them if your building uses their services for rent payments, they’ve effectively rigged the system to force millions of folks to unknowingly give them access to their personal and sensitive financial data.
Anyway, in your Bilt privacy settings, there are some options you can disable (including Instant Link), and I recommend that you disable ALL of them, although given the dark practices of this company, I don’t even trust that those settings are actually honored.
Side note: Did you know about a company called Method Financial that somehow has real-time access to ALL of your personal and sensitive financial data? Did you know that this company you never heard of that has said access then sells that access to the highest bidder? Do you remember agreeing to any of that anywhere? Yeah, me neither (on all counts)…
Thanks for the heads up. Luckily I can go back to analog with certified funds to pay rent. I suspect, without evidence, this is due to the relatively strong tenant protections in Chicago.
What's most interesting to me about that is that they are willing to disclose that data to your email provider. Amazon, for example, is pretty cagey about what you've bought when sending emails, probably because they don't want Google to be able to use that information to target ads to you. (Not because they are Good and care about your privacy, but because they think they're going to beat Google at advertising. How's that going?)
So yeah, I don't get why they would do this. It gives their advertising competitors valuable data for free, and it pisses off customers by telling them that they're being tracked when they shop at Walgreens. Strange stuff.
Oh, here I thought it was because every time I want to remember info about an order, it forces me back to their platform, rather than simply searching my email like I do for every other item I've ever purchased.
I believe that's opt-in. At least it seemed to be when my landlord switched to Bilt.
There's a section of your Bilt profile that shows your other credit cards and whether you want them linked. It's pretty freaky to see them listed in the first place.
I definitely keep them off.
Bilt is ultimately a big points/reward program though, so you might get points for having them connected.
I still haven't figured out exactly what Bilt's business plan is, but the main part seems to be trying to get as much financial data on people as possible, and partnering with landlords to do so, and since it's how to pay your rent you can't unenroll completely. (Unless you maybe mail your landlord a paper check?)
It was initially opt in for me, then they made it mandatory.
(Sure, I could pay by check but consumer banking technology/US in the US already feels like is is lagging a decade behind other countries without voluntarily going further back. Paying by check every month would be quite inconvenient.)
I'd already decided to avoid bilt as much as possible, but reading this thread prompted me to try going a little further.
> Request to Know... The specific pieces of Personal Information we collected about you.
> You have the right to opt-out from having your Personal Information and Sensitive Personal Information sold to third parties. You also have the right to opt-out from having your Personal Information and Sensitive Personal Information shared with third parties for purposes of cross-contextual advertising
Loyalty cards are one avenue for data brokers to get your purchase history. Credit cards can also sell your purchase data. Currently the only safe-ish way to be anonymous is with cash. That may disappear with pervasive face recognition and cell phone tracking.
That's what I do, but I assume some stores like Target also track you by Bluetooth, facial recognition, etc, and can correlate any past or future cash purchases if you use your credit card once for maybe a large innocuous purchase.
I'm assuming you're using your Bilt card when this happens.
Your Bilt agreement stipulates how itemized transaction data (level 3 in payment terms, with level 2 being "enriched" with subtotals/tax and merchant information- which is what you typically see with your normal bank)
Card networks (Mastercard, VISA) have different fee structures that incentivize more detailed information like level 3 for lower processing fees for merchants - here's more details on levels https://na-gateway.mastercard.com/api/documentation/integrat...
This literally just happened to me last week. I emailed them to ask them how to stop this:
> I understand you want to opt out of all points and rewards and not be tracked.
>
> We're constantly working to make Bilt as rewarding as possible. Currently, we don't have an option to opt out of points or rewards. To prevent your transactions from being tracked, the most effective step is to unlink your card from your Bilt account.
>
> To unlink the card:
>
> Go to the Wallet tab > Scroll down to the Your Linked Cards section.
> Look for the card you would like to unlink and tap View all benefits.
> Click the ellipsis [:] on the top right, then tap Edit > Unlink.
Gah, I hate this service and will avoid renting on buildings that use it in the future.
What’s most strange to me is why this Bilt company would pay for that data feed and somehow think it provides some value to you. It’s obviously just creepy way of saying we know too much about you
This happened to me with square (block). I bought furniture, and they used square and required my email address for delivery. And then after that, anywhere I used square to pay for something using the same card, they would email me a receipt. I complained and they played dumb and never did anything.
What if landlords could reach their grubby hands into the data firehose their tenants spew out? I can save 5% on some useless shit at X store, you say? Sign me up!
Bilt as a concept is the biggest pile of late stage enshittification horse shit I’ve ever seen.
The browser has less access to your system, and usually only if you give a specific website permission to use these features. Mobile operating systems are slowly changing that though.
what should imply checking available web apis? the comments is correct, browser can't access your location without explicit confirmation from the user, the same apply for other web apis, or at least mention a bunch of them which you know don't apply instead of linkin MDN
The more APIs available for JS to interact with, the more granular and detailed browser fingerprinting can be. For example, how your browser renders WebGL can differ depending on what graphics card (and drivers) you have. The resulting values can be read back and stored to create a detailed fingerprint of who you are -- this could potentially be done by Google Fonts or AdSense or any number of the countless ad and analytics frameworks loaded on basically all websites.
Browse the source in the following directory to see a plethora of examples of how web APIs are used to fingerprint users -- and this is just one publicly-accessible library we can easily review the source code of (proprietary, obfuscated ones likely use additional methods): https://github.com/fingerprintjs/fingerprintjs/tree/master/s...
One example used in multiple places in the above repo is "matchMedia"[0] which was a Web API method added a while ago (well, many years ago) to give a programmatic result of whether a given CSS media query matches or not. This can be used to detect, for example, user preferences like whether the display is HDR-capable[1], or the Accessibility setting "reduce motion" is enabled[2].
what is contained in the latest js standard that does let you collect fine grained information of your users without their consent? web apis that have to deal with sensitive data all requires explicit user confirmation to be used
At least on android the browser is limited by the android permission system, i.e. if you dont give browser GPS permissionit cannot give pages dito. In addition the browser will ask if you want to grant an app access to something like positioning data.
Furthermore, it is hard for a web page to run in background and receive user data.
>If it was LTE, I bet the lat/lon would be much more precise.
False. Apps don't have access to cellid information unless they also have location permissions, in which case they can just request your location directly.
>the free apps you install and use collect your precise location with timestamp [...]
This is alarmist and contradictory given that the author admits a few paragraphs up that the "location shared was not very precise". It might be possible for the app to request precise location via location services, but the app doesn't request such permissions (at least on android, you can't check for requested permissions on iOS without installing the app and running it), so such apps are most definitely limited to "not very precise" locations.
>At the same time, there is so much data in the requests that I'd expect ad exchanges to find some loophole ID that would allow cross-app tracking without the need for IDFA.
At least in theory they're not supposed to do that, but it'd be hard to enforce.
"If a user resets the Advertising Identifier, then You agree not to combine, correlate, link or otherwise associate, either directly or indirectly, the prior Advertising Identifier and any derived information with the reset Advertising Identifier. "
"Precise" has a specific meaning for iOS Location Services and this ain't it. Presumably it's just doing IP geolocation which could be the same post code, or it could be the wrong city entirely. I'd expect it to be much worse on LTE than WiFi.
>Eh. Zip code level location + timestamp is still pretty invasive, even if, pedantically, that’s not very precise.
That's basically sent to multiple parties (ISPs, transit providers, CDNs, analytics/advertising/diagnostics/security vendors) everytime you visit a website. If this counts as "invasive" to you, you shouldn't be connected to the internet at all, much less buying a tracking device (a smartphone) and installing random ad-supported apps on it.
