I have a loosely imagined regulatory solution to the particular problem of secretive data brokerages and user targeting. It works at follows:
* Targeted ads are required to include both a declaration that they are targeted to a user and what criteria were used to select the user.
* Ad and data brokers are required to provide a chain of discovery detailing where the individual ad or data entity received information that contributed to the targeting of the user. (I think this was hit upon in TFA, but it was difficult to get through with the focus as it was mostly on credentials and PII).
* Firms which hold user targeting information and information on individual user preferences are required to allow users to have their records removed from the firm's database.
I'm sure this seems punitive to the companies it would affect, but I'm not sure that's a problem overall. It allows people to control the information that is collected about them and puts the onus on the companies benefiting from that information. If user targeting really does help in product discovery and user preference marching, then the ad and data companies will be rewarded, and the price of regulation will be the cost of information transparency. If it turns out that users really don't want to have dozens of companies tracking their every move then the advertising business model will be starved and make way for companies with more innovative, user-friendly business models.
Edit: autocorrect fucking up words that autocomplete originally predicted correctly.
If you haven't already, you might enjoy reading the EU's forthcoming GDPR regulations [1] they cover all of this and much, much more including things like:
- data should be exportable in digital formats
- you can request what information a company has about you regardless if you're a full "user/customer" (think of things like how FB tracks anyone who visits a webpage with a Like button).
- you have the right to request a manual review of computer made decisions (ex: a credit approval)
- right to have your data corrected/fixed if it's listed incorrectly
- right to escalate to each country's "supervisory authority" (this is the agency within each country that handles things)
- serious fines in case of non compliance (% of revenue, not a flat amount)
One of the "failures" of modern AI is "human-friendly explanation": how do you explain the process behind a decision when it was based on a very complex model? At least, without having to explain the entire model being employed.
Fuck that, I have a better regulation: Targeted ads are illegal, punishable by death. Let's force a different (I don't care if it's "better") business model.
As usual, a bunch of nonsense by people who have no idea about this.
The fundamental problem is that digital advertising is a 12-figure global industry with practically 0 oversight and regulation. This is an industry that sells influence at scale. Anyone with a credit card can start changing how people think and act but there are absolutely no real consequences for bad actors.
Even the most minimal laws around who can advertise and how would radically change everything. Google has even more data than Facebook. Amazon has just as much. Your ISP has just as much. These silly little projects to chase the latest scandal will do nothing in the long run. The only way to fix anything is to regulate the core, not try and fix every little symptom that occurs.
* Before the inevitable comments, yes advertising works, yes it works on you no matter how much you think otherwise, and no adblockers dont magically solve everything.
> This is an industry that sells influence at scale. Anyone with a credit card can start changing how people think and act but there are absolutely no real consequences for bad actors.
Isn't this true of almost any industry which lets you put out information? E.g. news publishing? Book publishing? Blogs?
I mean, what exactly would you do, ban all communications? Maybe I missed something, but it seems like everyone just assumes that advertising is the #1 biggest influence on most people, and was used to completely change the tide of democracy, when in reality it seems to me that it's a small part of the problem, at most.
I'm serious about the question btw - what would you do? You say regulate at the core. I'm not saying necessarily don't regulate (though that is where I lean) - I'm asking, what exactly do you propose?
> As usual, a bunch of nonsense by people who have no idea about this
This attitude is startling similar to what I heard on Wall Street during the crisis. “Of course we bet against our counterparties! They’re counterparties, not clients. If they didn’t read the prospectus they’re morons who deserved to lose their money.”
When you’re providing the public with a good, arguing that non-experts can’t comment is an argument for regulation, if only to force a common language.
That's what makes good advertising good. The medium also matters tremendously.
Internet advertising only really works when you don't know what you're looking for to begin with, which is rarely the case as most human behavior when it comes to the internet is intentional (i.e. I search on Google for "plates", that's why Google AdWords shows me sponsored links for plates)
> This is an industry that sells influence at scale.
