Two Plus Two Publishing LLC
Two Plus Two Publishing LLC
 

Go Back   Two Plus Two Poker Forums > >

Notices

Politics political discourse

Reply
 
Thread Tools Display Modes
Old 12-11-2018, 10:30 AM   #1
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Personal Data: Privacy, Security, & You

Today, Google's CEO, Sundar Pichai, will be testifying before the US House of Representatives, in a hearing entitled: "Transparency & Accountability: Examining Google and its Data Collection, Use and Filtering Practices".

We live in the Information Age, the era of Big Data. A massive industry has developed around the principles of personal data mining and resale.

Our data is used by entities, typically unknown to us, to target commercial advertisements, news stories, and political assertions. Most people are not even aware that they are being mined, happily clicking through Facebook & Google, marveling at the economy of MoviePass membership, etc.

The Equifax breach and the Cambridge Analytica scandal are two recent, highly publicized (MSM) events, and there are countless instances of personal data being compromised by poor information security and by loose privacy protections.

As electronic networks become increasingly ubiquitous and vital to everyday living (consider the Internet of Things), these issues of information security and privacy will become increasingly pressing, and at present our society appears to be ill-equipped to respond.

What should be the extent (if any) of government involvement in this area? How best can we address these issues, in terms of effectiveness and propriety?

Last edited by iamnotawerewolf; 12-11-2018 at 10:38 AM.
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 10:36 AM   #2
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

Informing this discussion, I would like to draw your attention to the "Third Party Doctrine", which basically provides that an individual, by sharing information with a non-governmental entity, thereby forfeits their "reasonable expectation" that such information will remain private.

On this basis, the police can lawfully demand your cell phone records (including your text messages, the numbers you have dialed, the locations of the physical towers that your phone has connected to, etc), your emails, and your browsing history.

I ask that you consider this information when forming your opinions of the rights of private companies to store and/or disseminate your information, with or without your knowledge and/or permission.
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 10:37 AM   #3
Namath12
Carpal \'Tunnel
 
Namath12's Avatar
 
Join Date: Jan 2011
Location: Slytherin Common Room
Posts: 55,346
Re: Personal Data: Privacy, Security, & You

I've been reading some of Bruce Schneier's work since I heard him on Harry Shearer's Le Show a few weeks ago. The guy is simultaneously nerdy and scary and has a rather doom & gloom outlook on cyber security, but he knows his **** so I thought I'd share him here.

https://www.schneier.com/

This is one sobering article

https://www.schneier.com/blog/archiv...ersonal_d.html

Quote:
In an excellent blog post, Brian Krebs makes clear something I have been saying for a while:

Likewise for individuals, it pays to accept two unfortunate and harsh realities:

Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes * even your credit file.

Reality #2: Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold * usually through no fault of your own. And if you're an American, it means (at least for the time being) your recourse to do anything about that when it does happen is limited or nil.


[...]

Once you've owned both of these realities, you realize that expecting another company to safeguard your security is a fool's errand, and that it makes far more sense to focus instead on doing everything you can to proactively prevent identity thieves, malicious hackers or other ne'er-do-wells from abusing access to said data.

His advice is good.
Namath12 is offline   Reply With Quote
Old 12-11-2018, 11:14 AM   #4
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

If eventual compromise is inevitable, would retention limits mitigate our collective exposure?

Perhaps data collectors can be held statutorily liable for data breaches, shifting the risks of information leakage/abuse from the public to the profiteering data cartels - liquidated damages? attorney fees? licensure implications?
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 11:23 AM   #5
Namath12
Carpal \'Tunnel
 
Namath12's Avatar
 
Join Date: Jan 2011
Location: Slytherin Common Room
Posts: 55,346
Re: Personal Data: Privacy, Security, & You

^^^ That's the rub, that's the point that dude Schneier and others keep making. Everything you listed there would be a massive step in the right direction. But to boil it down to the simplest terms: There is no incentive for corporations to do a better job at protecting our data because there are relatively few consequences for not doing so.

