[kardos]

That's a really hard battle to fight, even for those of us who understand the full implications. The entire population is not going to drop facebook overnight, it does deliver some sort of value to them despite it's heavy privacy price.

I'm beginning to believe that the answer is to simply devalue all that information. We can do it in some contexts on the technical side, for example, rotating passwords devalues stolen credentials, virtual credit cards, random MAC for wireless scanning, etc.

So how far can we push this? If you got into my email, but 90% of the messages there were generated by AI and 10% are legit, can you accurately profile me?

To get a little more on topic, how close do you think we are to 3D printers that can print a mask of your face? Once that happens, will the value of these "face recognisers" drop off a bit?

[btown]

For your point about face recognition, this art project may be of interest to you: https://cvdazzle.com/

A very interesting idea that email privacy might realistically turn into a steganography problem - how do you make it so the real content is indistinguishable from fake content, and given that this is imperfect, make it so that all but the most sophisticated attackers wouldn't be able to tell that a hidden message even exists?

[kardos]

That sounds a lot like security by obscurity, one blog post later and the world can distinguish the two.

Cvdazzle is unlikey to be the answer, it's just today's CAPTCHA to slow down face recognition, tomorrow's recognition will cut through that

We need a more radical solution to devalue our private information. Consider by analogy cell phones: IMEI blacklists (in theory) fundamentally devalue stealing phones. What can we do that fundamentally makes assembling troves of personal information useless? Poisoning it with plausible garbage might be part of the answer. Also the answer /might/ be regulatory. HIPAA has teeth, we could add something else with teeth. Or perhaps an insurance-driven approach: if holding personal information was a big liability in the event of a leak, it would be prudent to keep as little as possible.

[pavel_lishin]

> if holding personal information was a big liability in the event of a leak, it would be prudent to keep as little as possible.

But this kills the social network, and the cloud photo app, and a lot of other businesses.

edit: nevermind, I think I misunderstood the suggestion. kardos's reply makes a lot of sense.

[kardos]

Not at all. People can opt-in and send their own photos, holding that data would be kosher. Holding photos of those who did not opt in, or those who explicitly opted out, would be where the liability comes in.

If we can penalize people for possessing some kinds of data (pirated software, movies, etc) in the name of defending someone else's copyright, or for not decrypting things, it can also be done in defence of personal privacy.

[tomc1985]

Good!

Or perhaps it would result in only the companies that need that data actually holding it, and doing so with care. I would love to see a big nasty liability poison pill attached to PII

[axx]

I have hope that this will change. Because more and more people live a fake life on social media.

Some people go crazy and share everything, but more and more people share less[^1] and if they share something, it's only something that holds together their "clean image".

1: http://www.theverge.com/2016/4/7/11387604/facebook-personal-...

[kardos]

Sure, that's a good sign, but it's still undone by someone else who posts a photo or recording of you. If I recall correctly, facebook used to (maybe still does) solicit users to "report" anybody who is not using their real name on the site. When will facebook start soliciting/rewarding users for uploading photos of others? How much does that guy in your class value your personal privacy?

[bduerst]

I think is more phobia about technology than an actual problem.

I get that this is a radical view on HN, but when topics like this come up, it's always slippery slopes and fantastic nightmare scenarios (like 3D printing your face). I feel like we're in the 1980's debating over how to handle traffic laws for our flying cars in 2010 just because someone built one.

[kardos]

> it's always slippery slopes and fantastic nightmare scenarios

It already is a nightmare scenario for some [1]. How bad should we let things get before we try to fix them?

[1] https://news.ycombinator.com/item?id=11721600

[bduerst]

That HN comment you linked to is _still_ just a nightmare scenario.

If you read the article, you would see that they are lying about what happened. Even your question, based on incorrect information, is implying a slippery slope.

[DougN7]

Once the nightmare scenario arrives though, it's usually too late to do anything about it. Look how impossibly hard it is to stop the NSA from gathering all of the network traffic. I wouldn't doubt for a second that Kim Jung would use this against protesters (if North Koreans had social networking). Just this morning I heard on NPR about a group working on genetic modifications to make half-human, half-animal beings, apparently for organ harvest reasons. However you feel about that, nipping things in the bud is so much easier than trying to reverse history.

[bduerst]

Right, same with every other "sky is falling" argument.

The PRISM dark fiber exploit has since been blocked by most tech companies, and honestly, you're more likely to be negatively affected by slipping in your shower or a car accident. Doesn't mean don't be aware, it just means you don't need to wear a tinfoil hat. Or worry about hypothetical nightmare scenarios.

[parhurst]

What makes you think they are lying? Our view on the downsides of technology might be biased because we are (often, unless you're a moderator or a victim) sheltered from them[1]. [1] http://www.theverge.com/2016/4/13/11387934/internet-moderato... Edit: grammar

[bduerst]

They lied about persecution of gays and sex workers. The article was about a small group created to raise awareness about face recognition by trying to identify porn actresses, before closing entirely. Hardly a nightmare made real.

I'm also not sure how YouTube mods from 10+ years ago are relevant in a discussion about tech advancement. If anything, the automation of child porn detection since is proof that technology keeps up and prevents nightmare scenarios.

Also, why create the new account to question?

[dclowd9901]

You don't need to drop Facebook -- just turn privacy settings so that your face can't be identified publicly or beyond 1 degree of connection. People should know how to do at least that.

[germanier]

That doesn't really help if Facebook is in it - and let's be honest, what stops them from mining the photos set to "private"?

[nitrogen]

Your main profile picture is always public, as is your cover photo, so you will have to use a picture that doesn't identify you, which may be confusing to your friends.