---
>* Before the inevitable comments, yes advertising works, yes it works on you no matter how much you think otherwise
---
Show me the lift (in other words, prove it).
I'm extremely dubious about any claim related to digital advertising having direct effects over a baseline.
It is easy to make a claim that it changes the millieu, to appeal to second order effects. So, prove it. Show me the academic papers. Show me how those papers generalize outside of the specific economic/operation structure they studied.
I mean, look at Google Search. When searching, the top link is generally an ad. My (admittedly biased "no it doesn't work on me no matter how much you claim it does") experience is that I _always_ skip the ads. Even if it is for the company I am looking to purchase from. Because I am averse to digital ads. I can't trust what the ad is selling isn't skeasy. I am not the only one who does it. So is digital advertising being supported only by people who are easy to 419/Nigerian Prince scam or something?
On a tangential note note, this is Amazon's burgeoning issue with its Marketplace and third-party ripoff sellers, now that eBay isn't on top.
> yes advertising works, yes it works on you no matter how much you think otherwise
And even if you think it doesn’t, it works on enough other people to make it a worthwhile spend if you want to win an election or get regulation passed.
There are a lot of details about Facebook that scare me, but the line between good and bad aspects is very thin. Usually it is a little easier to tease out my complaints.
Influencing opinions isn't in itself a bad thing. Even being influenced to spend money isn't necessarily a bad thing. Being influenced with political ideas is on face first impressions a good idea and I might call it the first step towards understanding.
The combination of scale and selectivity of the Silicon Valley majors seems like it is creeping into a difficult place though. I've always been quite interested in American politics and it is curiously hard now to identify what the message directly to voters is on Facebook. Advertising on Facebook et al is relatively private and personalised vs a newspaper where everyone gets the same ad.
Also an issue here, once politicians get involved in identifying 'bad actors', there is a real risk that their political opponents get identified. Any regulation should proceed very slowly and thoughtfully.
Advertising is a strange beast. An emphasis on taking media theory seriously would do us a lot of good. I actually think the internet has led to more awareness of the issue but the decades prior gave us a dismal trajectory. Whether advertising itself is inherently bad for us is one thing. It's abstract side effects as a are another, and that is what we are concerned with here, but we have to first accept the the realities of the course we have been on in order to correct it.
Media, interface of advertising, is often thought of as frivolous. This is the same interface through which religion has enraptured it's audience for all the centuries. We can approach the issues in a rational way. Branding and advertising uses the same concepts in a different context and form. How branding and advertising affect us is a messier discussion than whether it does or not. We have accepted a life experience (emotions, desires, meanings) overwhelmingly defined by advertising. As such, our livelihoods are entangled with it and almost all of us depend on advertising to make a living. Maybe we should consider whether we are incentivized to be complacent about this core problem in the same way an individual living in an extremist religious society is incentivized to conform. I'm not sure.
Those inevitable comments about advertising not working come up every time for a reason.
Advertising is a classic example of the prisoner's dilemma. All that money being spent is an arms race, not an indicator of the power of advertising. The idea that money controls how people think is appealing when you remove all agency from the population and just assume they're naive sheep but that's a self-serving perspective.
Yeah we just need to regulate who can tell people about their products, services, issues, etc. Then the world will be perfect just like it is in China where nobody says anything without th governments approval. What could go wrong?
>yes it works on you no matter how much you think otherwise,
There's no need to add such preposterously inflammatory self-righteousness to your comment, it worked fine without this, but I think you just want people to call you out on it because you believe it but know many people (quite rightly) do not.
And then when you (as you say, inevitably) get called out you can act like you're right because you predicted someone might point out that you're wrong. But that's not really how this works.
yes, it’s important to look at the invisible actors as well. Facebook and google are front line brands in your face. We have to remember the invisible trackers and ISPs as well, sometimes much worse because they are not scrutinized and cooperate more with government.
> Before the inevitable comments, yes advertising works, yes it works on you no matter how much you think otherwise, and no adblockers dont magically solve everything.