Cell carriers will gladly sell that information to apps. You can make calls to them over the cellular network (even if Wi-Fi is active!) and they will hand it back to you. No location services is required to do this.
A long time ago I had the idea to create an 'accountability server'. The high level idea was for it to generate unique credentials so that you could track to the source who sold your info. There are some ways to do that now, but I wonder if it is time to start exploring that idea again. If you exposed it as a VPN/proxy+app that ran on a server in your home, so that you could collect your own data and provide unique credentials on account creation, then I wonder how much that combination could figure out. Since it could act as a man in the middle it potentially could annotate credential source and see the ads and potentially track them to source. "This male enhancement pill ad is linked to your tire purchase." There is a lot of hand waving here, but I wonder if something like this could be built. The first step to stopping things like this is showing people who did it to them.
Wouldn't this require access to bid side data? The OP mentions it's pretty easy to get, but any company using this to expose advertisers is going to get their access cut off pretty fast. As the saying goes, "snitches get stitches".
My thought here is that there is likely a lot of leaked data on ads themselves, that is one of the reasons why you would need the VPN/proxy. Additionally you could (potentially) create fake browser fingerprint credentials on the fly to feed sites and have the VPN/proxy track the ads that show up for those credentials. (other credentials like email and the like could also be created by the app for you) You don't see the bid data, but you may be able to control the tracking that spurs it and you can see the results of it so a setup like this could likely make some inferences.
I don't know this industry well and the tech here has long sense eclipsed me so I really don't know what is possible but I imagine there are possibilities with this setup.
Only if you don't turn WiFi off. To my understanding even the "soft off" option present in iOS stops the phone from beaconing, and just listens in order to collect data for building augmented location services. I don't know what the Androids do. These days both of them also offer randomized MAC address to curtail such tracking.
With GPS off, location can triangulated from cell tower usage to within 3/4 of a square mile (smaller uncertainty in urban areas where cell towers are closer together). I'd heard before that some data brokers do this, but in this article the writer mentions reverse DNS lookup on IP addresses, which they mention is less precise (ZIP-code level).
Android for sure, since version 8 I'm certain but probably even 5 or 4.x (so 10+ years ago)
Always annoys me when I want to use a WiFi scanner to determine the range of an access point in different locations for example and it needs me to turn on location access first before it can get WiFi data. The open source app doesn't have an Internet connection so there's no way for it to send back data to the mothership even if it had an SSID database baked into the apk. For me, and traditionally, the location switch is to turn on or off energy-hungry GPS hardware, not gatekeep when I trust apps to collect my location. I can set those to "only while in use", deny their Internet access, or just not install them if I don't trust them with the location permission
But all it takes is one app with that permission to tie you to all the others. And there are always apps that need your location at some point to provide useful data. At this point I’m not sure there’s any single app I trust.
Everything listed changes way too often to be useful for tracking. My guess is that it's for anti-fraud purposes. Someone setting up fake devices and/or device farms is likely to get similar values, which means they can be detected via ML or whatever.
> screen brightness, memory amount, current volume and if I'm wearing headphones
None of those are likely to change when you navigate from one website to another, with tracking/ads disabled, which is what they want to be able to track. Otherwise they'd just use their cookies.
One device visits a site where you sell ads. A minute later, an unknown device with identical battery, volume, headphone, brightness, model number, browser version, and boot time to the second arrives on another site you run ads on. There's a pretty good chance they're related, because the odds of all those being the same plus those two sites and recent timings involved is rather low: https://coveryourtracks.eff.org/
Plus it doesn't have to be perfect. It just has to be good enough in bulk to sell.
It would be amazing if you could build and send fake profiles of this information to create fake browser fingerprints and help track the trackers. Similarly, creating a lot of random noise here may help hide the true signal, or at least make their job a lot harder.
Unfortunately fingerprinting prevention/resistance tactics become a readily identifiable signal unto themselves. I.e., the 'random noise' becomes fingerprintable if not widely utilized.
Everyone would need to be generating the same 'random noise' for any such tactics to be truly effective.
A sufficient number of people would need to, not everyone. And if I were the only one then tracking companies wouldn't adjust for just me. Basically, if this were to catch on then ad trackers wouldn't adjust until there was enough traffic for it to work. Also, that doesn't negate the ability to use this to create fake credentials that aids in tracking ads back to their source.
Here's a real-life example:
You show up alone at the airport with a full-face mask and gray coveralls. You are perfectly hidden. But you are the only such hidden person, and there is still old cam footage of you in the airport parking lot, putting on the clothes. The surveillance team can let you act anonymous all you want. They still know who you are, because your disguise IS the unique fingerprint.
Now the scenario you're shooting for here is:
10 people are now walking around the airport in full-face masks and gray coveralls. You think, "well now they DO NOT know if it's ME, or some terrorist, or some random other guy from HN!"
But really, they still have this super-specific fingerprint (there are still less than 1 person in a million with this disguise) and all they need is ONE identifying characteristic (you're taller than the other masked people, maybe) to know who's who.
Swapping fingerprint details is different than your example since it happens immediately and out of view. You could change fingerprints very often/create a new set for every browser tab. Additionally, as I pointed out before, they won't adjust until there is enough usage and when there is enough usage then the random settings are hard to distinguish because it isn't 1 in 1m. I get that they will keep trying to track down things that make browsing specific, but that is what updates are for. We need to at least make it hard.
I think this is a slightly different case no? If the ad network is using a very high precision variable to soft-link anonymized accounts, then randomizing the values between apps should break that.
Your analogy applies more to things like trying to anonymize your traffic with Tor, where using such an anonymizer flags your IP as doing something weird vs other users. I’m not convinced simply fuzzing the values would be detectable, assuming you pick values that other real users could pick.
I'm sure the ad networks do a lot more than use high precision variables for soft-linking.
These are professional networks with a ton of capital thrown behind them. They have pretty decent algorithms, heuristics, etc; and you don't make money (compared to the other data correlation teams) if you do simple dumb stuff. I'm certain they take into account those trying to be privacy-conscious, if only to increase their match rates to be competitive.
It's kind of how people used to make fun of the CIA types and "undercover" operatives.
Look for the guy wearing a conspicuously plain leather jacket and baseball cap. "Why hello there average looking stranger I've never met. Psss, 'tis a fair day, but it'll be lovelier this evening.'" "Oh ... it's Murphy the spy you want."
Also, found out the CIA declassified a bunch of jokes several years back in searching to respond. [1] Most are already dead links on CIA.gov, yet there's a few remaining. Nother one on people commenting on the CIA. [2] "These types are swin- Ask in Langley if they work for the CIA. Every- Ask in Langley. They will tells one knows them." 'You, it's the big building behind.'
The garbage in the last sentence of this comment is due to the second link including incorrectly OCR'd text from an image of a newspaper using a two column layout. Both links are very amusing.
Unfortunately the fox is building the hen-house. They 'should' build products that improve my experience but they have very little incentive to do that when they get paid so much for the data they can extract. What would actually do it is regulations similar to financial regulations. OS/browser companies shouldn't be allowed to do business with data brokers. Then they would have one primary customer, the consumer, and competition would focus on the correct outcome. But 'regulation' is an evil word so we aren't likely to see anything like that actually happen.
It's also useful for making ads more effective & manipulation overall. As long as you can connect the data you track & buy, you can use Thompson sampling. In fact, why would we think knowing the name of a person is anything but bad business?
