[jnsie]

^ This

I am going to make a weird, but IMHO apt, comparison to Type 1 Diabetes. T1D is an attritional disease caused by the pancreas's inability to produce enough/any insulin and the list of complications is long and deadly. As someone who has lived with the disease for decades what makes the disease particularly insidious is immediate effort versus delayed impact. The disease affects everything...every single part of every single day. Eating, sleeping, exercising, traveling, finances...everything. And to be on top of everything is extremely effortful. However the impact of not taking enough insulin, of not checking blood sugars frequently enough, or living with high blood sugars, is delayed. Today's transgressions may not be punished for decades. It is no shock to read about poor therapy adherence when the effort is immediate (and constant) and the effect is delayed (and therefore hypothetical). I see the same issue - immediate and constant effort coupled with long term hypothetical effect - with protecting one's privacy. Obviously one should do the right thing. But many won't.

[radarsat1]

This is an incredibly insightful point of view for understanding people around me on this topic. And maybe a useful analogy for talking about it. Thank you.

[lisper]

Climate change is another area where this analogy is apt.

[scottLobster]

The key issue in your analogy being that we know T1D will actually have long-term consequences if left untreated. We don't yet know the cost of "lack of privacy". Part of me wonders if privacy advocates will be on the same level as doomsday preppers in a few decades, at least in the Democratic world. It's not that they were wrong to prepare for nuclear war given the information available during the Cold War, it's just that it never happened so their efforts were largely wasted.

To use myself as an example: I've had a gmail account since it was invite-only. Was on facebook as soon as it was available to high schoolers. So over 15 years now for both (although I'm basically off facebook at this point because it sucks now, I maintain a skeleton account to use the Marketplace). I've had an android phone for 6 years, used a "free" discount brokerage for years, etc, file my taxes with Turbotax, and use any number of services (including credit cards themselves) that likely sell my data in some form.

Any hard privacy-based damages have yet to materialize beyond a couple of stolen credit card numbers that were easily dealt with.

Now what's the "therapy" for all this?

1. Thoroughly examine the terms and conditions of any service/software I sign up for and actively avoid those who state they'll sell my data, and re-review said terms and conditions every time they're updated, canceling services when/if the terms turn malicious.

That point alone could be a career unto itself.

2. Run an adblocker which will inevitably break some sites and have to be periodically turned off

3. Run a Pi-Hole on a local router

4. Run anti-browser-fingerprinting extensions

5. Use a VPN to obfuscate location data

6. Switch from Android to Apple (and even Apple isn't perfect)

7. Avoid all social media

8. ...

There's an endless list of technical partial solutions that may or may not add up to any real difference, but will definitely consume hundreds or thousands of hours of time in set-up and maintenance and reserach, thousands of dollars in fees over the long haul if using paid services. Plus the daily grind of dealing with non-homogeneous and often 2nd-rate alternative tools because there isn't much money in privacy. All to prepare for a threat that may never materialize and hasn't materialized at all in the over 15 years people have been warning me about the issue.

I drink beer, wine and cider on the weekends. Yes I'm well aware that marginally increases my odds of getting cancer/other nastiness over decades. I don't care, I judge the increased risk negligible compared to the worth of enjoyment/socializing. Privacy falls into that same category for now. I tried using GnuCash to track my finances over privacy concerns. It won't connect to my bank for some reason, spent hours troubleshooting the issue, researching obscure bank communication protocols to no end. Maybe I could have figured it out, but Mint.com works with everything down to my power and gas utilities, was completely set up in less than 30 minutes.

I'd like Privacy, but I think people sneer at the word "convenience" more than they should. Convenience means I get time back, the one resource we all definitely have a finite amount of. And maybe there will be some great privacy crisis some day, in the same sense that there may be nuclear war. I'm not building a fallout shelter any time soon, I've got better things to do.

[bentcorner]

> Part of me wonders if privacy advocates will be on the same level as doomsday preppers in a few decades, at least in the Democratic world

Related is the fact that people making waves about privacy now have actually made a difference, and even if we're not in a "100% privacy" world, maybe it's good enough.

Reminds me of Y2K. Consumers at the time heard it was a big deal, and then nothing happened. But industry fixed a ton of things that were broken before Y2K so that nothing major did happen.

[jnsie]

I agree with your points and think "convenience" is an oft misused term in this context. It is "inconvenient" for me to go downstairs to pick up my Uber Eats delivery. It is nothing short of toil to do the multitude of things required to guard privacy/kidneys.

I'll add, with regard to T1D, that I am fortunate enough to have an endocrinologist who is effectively an expert tasked with staying up to date with the science and facilitating the best outcomes for me, the patient. I am not sure if there is a parallel when it comes to privacy. Sure, there are orgs out there that will take your money and provide you with solutions that claim to guard privacy but it's difficult to confirm their intent and capability. My endo works in a regulated environment with statutes to guard against kickbacks and other bad behavior and has little incentive for malevolence.

[FalconSensei]

Also, with T1D we have ways to actually knowing your 'score'. A1C and time in range are good? Urine tests are good? Nice.

With privacy, how do I know my 'privacy score'? It's way more difficulty to do any 'health checkup', compare to how you were 6 months before and plan around known risks for the future

[jnsie]

Excellent point!

[fsflover]

Electronic Frontier Foundation is one such privacy-helping nonprofit one can trust.

[THATthereguy]

Wow, this is a really good analogy. Sad, but true.