I mean, just look at the Equifax data breach. A House committee called it "entirely preventable"

https://www.engadget.com/2018/12/10/...x-data-breach/

Quote:
Congress clearly didn't buy Equifax's attempt to pin its massive data breach on one lone technician. The House Oversight and Government Reform Committee has released a staff report declaring that the breach was "entirely preventable" and the result of widespread, systemic flaws in Equifax's security policies. The company didn't have "clear lines of authority" in its IT structure that would have properly enacted policies, for one thing. It also had "complex and outdated" systems that didn't keep pace with its growth, wasn't prepared to help victims and made basic security missteps. Equifax let more than 300 security certificates expire, for example, making it difficult to spot intrusions.
September marked the one-year anniversary of the breach. And what was done in that year? What steps were taken to ensure it never happens again? Virtually none:

http://fortune.com/2018/09/07/equifa...r-anniversary/

Quote:
The U.S. General Accounting Office (GAO) today released a comprehensive report examining the reasons for the massive breach of personal information from Equifax one year ago today. The report covers the breach and both company and governmental actions in response since.

It breaks little new ground, but summarizes an array of errors inside the company, largely relating to a failure to use well-known security best practices and a lack of internal controls and routine security reviews.

Predictions following the breach were that regulators and consumer outrage would force major changes to the credit-reporting industry. Instead, almost nothing of substance has occurred since the unprecedented breach. Equifax’s stock took an initial hit, but it has largely recovered. It continued to receive large government contracts.
No significant changes in the company. No regulatory changes by our government wrt Equifax. THEY'RE STILL RECEIVING 'LARGE' GOVERNMENT CONTRACTS!

Equifax should have been hit with an injunction stopping them from ALL personal data trafficking until they could demonstrate significant changes, butnahh. It's business as usual.
Namath12 is offline   Reply With Quote
Old 12-11-2018, 12:24 PM   #6
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

for those not watching this House Judiciary Committee hearing at home:

the questions of the first Democratic representative dealt with privacy and security concerns

the questions of the first Republican representative were limited perceived political (anti-conservative) bias in search results
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 12:37 PM   #7
Namath12
Carpal \'Tunnel
 
Namath12's Avatar
 
Join Date: Jan 2011
Location: Slytherin Common Room
Posts: 55,346
Re: Personal Data: Privacy, Security, & You

Yes, the majority party's top priorities are always a) protect the GOP brand and b) protect corporate profits, order sometimes reversed.

This is something a CFPB with teeth could address if it hadn't been reduced to a sham mockery of a department by the current admin.
Namath12 is offline   Reply With Quote
Old 12-11-2018, 12:45 PM   #8
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

Democrat asks about Google's operations in China, particularly it's role in facilitating the suppression of opposition to the government.

Followed up by a Republican returning to the question of whether Google's search results are biased against Conservative ideology, particularly on a "by outcome" basis.
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 12:48 PM   #9
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

I don't like the CFPB solution because of the phenomenon of regulatory capture.

CFPB should be a tool/resource to help the layman secure necessary information, but the policing of this issue is compromised if relegated to any particular, central authority.
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 01:10 PM   #10
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

Taking this larger issue one step further...

VR technology is poised to take media, gaming, and education to a new level of mass appeal, and I've seen some suggestions that AR devices may become commonplace before long.

If we pop an EEG reader into the device, nascent eg, what can be gleaned about a person, their preferences/fears/etc, as response to various stimuli?

Last edited by iamnotawerewolf; 12-11-2018 at 01:15 PM.
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 01:31 PM   #11
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

downstream republicans are finally going for real issues

Poe, Marino

Poe's proposed legislation is weak AF



Senator Leahy's bill has actual teeth, but it didn't make it far past committee. This seems like a bipartisan issue, no?
iamnotawerewolf is offline   Reply With Quote
Old 12-11-2018, 10:13 PM   #12
mosdef
Carpal \'Tunnel
 
Join Date: Jan 2005
Location: Toronto
Posts: 11,256
Re: Personal Data: Privacy, Security, & You

I appreciate the idea that big companies should be doing more to protect personal information. However, a major barrier to that is the fact that for many companies of any reasonable size the horse is out of the barn. What I mean is - larger companies have been collecting, storing, sharing, processing, etc. data of their clients for years/decades. It's all over their systems, and all over devices, has been exchanged back and forth with the personal computers of employees, in all manner of encryption (mostly unencrypted). So to go to one of these companies now and say "Hey, you protect all your personal information right now, or else!" is all well and good, but those companies don't even know where all the data they have is.