Technically, information are the bits you DON'T know. Once you know the bits, it isn't "information" in the Shannon sense, in that it takes no energy to reset a message if you know all the bits, but takes N-units of energy for N unknown bits of information. (See; Feynman's lectures on computation)
Combine this with IP, timestamp, and some behavioral patterns, and you’ve got an extremely robust tracking mechanism that operates outside of explicit consent mechanisms.
I believe some apps actually have to automatically brighten up your screen when displaying a QR code for scanning, and then reduce back the brightness of its previous setting when moving out of the QR code.
I believe the Whole Foods app does this for its first screen.
I'm in this industry, and I have knowledge about this.
It's important to point out that it takes a long time for uptake of new versions of ad SDKs. The general assumption is that it takes about 6 months after release of a new version for 50% of ad traffic to come from that version or newer. Also, for every version you release, approximately 1% of traffic will never upgrade past that version.
In that kind of world, over-collecting data makes sense, especially if you think nobody will ever find out. Like total / and free disk space. There's no good reason to need those, right? But let's say an advertiser comes to you and says "we want to spend $1M / day to advertise our 10GB game, but only to devices that could install it." All of a sudden it's useful to know that a device only has 8GB of disk space, or only 100MB of free space.
So OK, if we didn't collect disk space, now it makes sense to collect disk space. Let's add it to the SDK. It takes a month or two to release a new version of the SDK. 3 months to get any meaningful traffic from it, and another 3 months to get up to 50% of your traffic. Assuming the ramps are linear, 4 months of 0%, and then 3 months of ramping to 50%, 30 days per month, you'll make $22.5M in the first 7 months. But if you had the logic in there to begin with, you'd have made $210M during the same time period. That makes it an easy choice for the business folks.
There are answers to this, but they all have drawbacks. You could limit data that ad agencies can collect. This reduces the value of ads. And agencies have learned that some data (like location) is low-value and high-risk, so they're removing the ability to supply it. I think it'd be better to support a model where ad code can be updated independently of the app. This way we could push out bug fixes faster, and could remove our just-in-case collection, but Apple has no signs that this is coming soon, and Google's answer has been such a shit-show that we aren't considering it viable over the next 4 years.
Edit: To address screen brightness specifically, it's a very rough proxy for age of the user.
> But let's say an advertiser comes to you and says "we want to spend $1M / day to advertise our 10GB game, but only to devices that could install it."
I don't want to call you a liar, but having seen ads that are presumably targeted at me, it feels like a total fiction to say that anyone is actually capable or interested in doing this.
I get advertisements for just absolute nonsense garbage that has no bearing on my life, and no bearing on anything that could have possibly been collected from my device.
The closest thing is that when I was in Mexico for a week, some of my podcast pre-roll ads were in Spanish. (Which, I should note, I do not speak fluently enough to even understand.) Even now, the occasional ad I'm served on a podcast is in Spanish.
And that's it. They saw that my IP came from Quintana Roo, and (somewhat reasonably) decided that I need to hear Spanish-language content. Even when I physically moved back to the United States.
The mobile ad industry is weird, and has some perverse incentives. Good games don't advertise (they don't need to). Games that hook the users just enough that they can show them more ads tend to plow that money right back into advertising to get more users. Those are the ads you see 99% of the time, and they're not really targeted. They're just people who know that the average 15 second interstitial will net them $0.006 in revenue, so they bid for it at $0.005.
Are there whales that spend $1m / day in advertising. Absolutely, 100%. Are they running at all times? No. We typically see that kind of spend from a single advertiser around 30 days out of the year. They're short campaigns, typically around a launch of a big title, and they always try to target as narrowly as they can to maximize their impact.
You're right about it using IP geo-location to guess where you are and what language you want. We also use that to determine if we should show you the GDPR disclosures. But try looking at ads on a Xiaomi phone versus a Samsung and you'll see a different set of ads, because one of those purchasers tends to have more disposable income.
May be Steve Jobs was right all along. We dont need Smartphone with App Store. Either 1st Party Apps and Everything else should be on Browser or Apps that uses Browser Engine.
A while ago a co worker told me "why would you care about your privacy? all my data is already out there anyway and what can even be done with it anyway".
What would be the ideal response to such an absurd comment? At the time I found it hard to answer because she surprised me with that opinion.
Edit to note: the explanation should be compatible with a professional context. I don't want to scare my co workers or appear crazy/paranoid.
Seriously, anyone who ever says they have nothing to hide, show them this story.
"A Redding Police Department officer in 2021 was charged with six misdemeanors after being accused of accessing CLETS to set up a traffic stop for his fiancée's ex-husband, resulting in the man's car being towed and impounded, the local outlet A News Cafe reported. Court records show the officer was fired, but he was ultimately acquitted by a jury in the criminal case. He now works for a different police department 30 miles away."
There are a few examples I use when I hear such ignorant statements:
1. Not caring about privacy cuz you’ve got nothing to hide is like saying you don’t care about freedom of speech cuz you’ve got nothing to say.
2. If you don’t care about privacy, why don’t you poop with an open door, for everyone to observe?
Because I don't want to rest of the house to smell?
A different argument that appeals to some is that you might not have something to hide, but what about the people who do? For the greater good of society, whistleblowers are needed to expose malfeasance by the corrupt and it's going to make it much harder for any of them to come forwards if their reward is literally exile to Russia. If you're in support of a slow slide into dystopia, go ahead and argue against all privacy. Whether a given situation rises to that level is an different but adjacent topic, but appealing to something some people can believe in, such as not letting the rich and powerful get away with being utterly corrupt in their dealings is a way to find common ground, with some. not everyone cares about that though, but it's an additional argument for privacy.
The problem is, I could not formulate anything in this way in a professional setting. I want my co workers to understand because I feel a bit uneasy working with people who do not but I also don't want to scare them.
Losing privacy makes you more vulnerable to economic exploitation (price discrimination, salary negotiation, insurance premiums, etc). Therefore protecting your privacy is a form of economic self-defense.
Just ask for their email password and see what they say. Usually though this comment is just them trying to change the subject because very few people know or care about any of this
Whilst I trust that the author did in fact look at the data of each request eventually, the screenshot they provided of Charles could not have been of the exact requests they intercepted given Charles is indicating that those are not yet SSL proxied (except for the 2 GET requests).
EDIT: please ignore, author did it differently to what I expected.
This technique doesn't work anymore on android because you can no longer add certificates to the system store and apps are free to choose to accept the user store CAs or not. That was changed in Android 7. For "security" they say. Security of Googles business model I'm sure.
I'm really happy to see this level of detail and research. So many privacy-related articles either wholly lack in technical skill, or hysterically cannot differentiate between different levels of privacy concerns and risks.
People commonly point to Mozilla's research regarding vehicle's privacy policies. (https://foundation.mozilla.org/en/blog/privacy-nightmare-on-...) But that research only states what the car company's lawyers felt they must include in their privacy policies. These policies imply (and I'm sure, correctly imply) that your conversations will be recorded when you're in the vehicle. But, they never drill down into the real technical details. For instance ..... are car companies recording you the whole time and streaming ALL of your audio from ALL of your driving? Are they just recording you at a random samples? Are they ONLY recording you when you're issuing voice commands, and the lawyers are simply hedging their bets regarding what sort of data _might_ come through accidentally during those instances? Once they record you, where is the data stored, and for how long? Is it sent to 3rd parties, etc? Which of these systems can be disabled, and via what means? Does disabling these systems disable any other functionality of the vehicle, or void its warranty? Lastly, does your insurance shoot up if you have a car without one of these systems? etc ...
