[formatkaka]

A question:

What is privacy issue exactly about ? I see regular posts on HN about it. Is it about storing user-data on my end or sharing the user-data with third party or not taking the user consent.

P.S. - Trying to understand the root cause because I work with a startup building SAAS and would like to avoid such mistakes.

[claudius]

All of these.

Do not store user data on your end unless you absolutely have to.

Do not give user data to third parties unless you absolutely have to.

Do not do anything without the user explicitly or implicitly consenting to it.

Example: You have to momentarily store the users IP address in order to serve their request for a website. Remove the IP address as soon as you served their request, because you don’t absolutely need it any more.

Example: You have to hand user data over to your ISP (and their ISP etc) in order to serve their request for a website. Do not hand this data over to Facebook, Google, your mum or anybody else, because you don’t absolutely need to.

Example: If someone is visiting your website, it is fair to assume implicit consent to the above two bits. However, if you provide a service where they can store data on your server (e.g. Dropbox), you should inform the user on how the data is stored so that they can sensibly consent to this (or not). So if you’re storing data unencrypted, inform the user that this is the case. If you’re storing data in your mum’s basement, inform the user that this is the case. If you’re storing data in some country with strange laws, inform the user that this is the case.

[formatkaka]

To make the product better, we require information about how the user interacts with it.

What about if we:

1. Save data anonymously. OR 2. If we have to save some data, we give them an option to access what we have saved. something like 'Data Settings'.

[claudius]

1) Ask the user if they consent. If they don’t, let them continue using the product and do not collect any data. Make both the "Yes, I consent" and the "No, I do not consent" buttons equally large.

2) If they do consent, consider every individual part of data you save. Do not save complete user sessions, instead, before doing anything, decide what you want to test, which information you require to do so and then save only this information. E.g. (using the example elsewhere) if you want to check how long people stay on individual pages, collect a signal on each page how long the user stayed on this page (and nothing else).

3) Anonymize the data as quickly as possible. For the example above, do not store data for each user how long they stayed on each page. Instead, have one counter per page which is incremented by the time the user stayed on the page (and the individual time subsequently immediately discarded). This way you can still figure out which pages are left early but you cannot tie this data to any individual user.

4) If you want to look at individual user sessions, pay people to use the website while you stand behind them (physically), do not collect data from random customers.

[nightcracker]

3. Ask

[cr1895]

Maybe a good place to start:

https://ico.org.uk/for-organisations/guide-to-data-protectio...

[ImaCake]

Mostly its because of what they (as in advertisers and platforms that display ads and take data) can do with that data once they have it. They can figure out if you're moving house, suddenly interested in a new hobby, pregnant, or emotionally unstable and thus more vulnerable to suggestion. Once they have statistically guessed at these possibilities, "advertisers" can target you through social media platforms and google ads. They can try and nudge you at just the right moment, many people will be unaffected, but the advertiser hopes enough will be nudged into buying something, voting differently, or otherwise changing behaviour to get good bang for their buck.

[tremon]

Privacy is a question of agency. Who is in control of a person's intimate data? Who gets to determine which data is intimate? Who gets to determine which personal data is shared with whom? So far, the industry's response to these questions has always been an implicit "we, the masters". The current debate about online privacy is a (much overdue) challenge to those implicit assumptions.

So in principle, it is not about storing user-data nor is it about sharing that data. It is about determining who has the moral right to act on what data. And in order to have that debate on those moral rights, people need to know what happens wuth their online traces. As long as what really happens is shrouded in secrecy, legalese, or click-through patterns, there can be no meaningful debate.