I'm not talking especially about post-2000 the tech companies. This is more in relation to large companies that have been around for decades and whose person in charge of privacy until 2006 was a lawyer who needed help opening Word. Those companies will assemble committees, hire new Chief Privacy Officers, hire privacy staff, etc., but it's mostly window dressing. They will certainly do some good certainly, but there's a lot of data that is simply out of their control.
mosdef is offline   Reply With Quote
Old 12-12-2018, 01:33 AM   #13
wheatrich
Carpal \'Tunnel
 
wheatrich's Avatar
 
Join Date: Sep 2005
Posts: 18,933
Re: Personal Data: Privacy, Security, & You

everyone's favorite congressman steve king complained about iphones to the google dude.
wheatrich is offline   Reply With Quote
Old 12-12-2018, 01:34 AM   #14
wheatrich
Carpal \'Tunnel
 
wheatrich's Avatar
 
Join Date: Sep 2005
Posts: 18,933
Re: Personal Data: Privacy, Security, & You

These companies need a big fat nuke. Delete all your free apps. What a **** show.
wheatrich is offline   Reply With Quote
Old 12-12-2018, 10:22 AM   #15
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

Quote:
Originally Posted by mosdef View Post
I appreciate the idea that big companies should be doing more to protect personal information. However, a major barrier to that is the fact that for many companies of any reasonable size the horse is out of the barn. What I mean is - larger companies have been collecting, storing, sharing, processing, etc. data of their clients for years/decades. It's all over their systems, and all over devices, has been exchanged back and forth with the personal computers of employees, in all manner of encryption (mostly unencrypted). So to go to one of these companies now and say "Hey, you protect all your personal information right now, or else!" is all well and good, but those companies don't even know where all the data they have is.

I'm not talking especially about post-2000 the tech companies. This is more in relation to large companies that have been around for decades and whose person in charge of privacy until 2006 was a lawyer who needed help opening Word. Those companies will assemble committees, hire new Chief Privacy Officers, hire privacy staff, etc., but it's mostly window dressing. They will certainly do some good certainly, but there's a lot of data that is simply out of their control.
I expect this is indeed a huge problem, but I don't accept that there's just nothing we can do at this point, waaf, etc. Nor do I sympathize with the corprocrats on whom costs might be imposed to remedy the quagmire that they have needlessly, heedlessly created.

Forensic accounting is a thing; how about forensic data accounting? Absent some type of MAD scenario, our digital information age milieu isn't going anywhere anytime soon. Developing this type of field would benefit consumers and law enforcement alike.
iamnotawerewolf is offline   Reply With Quote
Old 12-14-2018, 06:06 PM   #16
mosdef
Carpal \'Tunnel
 
Join Date: Jan 2005
Location: Toronto
Posts: 11,256
Re: Personal Data: Privacy, Security, & You

Quote:
Originally Posted by iamnotawerewolf View Post
I expect this is indeed a huge problem, but I don't accept that there's just nothing we can do at this point, waaf, etc. Nor do I sympathize with the corprocrats on whom costs might be imposed to remedy the quagmire that they have needlessly, heedlessly created.

Forensic accounting is a thing; how about forensic data accounting? Absent some type of MAD scenario, our digital information age milieu isn't going anywhere anytime soon. Developing this type of field would benefit consumers and law enforcement alike.
I agree with this, I just think that solutions to the problem need to be based on the reality of the problem. I think the personal violation aspects of privacy issues might drive people toward approaches that have emotional appeal but little practical value. Like, you could threaten huge fines for data breaches but it may not stop data breaches. If everyone has little practical control over their data, and neither do their competitors, then it just becomes a cost of doing business and it will be treated like a tax, not something to fix.
mosdef is offline   Reply With Quote
Old 01-18-2019, 11:41 PM   #17
jman220
Interfectorem De Lupi
 
jman220's Avatar
 
Join Date: May 2005
Location: Under a Bridge
Posts: 12,449
Re: Personal Data: Privacy, Security, & You