So in other words, the results of pretty much every future election, even those won by Democrats, will always be in doubt, because there’s always going to be advertising and shitposting, right?
Most developed countries have an agency dedicated to data protection.
The UK has the ICO, Japan has the Personal Information Protection Commission, Canada has the Office of the Privacy Commissioner, Switzerland has the FDPIC, etc.
Their exact role varies from country-to-country but the US is one of the few modern countries to not have a national body dedicated to the field.
What did people really expect would happen with Facebook? It's social media, not a file storage service - of course your data isn't going to be private. It's more or less what you should expect when signing up on any social media platform.
As a side note. In the past 5 years of doing serious contracting work in every industry you can think of (pharma, banking, manufacturing, etc) the places where I have seen info sec taken the most seriously are two: gaming studios (any) and Bloomberg.
The author's suggested fix is "Let’s make a digital Environmental Protection Agency. Call it the Digital Protection Agency. Its job would be to clean up toxic data spills, educate the public, and calibrate and levy fines."
A couple upfront issues with this:
1) "cleaning up toxic data spills" - this doesn't seem well worked out, unless the author suggests going and deleting the stolen data off others' computers
2) "educate the public" - the author suggests explaining how to deal with identify theft. That's great, but doesn't address the secondary issues of advertising/propaganda/other clever unintended uses of data.
Regardless of how well you feel this article is written whether you agree with it, it's important to not ignore it and others like it. This reflects a growing sentiment among much of the population—address their concerns, or regulation will do it for you (likely in a sub-optimal, if not counterproductive, way).
That ball is already rolling downhill, and I don’t think it can be stopped. In addition to the perfectly reasonable concerns of a few billion people, there are also some very wealthy and entrenched media interests who only stand to gain by kicking it along. I don’t think the reputation of tech is salvageable at this point, and the result will be having to live with regulation and oversight like every other industry. Even if everyone shaped up overnight (and they won’t) there is still so much yet to emerge into the public light about what has already happened. Uber and Facebook alone have almost certainly only just begun to bleed scandal.
I can't wait for the 2023 thinkpieces on how the Digital Homeland Protection Agency or some such has been taken over by purveyors of ungood ethics and we must do something about it.
Google built an algorithm that promoted Alex Jones 15 billion times to vulnerable people. I wonder are they systematizing established marketing influences, or are they creating a new era of conspiracy theory prone populations because those types of articles have better click-through rates for ads?
I've been saying for years that software engineering needs to be elevated to the same standards held by other engineering fields; like civil, mechanical, biomedical, and so on:
If an engineer or a firm is negligent and people die and/or millions of dollars are lost, they are kicked out of the industry/lose their right to operate as a business.
For example: To work on cryptography and security, you need a degree and to have passed certification, perhaps at regular multi-year intervals. Then if you build a login page and store the unsalted passwords in plain text and someone pwns your site, you lose your license, could be fined, sued, or possibly go to jail if your negligence is criminal.
Then, if you are a company and you need a login system, you either (a) hire certified software engineers to write one, (b) subcontract a certified firm, or (c) license a certified off-the-shelf solution. If pwnage happens, the company is liable if they failed to do one those things. Therefore it becomes in the interest of companies to do security correctly, and of engineers to only attempt it if they are competent and qualified.
It's really simple: In other fields of engineering, there are consequences if you fuck up. If you design a bridge that falls down and kills people, you lose your career, are sued, and/or go to jail. Not so in CS. That needs to change.
Consequences and credentialism don't have to go hand in hand. Software's lack of credentialism is what allows so many to rise above their circumstances, break through class barriers, etc.
I really don't think the proposal goes far enough.
Not only should the agency collect and monitor all "leaked data," but it should set clear an detailed regulations on what can be collected, how it must be revealed to the people who it is relevant to ("relevancy TBD"), how it must be removed at the request of those same people, and how it must be amended when (claimed to be) incorrect.
Many of these things are already done by other organizations for subsets of data (e.g., the regulations on credit reports). It just needs to be expanded to all kinds of data.