The list of questions could go almost indefinitely, and presumably, would vary strongly across manufacturers. So much of the privacy news out there is nothing but scary and often not very substantiated worst case scenarios. Without the details and means to improve privacy, all these stories can do is spread cynicism. I'm really glad to see this level of discourse for the author.
I'll answer the, "Does disabling it void your warranty?" question. The answer is almost always "no". Unless the modification you make to something actually directly or indirectly caused damage to it, companies in the US cannot "void the warranty".
Those aren't questions that have fixed answers. The data available is pretty far beyond what I'm personally comfortable with though.
One OEM I'm familiar with had such a policy. My org determined that we needed a statistical reference to compare against within a certain area. Some calls were made to the right people and shortly after we had a (mildly) anonymized map of high precision tracks for every vehicle of that brand within the area over some period.
> Lastly, does your insurance shoot up if you have a car without one of these systems?
This question I can answer with a reasonable degree of certainty; no, it does not.
Insurance companies increase rates for automobile coverage for many reasons, real or illusionary. But "does your insurance shoot up" strictly for not having a recording device in a vehicle is not one of them.
Do some insurance companies charge less when provided access to policy owner driving patterns which the companies infer reduce their risk? Sure.
> Do some insurance companies charge less when provided access to policy owner driving patterns which the companies infer reduce their risk? Sure.
> But that is a different question.
In what way? A discount for allowing surveillance is identical to an extra charge for disallowing it. They're identical, unless the "base" rate is set externally somehow.
$5 for lemonade, $3 off if you skip the lemon == $2 for sugar water, $3 extra to add lemon.
That "better" analogy is a restatement of "$5 for lemonade, $3 off if you skip the lemon."
> In this case, the discount is "opt-in."
The base price is not a force of nature. $5 with the option to opt-in to a $3 discount sounds great, until you realize that just a month ago the price was $2 by default. They raised the default by $3, but allowed you to opt-out of that increase. Whether you label that "opt-in" [to the discount] or "opt-out" [from the increase], you end up in exactly the same place.
> A discount for allowing surveillance is identical to an extra charge for disallowing it.
I don't think this is necessarily true. You're right that there's an unknown base rate, but that means you can't say what you're saying as well. And if you have other companies that offer non-driving-pattern policies as well, and they're a similar price, you can see it's a discount not an added cost.
In fact, regardless, other companies are your best bet in combatting rising prices for any reason.
Yes. That is what "...unless the base rate is set externally somehow" means.
It is different initially, when only one company is offering the "discount" and they have not yet adjusted their base price upward. In fact, the people who want the discount will presumably flock to their service, which may even mean they won't raise the base price all the way up if it makes their costs lower. But if that works, the other companies will follow suit.
In short: there's a period of time when there's a difference, and you have a real choice. If the difference is real, it will get locked in to the entire industry. It's a positive economic profit, and those go away.
Would be interesting to know how much data leaks on a new iPhone with some of the iOS privacy settings enabled and a handful of popular apps installed (WhatsApp, Instagram, Google Maps, Uber, etc).
And then if you use a commercial VPN with DNS ad-blocking enabled, how much more does this help?
Basically, all these companies, ad networks, data brokers, big tech with absence of basic privacy laws (not to be confused with 4th amendment that binds Fed and State gov only, but does not restraint companies) act with wilful conspiracy with US government regulators, washing each other hand like a monopoly. This data gets enriched and collided and is perpetually on a permanent record.
> There's no "personal information" here, but honestly this amount of data shared with an arbitrary list of 3rd parties is scary.
Why do they need to know my screen brightness, memory amount, current volume and if I'm wearing headphones?
Screen brightness, boot time, memory, and network operator could probably fingerprint any device all by itself.
Kind of a joke, but it could be useful for determining if they should serve light-mode or dark-mode ads. But I suppose they could just detect if dark/light mode are enabled.
Automatic brightness probably helps honestly. It could help confirm whether someone is in fact in an area that has high levels of lighting around them (e.g., in a store, at a beach on a sunny day, etc.)
Everything little piece of data that is gathered and used can help even if it isn't immediately apparent.
Now I could be wrong on this, but I feel like advertisers don't need to know something is true about a user, they just need to be confident something is true about a user and that's where data points like screen brightness can be of help to them.
627 comments
[ 2.8 ms ] story [ 354 ms ] threadBecause devs have to eat in order to survive?
People are now very well-trained to look out for their own bottom line, and take jobs accordingly.
But the "be part of our mission" was shown to be hollow over and over too. First and foremost, you as an enployee are making the investors and CEO rich. The mission is usually exploiting the employee, even when it's not exploiting the world. Employees have recognized the real social ethic (money over everything) and are just playing the same game. Which is sad.
Ideally the people who see these choices would make alternative choices that will leave their grandchildren better off in the world. It has taken only a generation for the "greed is good" mentality to drop us into this fetid soup.
Also if you haven’t heard, the US government is currently a shit show right now run by Musk as far as employment
Seriously if you are going to do illegal things never ever buy a smartphone.
It's far more likely they just looked at his browser history rather than doing some skullduggery with databrokers or whatever.
NSA Warns iPhone and Android Users–Disable Location Tracking https://news.ycombinator.com/item?id=42713536
Hackers Claim Breach of Location Data Giant, Threaten to Leak Data https://news.ycombinator.com/item?id=42627336
But that was the pre-Trump NSA and FBI. Now the Chinese and the Russians just need to get some DOGE volunteer to give them whatever they want, since Elon now has root on all the government payment systems and is too undisciplined to do things in a secure way.
Were they ever _not_ benevolent to US citizens as a whole, even if misguided? There may be last-ditch attempts to extend benevolence to US citizens as a takeover looms. If leaks from the Office of Personnel Management are to be believed, then right now US government is in the process of a soft coup, being dismantled along lines of political loyalty. I expect those working in intelligence and law enforcement who support democracy see the writing on the wall and will act sooner or later.
Reliable end to end encryption is an important tool for citizens of a nation that may need to organise in a hurry. We might see new Edward Snowden type revelations of programmes, naming key people or giving clear advice not to trust certain US based entities or services. Civil servants may act professionally as non-politically as they can, but in the end, if only to protect their jobs, they're going to come down on the side of democracy.
They're not homogenous organizations. Not sure about the FBI, but AFAIK the NSA has always been in an awkward spot of being split between defensive and offensive missions. It wouldn't be particularly surprising to have one arm going "you should all use encrypted messaging, it's the most secure" while the other arm is frantically trying to break or backdoor said encrypted messaging.
My rent is paid through a company called Bilt.
I discovered that when I shop at Walgreens now, Bilt sends me an email containing the full receipt of what I bought like so:
Ostensibly (hopefully) it would exclude sensitive items, plan B, condoms, etc...I'm curious how this data flows from Walgreens to my rent company, but maybe I'd rather not know and just use cash/certified check from now on.
https://support.biltrewards.com/hc/en-us/articles/2901187842...
There's that FSA/HSA benefit section at the bottom which explicitly states that Bilt receives item-level data:
https://www.biltrewards.com/terms/walgreens
calling something loyalty does not make it "loyalty" ..
- Privacy: There's obvious tracking of purchasing trends. This derails into selling user data to everyone that makes people increasingly easy to track.
- Customer-dependent pricing / Price-discrimination: This is awful for economy, in econ 101 you learn that business want to charge each customer as much as they are willing to pay, but this differentiated pricing is just getting their hands into everyone's pockets.The free market principles rely on perfect knowledge, and every step made to make pricing harder is an attack against self market regulation.
