| If you clicked the link and found the amount of information they have on your surprising, and now feel a bit violated, then good; you should. You'll probably try to do a bit of research and try to figure out how to opt out of all this and protect yourself. And you should. But you shouldn't just stop there. Many of the people who are reading this right now are responsible for designing and implementing systems that collect massive amounts of data. I implore you to not just think about your own privacy moving forward, but the privacy of your users. Security and privacy should be two of your top level concerns when designing systems, not just tack-ons. Simply hating of Google/Facebook/$$$Corp for invading your privacy and not doing anything to rememdy the general poor state of privacy in the modern connected world when you have the power to do so is hypocritical. Next time you're given a project that has PII and the security user story gets deprioritized, raise it as an issue. Aside from being the right thing to do, many places, such as Canada and California, are looking at GDPR-like regulations. So it makes sense to do it now instead of later. And if you're going to argue that it's hard, and it's time consuming, and you're a startup just trying to get on their feet so you can't be bothered, then consider that you may be part of the reason we find ourselves in this sorry state. /rant |