Europe is way ahead of the USA on this one. As someone managing the implementation of a lot of the GDPR regulations on data access (e.g., "Subject Access Requests") for a small company, I absolutely wish I as a US citizen had the rights to do this stuff to US companies. But, I don't. Sucks to be an American again. Maybe this can fall under MAGA? LOL
"YouTube. It has users who love conspiracy videos, and YouTube takes that love as a sign that more and more people would love those videos, too."
Not exactly. YouTube sends everybody down rabbit holes, because it adores sticky topics and video sources (more views, more $), and so rewards those who create a bit of an information monopoly by simply lying; after which, one of their videos leads you to another one of their videos. Nobody else is making videos on that, 'cause you made it up. You win. Novel "information" is more likely to be viewed through, and then followed up on with searches for more on the topic. So make up, and YouTube is all about you, thrilled to facilitate the niche info-market you've created out of thin air or wildly exaggerated.
Merely having your own misleading phrases to refer to your bent views will be heavily rewarded by search engines including Google's and YouTube's. For example:
"I wrote about this in my new book, Algorithms of Oppression: How Search Engines Reinforce Racism. In it, I discuss Dylann Roof, the Charleston mass murderer, who said he Googled the phrase “black on white crime” after the Trayvon Martin shooting. He has talked about how important that experience was in forming his white supremacist views. He noted in his online diary that when he Googled the phrase “black on white crime,” the search engine gave him information that shocked him—and helped him come to a different understanding about the so-called truth about race and the value of a multiracial society.
That’s because his search only returned the white supremacist websites that use such a phrase—a phrase that is used by hate-based sites to radicalize white Americans against African Americans and other people of color, including Jewish people. Google didn’t provide any context on the white supremacist movement. It didn’t provide any counterpoints of view."
that's indeed scary, but I saw no way out, but I will do the followings:
1. remove my rarely used facebook account.
2. remove twitter account.
3. remove gmail, use outlook email instead, probably host my own email.
4. for private messenger, use 'signal' app instead.
5. use vpn more.
There are more stuff I could not remove though, e.g., my Amazon account, ebay and paypal, etc, also my account and posts at HN, hi I can not even remove my posts not to mention my account at HN, will HN sell me someday or is it doing this already?
The only solution I see, is that paying for all those services: pay for twitter, facebook, gmail etc, so they do not need your personal info to profit? of those they need supervise, means if they still violate my privacy after I paid, sue them to hell.
Perhaps one solution could be to keep your personal data encrypted but then if you need an online service you'll need to somehow let the services access it.
That's the part where it gets tricky. Either the code working on your data is sandboxed from the outside world which sounds impractical. What if needs to talk to other backends. Alternatively the operating system ACL framework is super granular so you can give the service the minimum amount of data it needs.
Or another solution could be a way to easily see which entities/apps have access to your data and the time they accessed them. Like some sort of an audit log with accessible UI.
A non-profit agency is nice and all but doesn't give much guarantee.
Note a huge reason to target political ads is precisely that you can send your targets highly offensive or obviously misleading ads that you know they won't be offended by, without showing the rest of the electoral how vile the shit you're slinging at voters really is.
Targeting covers the stench. Keeping the average voter from seeing your nastiest ads is just as important as who does see the ads.
Democracy is about informing voters, targeting is all about keeping information about your ads from most voters.
Regardless of regulations, I feel you can’t really stop what the employees do with the data. For every company, there is an employee who have the key to your data just doing their jobs, be it devs verifying data to sysadmins managing the backups. Sure you can have better auditing procedures and analyzing logs, but if its the group of guys especially at the head, its hard to prevent that. Social hacking is happening without us knowing it and that is what worries me more.
The problem with Facebook is it allows people to gather data about a user and their friends. Literally every single other platform (including google) can gather data about you but not your friends.
That is the current problem that needs to be immediately solved IMO. After the obvious, easy win then we should move on to more difficult regulation like others have suggested.
