| > Are there other rationales? Yes. The fundamental issue is the total lack of respect for the user's consent. People usually have no problem with volunteering personal information that is relevant to whatever activity they're trying to accomplish. For example, a company will need people's addresses in order to ship products to them. This is a voluntary, explicit and respectful process: consumers willingly and knowingly give the company copies of the information they need to perform the service and the company uses that information only for its intended purpose and absolutely nothing else. The problem we face today is that businesses are collecting massive amounts of personal information indiscriminately, invisibly and without true consent. Web browsers hemorrhage personal information without them even asking and there's no way to stop it. Companies make apps that mine people's phones for every last bit of data they can get their hands on. Web sites put up annoying little banners saying they collect data and call it informed consent even though there's no way to say no. They bury some clauses in a terms of service nobody reads and say the user agreed to it by continuing to use site even though cookies were set and fingerprinting was performed on the very first visit before the user could possibly have known about much less read the contract. Not only that, the information is being abused to do things people don't actually want. When people give a company their email addresses, they assume they will receive messages that are actually important. What happens is the company thinks it has every right to spam people with marketing and advertising emails or sell their data to other very interested parties. People give a company their phone numbers and next thing they know they're getting marketing calls they never asked for and can't opt out of. And then there's the security issues. If someone has information about people in a database, there's always a chance it can be leaked even if every precaution is taken. The potential for harm is significant. Data should be considered a liability for companies. Knowing things about people should cost them money. They should have ample incentive to collect as little data as possible, limit the scope and frequency of the use of whatever data they collect as much as possible and delete that information as soon as it is no longer needed. What's happening today is the complete opposite of that: companies are collecting as much data as possible, keeping it forever and using it for whatever makes them the most money regardless of people's wishes. These examples are relatively benign but the potential for harm is always there. What if companies start buying up personal information and using the data to profile and exclude candidates? No doubt information such as browsing history would condemn a huge number of people. What if companies find a way to deanonymize that data and link it to candidates? |