Price discrimination is illegal even in Lobby-land, https://www.law.cornell.edu/uscode/text/15/13
Yeah it isn’t as accurate as the privacy-invasive kind of tracking, since students and seniors can be wealthy and eligibility for welfare benefits doesn’t always consider assets or gifts from well-off family. But it’s accurate enough to give the economy most of the same benefit without the privacy downside.
I do think it’s fine for people to opt in to more tracking as a separate consent choice beyond merely participating in a loyalty program, for example to get more personalized and therefore more useful offers, but not as a condition of participation to merely receive at least standard offers and accumulate points. That’s how they generally work in Germany.
Sounds like that'll push retailers to switch from a system where they give points/discounts to everyone, to one where points/discounts are "targeted", which of course requires opting into tracking. Like I said before, the whole premise of loyalty programs is that you're being tracked in exchange for rewards. You really can't expect to have your cake (discounts) and eat it too (not being tracked).
my grandmother collected green stamps from the grocery store, which she saved for food discounts.. I don't think that there was any customer ID involved at all..
honestly, describing pervasive tracking of purchasing associated with govt ID as "normal" is .. its a sickness and parts of it are illegal now. It is not required or "normal" at all, from this view
As I said, in Germany you can indeed have your cake and eat it too in this regard, if you’re okay with the offers you receive being less targeted and therefore less appealing.
My understanding is that GDPR requires them to offer the option to decline the personalized targeting without being blocked from participation overall, and this is probably the same anywhere in the EU. But I don’t have personal experience with this in other EU countries and could be misunderstanding.
The "cake" in this case refers to the offers you had before GDPR came into effect and/or regulators started enforcing it. They might give opt-out people some token offers to appease regulators, but I doubt it'll be anywhere close to the offers they had before.
It’s not an opt-out situation. As per GDPR requirements, these programs have a specific opt-in prompt for personalized targeting, separate from the one which is for generally collecting and redeeming points as a member, and it’s not pre-chosen by default.
I think one can assume that many people will decline to opt in, especially in a culturally privacy-focused country like modern Germany and since not opting in is far behaviorally common than explicitly opting out, but also that many others will knowingly consent in exchange for the benefits. So I think they would generally want to give decent offers to both categories of people, since the non-consent group is large enough to matter. Of course the personalized ones would be better, otherwise nobody would want to give that consent.
Myself, I’ve consented to some but not all of the personalized targeting and information sharing from the loyalty programs I participate in here, after reading the descriptions of the requested consents in detail and making a conscious choice. In at least one case I converted a no to a yes after thinking about it longer. It’s good to have that transparency and control, and not to have the legalese surreptitiously remove your right to sue the store should that become necessary as is common in the US (forced arbitration is generally illegal here in B2C agreements).
As for the rest of your most recent comment, I wouldn’t know; I didn’t ever live in Europe before the GDPR.
Honestly, beyond paying fewer fees on the bus as a kid, I'm pretty sure I'm being scammed everytime I experience price discrimination.
I feel it's easier to make it illegal and give away reasonable credits to all consumers. I wouldn't discriminate in credits either, I'd rather have public transportation being free for all than claim to save money that society needs to spend anyway.
It doesn't help that lying about the price at any point just makes accounting harder, and creates space for wrong, uncompetitive pricing, or awful deals that would hurt business and society in the longer term anyway.
at the end of the day, prices are just a number you make up, and hopefully it's a big enough number that your stay in business. hopefully it's a big enough number that you get rich. but sometimes it's a fire sale and you just end up owing less money to your vendors.
The only requirement is to make up a single for all your customers that are getting the same thing back. It'll be made up and account for business factors like risks, profits, etc.
You might want to discover about sophistication and pervasive facial recognition technology used by major retailers. Paid by cash? It can still be tracked to you. For "fraud prevention", of course.
They can already track you through your phone and/or credit cards. Why bother setting up a massive facial recognition system for people paying with cash when they only account for 10% (or whatever) of overall shoppers, and have less disposable income than average?
Its harder to prove any specific stores are using any specific survailence product for marketing, but plenty of companies are offering it. Here' Samsung's take: https://web.archive.org/web/20230410052807/https://www.samsu...
We have a major problem with “professional” thieves stealing because the big chains don’t want to pay cashiers anymore.
You see a screen with your face on it in places like Waitrose self service checkouts now. It’s their way of saying “we know who you are”.
Tracking cash purchases is just a side bonus for them.
I'm not aware of any big retailers using facial data for targeting vouchers or anything similar.
Simple things like "did walk through the door with a child" would be pretty valuable data, yet as far as I know, nobody uses it.
Facial recognition on a small corpus of known faces (what everyone experiences on Facebook, their phones, etc) is an easy problem.
Walmart picking up a face walking into a store and matching it against 30 million possibilities is going to return so many false positive matches it’s going to be completely useless.
Here's a small comment thread from a few months back: https://news.ycombinator.com/item?id=41213632
The cost reduction is very small, it’s applied to interchange fees. I’ve been directly responsible for implementing this functionality on payment gateways for multiple processors because it helps reduce fraud holds as well.
I'm not going to debate you about anything, I just don't get the chance to ask insiders any of these questions.
Thankfully my work was on payment products that serviced businesses and government entities, so I did not really have to deal with that moral quandary.
However it gets muddier in other spaces as well. There are types of cards, like HSA/FSA that require something similar to level 3 data called IIAS that is used to determine what parts of your purchase are eligible. In the parts of the systems I have worked with, this is covered by HIPAA, but I have no idea if there are “clever” methods to sneak that data out of the chain elsewhere.
searching for “mastercard level 3 data takeout” and such bring up the same 5 pages that are not relevant.
The data is about a transaction that you made, but they generated all of it.
Until we have agreement as a society about what “my data” means, this kind of stuff is going to run rampant.
It makes me wonder, if everyone 'owned' their own data, I wonder if it could be used as a form of UBI. Everyone has data from using services, everyone owns it, everyone can sell it to make a living just doing whatever they are doing everyday.
This is only just a shower thought I had the other day though, there are probably many pitfalls when it comes to such an idea.
Build masses of government housing, make a healthcare public option with sliding-scale costs, and you're 90% of the way there - food and decent low-end broadband are frankly already cheap enough for the government to cover with maybe some "Don't gouge Uncle Sam or else" clauses and that's about everything.
Take the transaction information from example above. The record of you buying products X, Y, Z for total t=x+y+z at time T, with card C - both you and the store could argue they're entitled to it. It's about you and money you spent and products you received, but it's also about them and the money they received and the products that were taken off their inventory. Then the card issuer will interject saying, "hey, the customer uses a card we provide as a service, so we're at least entitled to know which card was use to pay, to whom, when, an what the total amount was!". Then both yours and stores' banks will chime in, and behind them, also the POS terminal provider.
Truth is, they all have a point. We like to think that paying for groceries with our watch is like a medieval peasant paying for fruit with metal coins at a town market. It's not. Electronic payments always involve multiple steps handled automatically, in the background, by half a dozen service providers linked by their own contracts and with their own legal reporting requirements, and each of them really do need to know at least some details about the payment they're participating in.
A simpler example: this comment. It's obviously mine. It's also a response to you, and it only makes sense in context of the whole subthread. Should anyone reply to it, they'll gain a stake in it, too - and then, arguably, everyone following this discussion have a right to read it, now and in the future. After I hit the "Reply" button, I can't in good conscience claim this comment is mine and only mine. This is why I'm personally against the practice of unilaterally mass-deleting of comments on open discussion boards, like e.g. plenty of people do on Reddit, forever ruining useful discussions for the public.
(It's also why I like HN's approach to GDPR, which is, you can get your account disassociated from your comments, and you can request potentially identifying content be removed, but the site won't just mass-delete your comments automatically.)