The main business model of a lot of silicon Valley businesses is based upon selling, buying, trading and using people's personal data, so considering this they didn't fail at all.
Edit : IMO to solve privacy we need to create another business model which is obviously not based on data / advertising.
The explanation of HIBP went a tiny bit overzealous...
> For example, the website of Australian security expert Troy Hunt, haveibeenpwned.com (“pwned” is how elite, or “l33t,” hackers, or “hax0rs,” spell “owned”),
[+] [-] plorg|8 years ago|reply
* Targeted ads are required to include both a declaration that they are targeted to a user and what criteria were used to select the user.
* Ad and data brokers are required to provide a chain of discovery detailing where the individual ad or data entity received information that contributed to the targeting of the user. (I think this was hit upon in TFA, but it was difficult to get through with the focus as it was mostly on credentials and PII).
* Firms which hold user targeting information and information on individual user preferences are required to allow users to have their records removed from the firm's database.
I'm sure this seems punitive to the companies it would affect, but I'm not sure that's a problem overall. It allows people to control the information that is collected about them and puts the onus on the companies benefiting from that information. If user targeting really does help in product discovery and user preference marching, then the ad and data companies will be rewarded, and the price of regulation will be the cost of information transparency. If it turns out that users really don't want to have dozens of companies tracking their every move then the advertising business model will be starved and make way for companies with more innovative, user-friendly business models.
Edit: autocorrect fucking up words that autocomplete originally predicted correctly.
[+] [-] michaelbuckbee|8 years ago|reply
- data should be exportable in digital formats
- you can request what information a company has about you regardless if you're a full "user/customer" (think of things like how FB tracks anyone who visits a webpage with a Like button).
- you have the right to request a manual review of computer made decisions (ex: a credit approval)
- right to have your data corrected/fixed if it's listed incorrectly
- right to escalate to each country's "supervisory authority" (this is the agency within each country that handles things)
- serious fines in case of non compliance (% of revenue, not a flat amount)
1 - https://blog.varonis.com/gdpr-requirements-list-in-plain-eng...
[+] [-] TAForObvReasons|8 years ago|reply
One of the "failures" of modern AI is "human-friendly explanation": how do you explain the process behind a decision when it was based on a very complex model? At least, without having to explain the entire model being employed.
[+] [-] specialist|8 years ago|reply
All services are opt-in.
If anyone anywhere is charging for (or profiting from) my data, I get my cut.
[+] [-] wemdyjreichert|8 years ago|reply
[+] [-] y03a|8 years ago|reply
[+] [-] manigandham|8 years ago|reply
The fundamental problem is that digital advertising is a 12-figure global industry with practically 0 oversight and regulation. This is an industry that sells influence at scale. Anyone with a credit card can start changing how people think and act but there are absolutely no real consequences for bad actors.
Even the most minimal laws around who can advertise and how would radically change everything. Google has even more data than Facebook. Amazon has just as much. Your ISP has just as much. These silly little projects to chase the latest scandal will do nothing in the long run. The only way to fix anything is to regulate the core, not try and fix every little symptom that occurs.
* Before the inevitable comments, yes advertising works, yes it works on you no matter how much you think otherwise, and no adblockers dont magically solve everything.
[+] [-] edanm|8 years ago|reply
Isn't this true of almost any industry which lets you put out information? E.g. news publishing? Book publishing? Blogs?
I mean, what exactly would you do, ban all communications? Maybe I missed something, but it seems like everyone just assumes that advertising is the #1 biggest influence on most people, and was used to completely change the tide of democracy, when in reality it seems to me that it's a small part of the problem, at most.
I'm serious about the question btw - what would you do? You say regulate at the core. I'm not saying necessarily don't regulate (though that is where I lean) - I'm asking, what exactly do you propose?
[+] [-] JumpCrisscross|8 years ago|reply
This attitude is startling similar to what I heard on Wall Street during the crisis. “Of course we bet against our counterparties! They’re counterparties, not clients. If they didn’t read the prospectus they’re morons who deserved to lose their money.”
