[GauntletWizard]

How about we learn to deal with the fact that they're not storing data that is yours in the sense of ownership, but only in the sense that it's about you? They're not storing data for no reason; They are storing data their customers have provided for the purposes of contacting you. They are storing data about you for the people who, like it or not, you shared your data with.

The nasty 90s database-dump sharing is over; Companies hoard this data and consider it their private treasure, not to mention the nasty and ill-considered privacy laws that have already sprung up around sharing it. Facebook is not selling your info to marketers; They are selling your eyeballs to marketers if you use the service, and using your data to better target it. For all the egregious offenses that Facebook is guilty of, this is not an offense.

I have the right to a little black book. I have a right to a diary that calls you names. I have a right to free speech, and sometimes your name is on my lips.

[smokeyj]

> I have a right to free speech, and sometimes your name is on my lips.

Except most people don't understand how cookies or like buttons track their behavior. To assume otherwise is disingenuous. The result is the equivalent of bugging someone's car with a GPS tracker and claiming they opted in by virtue of using your parking garage.

[vidarh]

> I have the right to a little black book. I have a right to a diary that calls you names.

Yes, you do [1], and that's not relevant to any of these discussions, as it's not been challenged.

> I have a right to free speech, and sometimes your name is on my lips.

If you are speaking as a private individual or you are publishing an article in a newspaper, yes, there are very few limits to your speech in the EU as long as you're not slandering someone.

But if you are operating as a business and telling another company details about me that can be used to identify me, then your rights are strictly limited in the EU, as the right to privacy is seen to trump the right of commercial speech.

[1] With a caveat: If you are using your "little black book" to support commercial activities such as sales, it may be considered a relevant filing system subject to data protection rules in at least some EU countries. But a personal address book would not be affected.

[dogecoinbase]

I have a right to free speech...

Not in Europe. Another overly self-important piece of parallel structure prose ruined by Americocentrism!

[vonklaus]

just to add to your point, even before global internet coverage, information ownership was murky.

range, permanence and ease of distribution are much diferent but, take for example, a picture.

if 2 people are in a picture taken by a third party, to what extent can any person excert ownership over that "data".

the photographer, or either of the subjects. I am all for privacy, but I would find it hard to make a compelling case for the above scenario that could be absolute, and applied uniformly.

[Silhouette]

Expectations of privacy and data protection are going to have to evolve to keep up with technology.

To some extent, that means recognising that some actions enabled by new technology may be reasonable even if they involve personal data being collected, used, or passed on.

In other cases, that means recognising that new technologies pose new threats to privacy and things we could let by before because they posed no real threat are no longer as harmless and therefore potentially no longer as socially acceptable.

For example, I find the idea that you lose any expectation of any sort of privacy the moment you step outside your front door naive and dangerous, but people often claim this is reasonable in privacy debates based on an argument along the lines that anyone could see you walking down the street and it's always been that way.

Personally, I do see a few small differences between walking past someone who doesn't know you from Adam and will forget you within seconds and going for a walk in the view of a comprehensive network of cameras and microphones that allow unknown parties to remotely and systematically observe your every move and sound while you're out, along with those of everyone else nearby, subject you all to gait and voice analysis to identify you and infer information about your mood, interests and relationships, correlate that data with data about you from other sources, record everything permanently, and make it easy to search for information about you and everyone else who went out that day in order to make decisions about arbitrary and unknown criteria from what to offer you as an insurance premium next year to how to embarrass you out of running for office at the next election.

Clearly there is going to be a scale with many of these issues and we will need to find a socially acceptable balance and set reasonable expectations accordingly. It's also pretty clear that damage is being done by the dramatic erosion of privacy in the digital age because so far the capabilities of new technologies have far out-stripped the social and regulatory debates around it. Unfortunately, a big part of the problem is that many people have little idea of what is happening with personal data about them and even less understanding of the potential consequences unless they've been the unlucky one who really was a victim of, say, identity theft. Consequently the opinion polls tend to show most people not being that bothered by organisations like Facebook, even though when fully informed or after widely reported leaks with many victims potentially affected you tend to see quite different opinions being expressed.

[Silhouette]

How about we learn to deal with the fact that they're not storing data that is yours in the sense of ownership, but only in the sense that it's about you?

We have learned to deal with it. In Europe, we have for the most part decided that allowing large organisations to compile personal data without either the data subject's consent or some other acceptable reason is not a good thing, and we have passed laws that forbid it.

I have the right to a little black book.

Sure you do, but in Europe you don't have the automatic right to keep personal data about me and millions of other people in it, and if you do then we might punish you for it.

I have a right to free speech, and sometimes your name is on my lips.

Not in Europe, you don't. In fact, legally speaking you don't have that absolute right anywhere else in the world that I know about either.

[gradys]

> They are storing data about you for the people who, like it or not, you shared your data with.

Exactly.

I'll add that on a technical level, you aren't being tracked like a hunter would track prey; your machine is being periodically asked to provide identifying information, and you have it configured to automatically comply.

I get that most consumers of the web don't understand this, but it is the truth.

This is what I find vexing about the EU cookie disclaimer law. Every individual website owner has to add a message to their site letting you know that they are going to request that your browser store some information on their behalf.

It makes me think about all of the manhours that could have been saved if the law had instead required major browser vendors to include a feature enabled by default that would prompt the user before storing cookies.

[unabridged]

>It makes me think about all of the manhours that could have been saved if the law had instead required major browser vendors to include a feature enabled by default that would prompt the user before storing cookies.

You only need a disclaimer for a permanent cookie, which should only be used when you are logged into an account (and the disclaimer could just be part of the ToS when you create the account). I blame the websites for using permanent cookies when session cookies or no cookies would do the job.

[cpeterso]

> your machine is being periodically asked to provide identifying information, and you have it configured to automatically comply.

That is true for cookies, but trackers also use active and passive fingerprinting that does not provide a way to configure whether your machine automatically "provides identifying information".