The average American spends $200 (via higher costs for products) for TV each year and receives how many hundreds of hours of adverts in return?
The superbowl for example gets $5 for every viewer, for about an hour of adverts. What’s the average hour of time worth?
Facebook might suck up your data and flog it for a few cents, you’ve probably got more cash down the back of the sofa.
> everyone can sell it to make a living just doing whatever they are doing everyday
If someone journals and writes down everyone they met with locations and dates, they will laugh you out of the room if you tell them they are violating GDPR.
This also leads to stupid shit like people not being sure if they can point a camera at their driveway to catch vehicle break-ins.
Finally, classifying something as “personal data” because it’s about me still doesn’t make it “my data”.
Health data in the US is strictly regulated, very personal, but is definitely not mine. I cannot remove things from it or prevent it from being shared between healthcare institutions.
the value of this data comes from what did I buy, what else do I buy, where am I, who I am, etc.
to your point, Walgreens does not sell to their competitor CVS data about what they sell, when, and where.
so if that really is their argument, it's refutable.
Why do we have zero insight, no control. Nothing.
I hate it so much.
Apple Card does not sell this data, IIRC. But offers a lower cash back than many other cards.
I'm probably not reading this properly, can you say that a different way?
Yeah, that's how organizations typically work? You might have "freedom of movement", but that doesn't mean you can work in your CEO's office. Organizations also limit who has access to its bank accounts, but that doesn't mean it's suddenly illegitimate for companies to engage in transactions.
Cut it out.
Let's stop you right there.
Having a job is rarely truly voluntary. It's almost always obligatory instead.
To discuss further would require us to go into the rabbit hole to debate whether capitalism is the right structure for society, but so far, everything else that's been tried has been worse.
> choose to provide it for a reduction in the transaction fees they pay.
That would explain why I can use my credit card for rent without a transaction fee! No free lunch!
I live in Ireland and my data is in the databases of several US data brokers. Thise conpanies can't be forced to to comply with the GDPR because they simply do not have an EU presence. You don't have to search far to find stories from people people who made complaints to their local Data Protection office about such issues only to be told there's nothing that can be done.
From my non-American perspective, the same thing is happening here. I distrust non-EU software by default.
That's not true. I work in an European company and we were contacted by the agency to give a complete list of partners that we use, reasons for why it is justified, which routines we have for deleting old data etc.
I guess in theory we could have lied and made up data, but only an idiot would risk lying to the government. Everyone at my company took it seriusly and tried to provide as accurate data as possible. There were also several follow up questions that had to be answered.
The mindset of lying to the government to "protect" your employer seems so far fetched. Why should an employee lie to the government? If it turns out that the company was in violation of GDPR the worst case scenario for the company is a fine. If the government finds out you are lying, the employee faces jail time. The trade-off is simply not worth it.
Maybe it's easier to lie to the government in some countries, but not in my country. The government agencies actually checks and verifies your claims.
The point is that no effort was made to implement a technical solution to protect privacy. So it’s upsettingly trivial to violate the GDPR unknowingly and any company that is even a little unscrupulous (of which there are hundreds) can easily ignore the law.
And you want the government to do that?
Why haven't the companies who at every turn shout how privacy conscious they are haven't done that?
It's now been 8 years of GDPR. Why hasn't the world's largest advertising company incidentally owning the world's most popular browser implemented a technical solution for tracking and cookie banners in the browser? Oh wait...
Yes, it’s their job. Building codes have technical specifications and don’t allow people to opt out. Airspace is very tightly regulated with technical specifications.
> Why hasn't the world's largest advertising company incidentally owning the world's most popular browser implemented a technical solution for tracking and cookie banners in the browser? Oh wait...
Because the government is the thing that is supposed to produce useful regulations, not an advertising company.
GDPR is like trying to solve smog by passing a law that says people can opt out of smog by staying out of the city. No regulations to actually reduce smog.
I guess best solution would be usage of some proxy which intercepts these calls or provide fake data to them. As op in the article did.
It’s frankly the most intrusive thing I’ve ever encountered in any software I’ve ever used—I’m not sure how it’s even legal, but this is America where we have no real privacy rights.
Instead of giving you the option to opt in for them to get this level of access, they automatically enroll you into it when your account is created, pull your data, and then allow you to “opt out” afterward, which enables them to have access to your personal and sensitive financial data anyway. And since you literally must have an account with them if your building uses their services for rent payments, they’ve effectively rigged the system to force millions of folks to unknowingly give them access to their personal and sensitive financial data.
Anyway, in your Bilt privacy settings, there are some options you can disable (including Instant Link), and I recommend that you disable ALL of them, although given the dark practices of this company, I don’t even trust that those settings are actually honored.
Side note: Did you know about a company called Method Financial that somehow has real-time access to ALL of your personal and sensitive financial data? Did you know that this company you never heard of that has said access then sells that access to the highest bidder? Do you remember agreeing to any of that anywhere? Yeah, me neither (on all counts)…
[0]: https://www.biltrewards.com
[1]: https://methodfi.com
So yeah, I don't get why they would do this. It gives their advertising competitors valuable data for free, and it pisses off customers by telling them that they're being tracked when they shop at Walgreens. Strange stuff.
(And no, I don't use gmail.)
There's a section of your Bilt profile that shows your other credit cards and whether you want them linked. It's pretty freaky to see them listed in the first place.
I definitely keep them off.
Bilt is ultimately a big points/reward program though, so you might get points for having them connected.
I still haven't figured out exactly what Bilt's business plan is, but the main part seems to be trying to get as much financial data on people as possible, and partnering with landlords to do so, and since it's how to pay your rent you can't unenroll completely. (Unless you maybe mail your landlord a paper check?)
The landlord of course makes it _seem_ like you have no other modes of paying rent. The cashier’s check option is buried in the fine print.
Dark patterns all around IMO.
(Sure, I could pay by check but consumer banking technology/US in the US already feels like is is lagging a decade behind other countries without voluntarily going further back. Paying by check every month would be quite inconvenient.)
I'd already decided to avoid bilt as much as possible, but reading this thread prompted me to try going a little further.
Looking through their privacy policy it talks about what California residents can do under CCPA: https://legal.biltrewards.com/policies
> Request to Know... The specific pieces of Personal Information we collected about you.
> You have the right to opt-out from having your Personal Information and Sensitive Personal Information sold to third parties. You also have the right to opt-out from having your Personal Information and Sensitive Personal Information shared with third parties for purposes of cross-contextual advertising
Might as well give this a go.
Clearly you can decide not to use Bilt, but maybe you get caught out some other way (bank, ...) - too difficult to track the trackers.
Card networks (Mastercard, VISA) have different fee structures that incentivize more detailed information like level 3 for lower processing fees for merchants - here's more details on levels https://na-gateway.mastercard.com/api/documentation/integrat...
https://support.biltrewards.com/hc/en-us/articles/5536526023...
Perhaps more interesting in your case is that if you had your card issues in or before 2022, it's likely with Evolve bank which was breached - https://medium.com/@HackLaddy/when-your-bank-doxxes-you-9152...
I think another big problem is pharmacies. The amount of data shared with health insurance companies must be huge.
I just stopped using that card with square.
Bilt as a concept is the biggest pile of late stage enshittification horse shit I’ve ever seen.
Good overview about how fingerprinting works: https://www.privacyaffairs.com/browser-fingerprinting/
Browse the source in the following directory to see a plethora of examples of how web APIs are used to fingerprint users -- and this is just one publicly-accessible library we can easily review the source code of (proprietary, obfuscated ones likely use additional methods): https://github.com/fingerprintjs/fingerprintjs/tree/master/s...