When you’re providing the public with a good, arguing that non-experts can’t comment is an argument for regulation, if only to force a common language.
[+] [-] rafiki6|8 years ago|reply
Advertising works when it leaves an impression or memories on you:
https://www.theatlantic.com/business/archive/2011/08/why-goo...
That's what makes good advertising good. The medium also matters tremendously.
Internet advertising only really works when you don't know what you're looking for to begin with, which is rarely the case as most human behavior when it comes to the internet is intentional (i.e. I search on Google for "plates", that's why Google AdWords shows me sponsored links for plates)
http://journals.ama.org/doi/abs/10.1509/jmr.11.0503?code=amm...
Moral of the story? Complicated psychological phenomena are complicated and let's not oversimplify them to fit our narrative.
[+] [-] tomrod|8 years ago|reply
---
>* Before the inevitable comments, yes advertising works, yes it works on you no matter how much you think otherwise
---
Show me the lift (in other words, prove it).
I'm extremely dubious about any claim related to digital advertising having direct effects over a baseline.
It is easy to make a claim that it changes the millieu, to appeal to second order effects. So, prove it. Show me the academic papers. Show me how those papers generalize outside of the specific economic/operation structure they studied.
I mean, look at Google Search. When searching, the top link is generally an ad. My (admittedly biased "no it doesn't work on me no matter how much you claim it does") experience is that I _always_ skip the ads. Even if it is for the company I am looking to purchase from. Because I am averse to digital ads. I can't trust what the ad is selling isn't skeasy. I am not the only one who does it. So is digital advertising being supported only by people who are easy to 419/Nigerian Prince scam or something?
On a tangential note note, this is Amazon's burgeoning issue with its Marketplace and third-party ripoff sellers, now that eBay isn't on top.
[+] [-] BrentOzar|8 years ago|reply
And even if you think it doesn’t, it works on enough other people to make it a worthwhile spend if you want to win an election or get regulation passed.
[+] [-] roenxi|8 years ago|reply
Influencing opinions isn't in itself a bad thing. Even being influenced to spend money isn't necessarily a bad thing. Being influenced with political ideas is on face first impressions a good idea and I might call it the first step towards understanding.
The combination of scale and selectivity of the Silicon Valley majors seems like it is creeping into a difficult place though. I've always been quite interested in American politics and it is curiously hard now to identify what the message directly to voters is on Facebook. Advertising on Facebook et al is relatively private and personalised vs a newspaper where everyone gets the same ad.
Also an issue here, once politicians get involved in identifying 'bad actors', there is a real risk that their political opponents get identified. Any regulation should proceed very slowly and thoughtfully.
[+] [-] gt_|8 years ago|reply
Advertising is a strange beast. An emphasis on taking media theory seriously would do us a lot of good. I actually think the internet has led to more awareness of the issue but the decades prior gave us a dismal trajectory. Whether advertising itself is inherently bad for us is one thing. It's abstract side effects as a are another, and that is what we are concerned with here, but we have to first accept the the realities of the course we have been on in order to correct it.
Media, interface of advertising, is often thought of as frivolous. This is the same interface through which religion has enraptured it's audience for all the centuries. We can approach the issues in a rational way. Branding and advertising uses the same concepts in a different context and form. How branding and advertising affect us is a messier discussion than whether it does or not. We have accepted a life experience (emotions, desires, meanings) overwhelmingly defined by advertising. As such, our livelihoods are entangled with it and almost all of us depend on advertising to make a living. Maybe we should consider whether we are incentivized to be complacent about this core problem in the same way an individual living in an extremist religious society is incentivized to conform. I'm not sure.
[+] [-] stale2002|8 years ago|reply
They dont solve 'everything', but they solve quite a lot.
We can tell how effective they are, by how much many ad funded website complain about them.
Harm minimization is still a useful strategy.