Privacy is often topical and nonpartisan. Let’s discuss.
jman220 is offline   Reply With Quote
Old 01-19-2019, 02:05 PM   #18
lozen
Carpal \'Tunnel
 
lozen's Avatar
 
Join Date: Mar 2005
Posts: 14,528
Re: Personal Data: Privacy, Security, & You

Everyone wines about privacy yet gives Apple, Facebook and Amazon all their info but nope do not let the government have anything
lozen is offline   Reply With Quote
Old 01-19-2019, 03:04 PM   #19
BadBoyBenny
Carpal \'Tunnel
 
BadBoyBenny's Avatar
 
Join Date: Dec 2003
Location: Berlin
Posts: 7,798
Re: Personal Data: Privacy, Security, & You

Moved to Europe about a year ago. Feel like they have good policies with the GDPR. Internet companies already have to comply with that, why not make it a more global standard. Certainly better than say China's approach which moves in the opposite direction with social credit and the like.

With regard to the NSA spying stuff, the current administration is a shining example of why the Patriot act should be repealed. Even if you believe the federal agencies are full of ethical civil servants only going after terrorists and the like, they are one election away from having their management replaced by partisan hacks.

With regard to local police having access to this stuff, I think this is a case where lots of case law and old white guys who have n authoritarian streak or don't understand modern technology must have led to a string of bad precedents that somehow got worse and worse. If the second amendment is interpreted to mean almost all guns are legal for everyone, then IMO the 4th amendment should mean that all papers, including digital papers and digital records, are secure from warrant-less search.
BadBoyBenny is offline   Reply With Quote
Old 01-19-2019, 03:09 PM   #20
BadBoyBenny
Carpal \'Tunnel
 
BadBoyBenny's Avatar
 
Join Date: Dec 2003
Location: Berlin
Posts: 7,798
Re: Personal Data: Privacy, Security, & You

As someone now living in Germany, I understand that I could at any point email apple and facebook and google and invoke my right to be forgotten and have all my data deleted. To be honest I am also in the boat that I really don't care that they have my data because I am in a super privileged class of people, and the ads I am bombarded with all the time anyway might as well be targeted or somehow relevant to my interests but I understand that others can and should feel different and should have rights in this case.
BadBoyBenny is offline   Reply With Quote
Old 02-17-2019, 12:04 PM   #21
Strontium Dog
journeyman
 
Strontium Dog's Avatar
 
Join Date: Oct 2018
Posts: 349
Re: Personal Data: Privacy, Security, & You

Congress oversight body recommends GDPR-style privacy laws

Quote:
Tim Cook and the Senators pushing for US version of the EU's General Data Protection Regulation (GDPR) rules have found an ally in the Government Accountability Office. In a report publishing its findings for a study commissioned by the House Energy and Commerce Committee, GAO recommended establishing a comprehensive legislation on internet privacy. The bi-partisan government agency suggests putting the FTC in charge of enforcing the rules, which would be designed give people more control over their own data.
The agency wrote as a conclusion:
Quote:
Recent developments regarding Internet privacy suggest that this is an appropriate time for Congress to consider comprehensive Internet privacy legislation... Comprehensive legislation addressing Internet privacy that establishes specific standards and includes APA notice-and-comment rulemaking and first-time violation civil penalty authorities could help enhance the federal government's ability to protect consumer privacy, provide more certainty in the marketplace as companies innovate and develop new products using consumer data, and provide better assurance to consumers that their privacy will be protected.
Strontium Dog is offline   Reply With Quote
Old 02-18-2019, 03:17 AM   #22
iamnotawerewolf
Carpal \'Tunnel
 
iamnotawerewolf's Avatar
 
Join Date: Jul 2011
Location: Every change I've ever made
Posts: 27,366
Re: Personal Data: Privacy, Security, & You

Does GDPR create a private cause of action for the victims of privacy invasion/breach?

Based on the second quote, "civil penalty", it looks like there is just a fine for a violation.
iamnotawerewolf is offline   Reply With Quote

Reply
      

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Forum Jump


All times are GMT -4. The time now is 12:15 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Copyright 2008-2017, Two Plus Two Interactive
 
 
Poker Players - Streaming Live Online