One example used in multiple places in the above repo is "matchMedia"[0] which was a Web API method added a while ago (well, many years ago) to give a programmatic result of whether a given CSS media query matches or not. This can be used to detect, for example, user preferences like whether the display is HDR-capable[1], or the Accessibility setting "reduce motion" is enabled[2].
[0] https://developer.mozilla.org/en-US/docs/Web/API/Window/matc...
[1] https://github.com/fingerprintjs/fingerprintjs/blob/master/s...
[2] https://github.com/fingerprintjs/fingerprintjs/blob/master/s...
Furthermore, it is hard for a web page to run in background and receive user data.
False. Apps don't have access to cellid information unless they also have location permissions, in which case they can just request your location directly.
>the free apps you install and use collect your precise location with timestamp [...]
This is alarmist and contradictory given that the author admits a few paragraphs up that the "location shared was not very precise". It might be possible for the app to request precise location via location services, but the app doesn't request such permissions (at least on android, you can't check for requested permissions on iOS without installing the app and running it), so such apps are most definitely limited to "not very precise" locations.
>At the same time, there is so much data in the requests that I'd expect ad exchanges to find some loophole ID that would allow cross-app tracking without the need for IDFA.
At least in theory they're not supposed to do that, but it'd be hard to enforce.
"If a user resets the Advertising Identifier, then You agree not to combine, correlate, link or otherwise associate, either directly or indirectly, the prior Advertising Identifier and any derived information with the reset Advertising Identifier. "
https://developer.apple.com/support/terms/apple-developer-pr...
We should compare if there a differences in the data sent in countries with better data privacy laws.
That's basically sent to multiple parties (ISPs, transit providers, CDNs, analytics/advertising/diagnostics/security vendors) everytime you visit a website. If this counts as "invasive" to you, you shouldn't be connected to the internet at all, much less buying a tracking device (a smartphone) and installing random ad-supported apps on it.
I don't know this industry well and the tech here has long sense eclipsed me so I really don't know what is possible but I imagine there are possibilities with this setup.
https://developers.google.com/authorized-buyers/rtb/openrtb-...
tho tbh if i really cared, no phone/battery out/faraday cage is still the gold standard
Yes on both iOS and Android as far as I can remember.
Always annoys me when I want to use a WiFi scanner to determine the range of an access point in different locations for example and it needs me to turn on location access first before it can get WiFi data. The open source app doesn't have an Internet connection so there's no way for it to send back data to the mothership even if it had an SSID database baked into the apk. For me, and traditionally, the location switch is to turn on or off energy-hungry GPS hardware, not gatekeep when I trust apps to collect my location. I can set those to "only while in use", deny their Internet access, or just not install them if I don't trust them with the location permission
And, triangulating client's public IP address will also give away location with decent precision: https://news.ycombinator.com/item?id=37507355
btw, we need a securephones.io [0] part 2 focusing on apps.
[0] cert has expired
This is clearly adding entropy to de-anonymize users between apps, rather than to add specificity to ad bids.
None of those are likely to change when you navigate from one website to another, with tracking/ads disabled, which is what they want to be able to track. Otherwise they'd just use their cookies.
One device visits a site where you sell ads. A minute later, an unknown device with identical battery, volume, headphone, brightness, model number, browser version, and boot time to the second arrives on another site you run ads on. There's a pretty good chance they're related, because the odds of all those being the same plus those two sites and recent timings involved is rather low: https://coveryourtracks.eff.org/
Plus it doesn't have to be perfect. It just has to be good enough in bulk to sell.
Everyone would need to be generating the same 'random noise' for any such tactics to be truly effective.
Here's a real-life example: You show up alone at the airport with a full-face mask and gray coveralls. You are perfectly hidden. But you are the only such hidden person, and there is still old cam footage of you in the airport parking lot, putting on the clothes. The surveillance team can let you act anonymous all you want. They still know who you are, because your disguise IS the unique fingerprint.
Now the scenario you're shooting for here is:
10 people are now walking around the airport in full-face masks and gray coveralls. You think, "well now they DO NOT know if it's ME, or some terrorist, or some random other guy from HN!"
But really, they still have this super-specific fingerprint (there are still less than 1 person in a million with this disguise) and all they need is ONE identifying characteristic (you're taller than the other masked people, maybe) to know who's who.
They didn't need to adjust their system one bit.
Your analogy applies more to things like trying to anonymize your traffic with Tor, where using such an anonymizer flags your IP as doing something weird vs other users. I’m not convinced simply fuzzing the values would be detectable, assuming you pick values that other real users could pick.
These are professional networks with a ton of capital thrown behind them. They have pretty decent algorithms, heuristics, etc; and you don't make money (compared to the other data correlation teams) if you do simple dumb stuff. I'm certain they take into account those trying to be privacy-conscious, if only to increase their match rates to be competitive.
Look for the guy wearing a conspicuously plain leather jacket and baseball cap. "Why hello there average looking stranger I've never met. Psss, 'tis a fair day, but it'll be lovelier this evening.'" "Oh ... it's Murphy the spy you want."
Also, found out the CIA declassified a bunch of jokes several years back in searching to respond. [1] Most are already dead links on CIA.gov, yet there's a few remaining. Nother one on people commenting on the CIA. [2] "These types are swin- Ask in Langley if they work for the CIA. Every- Ask in Langley. They will tells one knows them." 'You, it's the big building behind.'
[1] https://nationalpost.com/news/the-cia-has-declassified-a-bun...
[2] https://www.cia.gov/readingroom/document/cia-rdp75-00149r000...
_removing_ entropy, by adding more information bits
We all did and yet here we are.
It's important to point out that it takes a long time for uptake of new versions of ad SDKs. The general assumption is that it takes about 6 months after release of a new version for 50% of ad traffic to come from that version or newer. Also, for every version you release, approximately 1% of traffic will never upgrade past that version.
In that kind of world, over-collecting data makes sense, especially if you think nobody will ever find out. Like total / and free disk space. There's no good reason to need those, right? But let's say an advertiser comes to you and says "we want to spend $1M / day to advertise our 10GB game, but only to devices that could install it." All of a sudden it's useful to know that a device only has 8GB of disk space, or only 100MB of free space.
So OK, if we didn't collect disk space, now it makes sense to collect disk space. Let's add it to the SDK. It takes a month or two to release a new version of the SDK. 3 months to get any meaningful traffic from it, and another 3 months to get up to 50% of your traffic. Assuming the ramps are linear, 4 months of 0%, and then 3 months of ramping to 50%, 30 days per month, you'll make $22.5M in the first 7 months. But if you had the logic in there to begin with, you'd have made $210M during the same time period. That makes it an easy choice for the business folks.
There are answers to this, but they all have drawbacks. You could limit data that ad agencies can collect. This reduces the value of ads. And agencies have learned that some data (like location) is low-value and high-risk, so they're removing the ability to supply it. I think it'd be better to support a model where ad code can be updated independently of the app. This way we could push out bug fixes faster, and could remove our just-in-case collection, but Apple has no signs that this is coming soon, and Google's answer has been such a shit-show that we aren't considering it viable over the next 4 years.
Edit: To address screen brightness specifically, it's a very rough proxy for age of the user.
I don't want to call you a liar, but having seen ads that are presumably targeted at me, it feels like a total fiction to say that anyone is actually capable or interested in doing this.
I get advertisements for just absolute nonsense garbage that has no bearing on my life, and no bearing on anything that could have possibly been collected from my device.