[+] [-] verylittlemeat|8 years ago|reply
Advertising is a classic example of the prisoner's dilemma. All that money being spent is an arms race, not an indicator of the power of advertising. The idea that money controls how people think is appealing when you remove all agency from the population and just assume they're naive sheep but that's a self-serving perspective.
https://en.wikipedia.org/wiki/Prisoner%27s_dilemma#In_econom...
Seeing as how you work in marketing and advertising I'm not sure anyone should take you at your word.
“It is difficult to get a man to understand something, when his salary depends on his not understanding it.”
[+] [-] omarforgotpwd|8 years ago|reply
[+] [-] eertami|8 years ago|reply
There's no need to add such preposterously inflammatory self-righteousness to your comment, it worked fine without this, but I think you just want people to call you out on it because you believe it but know many people (quite rightly) do not.
And then when you (as you say, inevitably) get called out you can act like you're right because you predicted someone might point out that you're wrong. But that's not really how this works.
[+] [-] manigandham|8 years ago|reply
"How Facebook Helps Shady Advertisers Pollute the Internet"
https://www.bloomberg.com/news/features/2018-03-27/ad-scamme...
[+] [-] BurningFrog|8 years ago|reply
Regulating speech is a cure worse than the disease.
[+] [-] justonepost|8 years ago|reply
[+] [-] wyager|8 years ago|reply
A vastly better solution is to equip people to fight advertising technologically so it’s not cost-effective.
[+] [-] phjesusthatguy3|8 years ago|reply
that ~3 billion people have subscribed to the newsletter of the abyss, and the abyss has friends with which it shares it's insights.
[+] [-] johnnyOnTheSpot|8 years ago|reply
[+] [-] xienze|8 years ago|reply
So in other words, the results of pretty much every future election, even those won by Democrats, will always be in doubt, because there’s always going to be advertising and shitposting, right?
[+] [-] ig1|8 years ago|reply
The UK has the ICO, Japan has the Personal Information Protection Commission, Canada has the Office of the Privacy Commissioner, Switzerland has the FDPIC, etc.
Their exact role varies from country-to-country but the US is one of the few modern countries to not have a national body dedicated to the field.
[+] [-] walterbell|8 years ago|reply
[+] [-] ggregoire|8 years ago|reply
[+] [-] wooter|8 years ago|reply
[+] [-] tscs37|8 years ago|reply
[+] [-] Mononokay|8 years ago|reply
[+] [-] cowmix|8 years ago|reply
[+] [-] mlb_hn|8 years ago|reply
A couple upfront issues with this: 1) "cleaning up toxic data spills" - this doesn't seem well worked out, unless the author suggests going and deleting the stolen data off others' computers
2) "educate the public" - the author suggests explaining how to deal with identify theft. That's great, but doesn't address the secondary issues of advertising/propaganda/other clever unintended uses of data.
[+] [-] organsnyder|8 years ago|reply
[+] [-] domevent|8 years ago|reply
[+] [-] jeoeo8383|8 years ago|reply
[deleted]
[+] [-] dictum|8 years ago|reply
[+] [-] riazrizvi|8 years ago|reply
[+] [-] tbabb|8 years ago|reply
If an engineer or a firm is negligent and people die and/or millions of dollars are lost, they are kicked out of the industry/lose their right to operate as a business.
For example: To work on cryptography and security, you need a degree and to have passed certification, perhaps at regular multi-year intervals. Then if you build a login page and store the unsalted passwords in plain text and someone pwns your site, you lose your license, could be fined, sued, or possibly go to jail if your negligence is criminal.
Then, if you are a company and you need a login system, you either (a) hire certified software engineers to write one, (b) subcontract a certified firm, or (c) license a certified off-the-shelf solution. If pwnage happens, the company is liable if they failed to do one those things. Therefore it becomes in the interest of companies to do security correctly, and of engineers to only attempt it if they are competent and qualified.
It's really simple: In other fields of engineering, there are consequences if you fuck up. If you design a bridge that falls down and kills people, you lose your career, are sued, and/or go to jail. Not so in CS. That needs to change.
