That is the problem: we have nothing to hide until someone changes the law. Suddenly those things that were legal yesterday become the crimes of today.
And as their data was harvested, consumers were told: Relinquish your private data to us, it's a fine and normal thing to do, we are trustworthy corporate citizens and privacy is a concern expressed only by those who wear hats of tinfoil.
It's a good question actually. The law was on the books but not being enforced because of Roe. But then the supreme court says Roe doesn't apply and law is fine as-is. Isn't this legally different from an ex-post-facto law?
From the point of view of the company for who it is just a pot of data with no context until analysed, maybe.
It will sure seem retroactive to someone who might have acted differently so the data wouldn't be available to be handed over, if the current laws were in action at the point they could have done something to avoid the data being collected¹².
--
[1] "Generated" is too benign a word here IMO, hence using "collected" instead
[2] "inferred" might be a better choice as the data could be incorrect³ but that still seems to imply less agency than the companies have in their very deliberate stalky behaviour
I used "generated" viewed from the user, "collected" would be from the perspective of the company. I wonder whether there is a legal difference in the case of law changes, which date would be taken?
The classic form of retroactive application of laws would be if someone performed an action, the law was backdated so that action becomes illegal and the performer becomes a criminal.
In this case we're talking not about direct action as the action is implied via the data collected. So if the action was performed before the backdating of the law but the data was collected after the backdating, is the performer a criminal?
> That is the problem: we have nothing to hide until someone changes the law.
As it happens the Dutch authorities were pretty good with collecting ethnicity and confessional data in the inter-war period, then the very bad guys came along and we know what followed.
Data collection at scale and especially data centralization has always been a mistake, too bad many of the livelihoods of us here depend on exactly that.
In the US’s case I don’t think it would take an invasion to put people’s lives at risk because of innocuous (at the time) data collection on sensitive societal issues. This article is just proof of that.
The second part is true, the first part not so much. Enforcing the law creates stability, which is a good trait in and of itself, (all things considered equal otherwise about the law in question)
You have some arguments for that I'm not aware of perhaps?
Companies don't get a choice. The "out" some companies are using is to encrypt everything with keys only on the customer's device. They then provide all data they have, as ordered, on request. This, of course, does not include the encryption key. However, as far as I know essentially only Signal does it these days.
Whatsapp is famous for doing this before, and then Facebook killing this for "regulatory concerns". I don't know for sure, but the previous owner of Whatsapp and founder of Signal implied that Facebook got threatened by states into doing that.
But FB/Google/Amazon/... are the tip of the iceberg. The companies really used for "enforcing the laws" (and for using very harsh measures against individuals just to make some government department's job a little bit easier) are banks.
(note the wording here: "the IRS has full authority to". They can do this at will. This process has been used to cause problems for political opponents as well. Nobody seems to care)
Except in this case, they are doing both. To not do what you're asking (not turn over data on abortion seekers), they would be breaking the law if they received a valid warrant.
Now... They could comply with the law by not hoovering up as much data as they do, thereby becoming useless to both advertiser and law enforcement alike....
The companies profit from this data, but at this point they no longer have a choice: they have to collect the data or stop offering services in a lot of geographical areas. The point that they can avoid it by not collecting it was valid some 15 years ago, but no longer.
One of the main objections of companies is, by the way, that most governments refuse to pay the sometimes extensive development and infrastructure costs for this, instead just threatening the companies with (often illegal) measure to force their compliance.
Nothing really. Here is the list of this ethnic people you want to eliminate in conformance with the law you just passed on mandatory abortion and sterilization, oh my great overlord. Congratulations for your successful putsch by the way.
That is the problem: we have nothing to hide until someone changes the law. Suddenly those things that were legal yesterday become the crimes of today.