The closest thing is that when I was in Mexico for a week, some of my podcast pre-roll ads were in Spanish. (Which, I should note, I do not speak fluently enough to even understand.) Even now, the occasional ad I'm served on a podcast is in Spanish.
And that's it. They saw that my IP came from Quintana Roo, and (somewhat reasonably) decided that I need to hear Spanish-language content. Even when I physically moved back to the United States.
Are there whales that spend $1m / day in advertising. Absolutely, 100%. Are they running at all times? No. We typically see that kind of spend from a single advertiser around 30 days out of the year. They're short campaigns, typically around a launch of a big title, and they always try to target as narrowly as they can to maximize their impact.
You're right about it using IP geo-location to guess where you are and what language you want. We also use that to determine if we should show you the GDPR disclosures. But try looking at ads on a Xiaomi phone versus a Samsung and you'll see a different set of ads, because one of those purchasers tends to have more disposable income.
[0] Steve Jobs introduces App Store - https://www.youtube.com/watch?v=eU3X6Fu5JiE
[0] https://web.archive.org/web/20070809174426/http://www.apple....
Can this data fall into the hands of "evil" state actors, and why is Congress OK with that and not with tiktok?
[1]https://www.eff.org/deeplinks/2022/08/how-law-enforcement-ar...
What would be the ideal response to such an absurd comment? At the time I found it hard to answer because she surprised me with that opinion.
Edit to note: the explanation should be compatible with a professional context. I don't want to scare my co workers or appear crazy/paranoid.
"A Redding Police Department officer in 2021 was charged with six misdemeanors after being accused of accessing CLETS to set up a traffic stop for his fiancée's ex-husband, resulting in the man's car being towed and impounded, the local outlet A News Cafe reported. Court records show the officer was fired, but he was ultimately acquitted by a jury in the criminal case. He now works for a different police department 30 miles away."
California Law Enforcement Misused State Databases More Than 7,000 Times in 2023 https://www.eff.org/deeplinks/2025/01/california-police-misu...
A different argument that appeals to some is that you might not have something to hide, but what about the people who do? For the greater good of society, whistleblowers are needed to expose malfeasance by the corrupt and it's going to make it much harder for any of them to come forwards if their reward is literally exile to Russia. If you're in support of a slow slide into dystopia, go ahead and argue against all privacy. Whether a given situation rises to that level is an different but adjacent topic, but appealing to something some people can believe in, such as not letting the rich and powerful get away with being utterly corrupt in their dealings is a way to find common ground, with some. not everyone cares about that though, but it's an additional argument for privacy.
My examples:
- You get an HIV diagnosis (or other terrible disease). Do you want everyone you meet to know?
- You feel depressed or burnt out. Should your employer know?
- You're financially in a bad place. Do you want your kids to know? Do you want your kids' friends to know?
- Do you share your salary with everyone?
- If someone's gay, should this be public information?
- Should your religion be public? Your political points of view?
Does this apply to Brave browser?
EDIT: please ignore, author did it differently to what I expected.
People commonly point to Mozilla's research regarding vehicle's privacy policies. (https://foundation.mozilla.org/en/blog/privacy-nightmare-on-...) But that research only states what the car company's lawyers felt they must include in their privacy policies. These policies imply (and I'm sure, correctly imply) that your conversations will be recorded when you're in the vehicle. But, they never drill down into the real technical details. For instance ..... are car companies recording you the whole time and streaming ALL of your audio from ALL of your driving? Are they just recording you at a random samples? Are they ONLY recording you when you're issuing voice commands, and the lawyers are simply hedging their bets regarding what sort of data _might_ come through accidentally during those instances? Once they record you, where is the data stored, and for how long? Is it sent to 3rd parties, etc? Which of these systems can be disabled, and via what means? Does disabling these systems disable any other functionality of the vehicle, or void its warranty? Lastly, does your insurance shoot up if you have a car without one of these systems? etc ...
The list of questions could go almost indefinitely, and presumably, would vary strongly across manufacturers. So much of the privacy news out there is nothing but scary and often not very substantiated worst case scenarios. Without the details and means to improve privacy, all these stories can do is spread cynicism. I'm really glad to see this level of discourse for the author.
IIRC, this is under the Magnuson-Moss act but I didn't find it when skimming wikipedia.
https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty...
The warranty is intact, but the device is bricked, because it can't bypass any of the authentication that is required to do... Pretty much everything.
One OEM I'm familiar with had such a policy. My org determined that we needed a statistical reference to compare against within a certain area. Some calls were made to the right people and shortly after we had a (mildly) anonymized map of high precision tracks for every vehicle of that brand within the area over some period.
This question I can answer with a reasonable degree of certainty; no, it does not.
Insurance companies increase rates for automobile coverage for many reasons, real or illusionary. But "does your insurance shoot up" strictly for not having a recording device in a vehicle is not one of them.
Do some insurance companies charge less when provided access to policy owner driving patterns which the companies infer reduce their risk? Sure.
But that is a different question.
> But that is a different question.
In what way? A discount for allowing surveillance is identical to an extra charge for disallowing it. They're identical, unless the "base" rate is set externally somehow.
$5 for lemonade, $3 off if you skip the lemon == $2 for sugar water, $3 extra to add lemon.
>> But that is a different question.
> In what way? A discount for allowing surveillance is identical to an extra charge for disallowing it.
In this case, the discount is "opt-in."
> $5 for lemonade, $3 off if you skip the lemon == $2 for sugar water, $3 extra to add lemon.
I believe a better analogy is:
> In this case, the discount is "opt-in."
The base price is not a force of nature. $5 with the option to opt-in to a $3 discount sounds great, until you realize that just a month ago the price was $2 by default. They raised the default by $3, but allowed you to opt-out of that increase. Whether you label that "opt-in" [to the discount] or "opt-out" [from the increase], you end up in exactly the same place.
I don't think this is necessarily true. You're right that there's an unknown base rate, but that means you can't say what you're saying as well. And if you have other companies that offer non-driving-pattern policies as well, and they're a similar price, you can see it's a discount not an added cost.
In fact, regardless, other companies are your best bet in combatting rising prices for any reason.
It is different initially, when only one company is offering the "discount" and they have not yet adjusted their base price upward. In fact, the people who want the discount will presumably flock to their service, which may even mean they won't raise the base price all the way up if it makes their costs lower. But if that works, the other companies will follow suit.
In short: there's a period of time when there's a difference, and you have a real choice. If the difference is real, it will get locked in to the entire industry. It's a positive economic profit, and those go away.
cf https://robert.ocallahan.org/2014/08/choose-firefox-now-or-l...
And then if you use a commercial VPN with DNS ad-blocking enabled, how much more does this help?
Snowden in one of interviews talks about exactly this kind of tracking with Amazon example (ts 01:18:00) https://x.com/JohnStossel/status/1885382675810181612
Basically, all these companies, ad networks, data brokers, big tech with absence of basic privacy laws (not to be confused with 4th amendment that binds Fed and State gov only, but does not restraint companies) act with wilful conspiracy with US government regulators, washing each other hand like a monopoly. This data gets enriched and collided and is perpetually on a permanent record.
https://en.wikipedia.org/wiki/Permanent_Record_(autobiograph...
So next time you talk about totalitarian regimes around the world look in the window.
Screen brightness, boot time, memory, and network operator could probably fingerprint any device all by itself.
Everything little piece of data that is gathered and used can help even if it isn't immediately apparent.
Now I could be wrong on this, but I feel like advertisers don't need to know something is true about a user, they just need to be confident something is true about a user and that's where data points like screen brightness can be of help to them.