[+] [-] nitrogen|8 years ago|reply
[+] [-] SomeHacker44|8 years ago|reply
Not only should the agency collect and monitor all "leaked data," but it should set clear an detailed regulations on what can be collected, how it must be revealed to the people who it is relevant to ("relevancy TBD"), how it must be removed at the request of those same people, and how it must be amended when (claimed to be) incorrect.
Many of these things are already done by other organizations for subsets of data (e.g., the regulations on credit reports). It just needs to be expanded to all kinds of data.
Europe is way ahead of the USA on this one. As someone managing the implementation of a lot of the GDPR regulations on data access (e.g., "Subject Access Requests") for a small company, I absolutely wish I as a US citizen had the rights to do this stuff to US companies. But, I don't. Sucks to be an American again. Maybe this can fall under MAGA? LOL
[+] [-] Nomentatus|8 years ago|reply
Not exactly. YouTube sends everybody down rabbit holes, because it adores sticky topics and video sources (more views, more $), and so rewards those who create a bit of an information monopoly by simply lying; after which, one of their videos leads you to another one of their videos. Nobody else is making videos on that, 'cause you made it up. You win. Novel "information" is more likely to be viewed through, and then followed up on with searches for more on the topic. So make up, and YouTube is all about you, thrilled to facilitate the niche info-market you've created out of thin air or wildly exaggerated.
Merely having your own misleading phrases to refer to your bent views will be heavily rewarded by search engines including Google's and YouTube's. For example:
"I wrote about this in my new book, Algorithms of Oppression: How Search Engines Reinforce Racism. In it, I discuss Dylann Roof, the Charleston mass murderer, who said he Googled the phrase “black on white crime” after the Trayvon Martin shooting. He has talked about how important that experience was in forming his white supremacist views. He noted in his online diary that when he Googled the phrase “black on white crime,” the search engine gave him information that shocked him—and helped him come to a different understanding about the so-called truth about race and the value of a multiracial society. That’s because his search only returned the white supremacist websites that use such a phrase—a phrase that is used by hate-based sites to radicalize white Americans against African Americans and other people of color, including Jewish people. Google didn’t provide any context on the white supremacist movement. It didn’t provide any counterpoints of view."
https://logicmag.io/03-engine-failure/
[+] [-] ausjke|8 years ago|reply
The only solution I see, is that paying for all those services: pay for twitter, facebook, gmail etc, so they do not need your personal info to profit? of those they need supervise, means if they still violate my privacy after I paid, sue them to hell.
[+] [-] j605|8 years ago|reply
[+] [-] gerash|8 years ago|reply
That's the part where it gets tricky. Either the code working on your data is sandboxed from the outside world which sounds impractical. What if needs to talk to other backends. Alternatively the operating system ACL framework is super granular so you can give the service the minimum amount of data it needs.
Or another solution could be a way to easily see which entities/apps have access to your data and the time they accessed them. Like some sort of an audit log with accessible UI.
A non-profit agency is nice and all but doesn't give much guarantee.
[+] [-] Nomentatus|8 years ago|reply
Targeting covers the stench. Keeping the average voter from seeing your nastiest ads is just as important as who does see the ads.
Democracy is about informing voters, targeting is all about keeping information about your ads from most voters.
[+] [-] jaequery|8 years ago|reply
[+] [-] soared|8 years ago|reply
That is the current problem that needs to be immediately solved IMO. After the obvious, easy win then we should move on to more difficult regulation like others have suggested.
[+] [-] Mediumium|8 years ago|reply
The main business model of a lot of silicon Valley businesses is based upon selling, buying, trading and using people's personal data, so considering this they didn't fail at all.
Edit : IMO to solve privacy we need to create another business model which is obviously not based on data / advertising.
[+] [-] AlphaWeaver|8 years ago|reply
> For example, the website of Australian security expert Troy Hunt, haveibeenpwned.com (“pwned” is how elite, or “l33t,” hackers, or “hax0rs,” spell “owned”),