[adev_]

> . I don't create new accounts, I never cross-login with my email address

I honestly tend to think this is the only viable long term strategy.

Let's face it: In a truly global internet where every single forum or website is hosted in a different country with a different jurisdiction, hoping that every single actor will act responsibly is just delusional.

It is not what we see. It is not happening and it is not going to happen.

Individual need to have right to online privacy.

That's means the right to get proxy email address, proxy phone number, proxy physical address and even proxy identity (first name/family name).

The sooner the governments will accept that, the better.

If done right, it is not incompatible with a system where identities can be reconstructed by the authorities for legal actions.

If nothing is done, scams and blackmails will continue to spread like bushfire and proxies anonymity will happen anyway outside of any control.

[cortesoft]

Is the alternative just accepting that my data is out there? Even if I never used any online service, there are databases out there with my information anyway.

Just figure anything online that you aren't securing yourself is compromised. Minimize the effect that has on your life. Identify theft is annoying, but it rarely has severe effects.

You will have to go out of your way to be truly anonymous online, and it might be impossible if you aren't tech savvy enough. Otherwise, just assume everything you do online is public and act accordingly.

[adev_]

> Identify theft is annoying, but it rarely has severe effects.

I disagree. It has already severe effects.

- The fact we are facing so many data leaks made easy for malicious agent to cross and mix data sources and setup much more evolved and convincing scam scheme.

It is now trivial to get name, address, birthday and phone number from a data leak and crossed check that with the login id (email) used for lets say, a financial service and setup a convincing phone scam on that.

Many dubious actors are already doing that. One acquaintance of mine (working in ITsec ironically) got trapped by this exact scheme last week.

- It is trivial to harvest data leaks for online telemarketing, robot calls and any other abusing commercial practices.

- We are heading to a situation where any wierdo or/and stalker with a bit of tech knowhow can rather trivially extract a physical address out of an online profile. That is a giant opened door for harassment and physical insecurity for the most vulnerable of us.

Thats not just "nerd concerns" and the strategy "everything you do online is public" does not work. Many website will request my personal physical address for trivial matters like billing or delivery. That can not under any mean be considered public data.

[ElFitz]

> Many website will request my personal physical address for trivial matters like billing or delivery.

Some will even require it for no actual reason at all.

Do I need to give my living address when I buy a sandwich? Then why would I need to when buying an online service?

Similarly, fast foods nearly all have these automated kiosques. They don’t need any info. So why do they require an email address when ordering to the table through the app, while in the restaurant?

They don’t need them. They just demand them because they can and everyone online is used to giving them without a second thought.

I can’t wait for personal data to become digital radioactive waste.

[SoftTalker]

> name, address, birthday and phone number

None of these things have historically been considered private information. There's zero reason that knowledge of any or all of this should be considered adequate or even relevant to proving identity.

[zahlman]

> Many website will request my personal physical address for trivial matters like billing or delivery. That can not under any mean be considered public data.

I just don't buy things online, and avoid anyone having my physical address that way.

Sadly, the ubiquity of terrible 2FA means at least some companies have my phone number, though.

[parable]

> Otherwise, just assume everything you do online is public and act accordingly.

This is such a depressing reality. It's also what governments want you to believe. If you aren't able to speak your mind about anything anonymously, then you won't be able to, say, spread ideas that go against them.

Admitting defeat at all and not even trying to teach people about privacy results in the "I don't care, what's the point?" attitude that plagues many people today.

[cortesoft]

So what is the alternative? I don't feel like there is a legislative fix, so what else can we do?

[AnthonyMouse]

> If done right, it is not incompatible with a system where identities can be reconstructed by the authorities for legal actions.

Doing it right is exactly the thing that makes this impossible. If instead you give everyone a unique barcode that every other pseudonym can be tied back to, do you really think that database will never be breached? It would become the prime target for all attackers in the world.

Meanwhile reconstructing "identities" is the least valuable thing to doing law enforcement well, because the first thing criminals will do is use someone else's identity, and then tying something to the wrong identity isn't just useless, it's actively counterproductive. The thing you need is not centralized identity but proper investigations that can tie some activity to the person pulling the strings regardless of whose name they're using.

The thing centralized identity does is precisely the opposite -- it leads you to person associated with a name, often the wrong person. You want to get the person offering to do murder for hire to think they have a contract and show up somewhere you can arrest them regardless of whether you know their name, not to convict the person whose identity they stole.

[adev_]

> Doing it right is exactly the thing that makes this impossible. [...] do you really think that database will never be breached? It would become the prime target for all attackers in the world.

Critical data is always better in the hand of a few (trustable) than in the hands of many.

That is currently the exact reason why you are using Paypal instead of giving your credit card number to everybody.

That is the exact reason why you are using a password manager.

A lot about security is about who you trust, and for how long.

[AnthonyMouse]

> Critical data is always better in the hand of a few (trustable) than in the hands of many.

Centralizing identity so that your ID number becomes "crucial data" is worse than not doing this so that the "crucial data" doesn't exist. This is the natural conclusion of your own logic -- having it in the hands of zero entities is better than having it in the hands of one.

Case in point:

> That is currently the exact reason why you are using Paypal instead of giving your credit card number to everybody.

The reason this is happening is that credit cards use the card number as a secret, which is insane.

Imagine a payment system that works like this: The merchant gives the client a request for payment, which is only the amount of the bill and the deposit routing number of the merchant -- specifically a number that can only be used to make deposits, not withdrawals. The buyer's device, using a standard protocol, then tells the buyer's bank to transfer that amount of money to the merchant. The buyer's device receives a random UUID for the transaction from their own bank and provides the UUID to the merchant.

First, notice that this would be extremely decentralized. All you need is for each financial institution to use its own prefix in its routing numbers and then the centralization is strictly to prevent different financial institutions from using the same routing prefix as one another and publish the entirely non-secret mapping from routing prefixes to depository institutions.

Second, notice that the merchant receives no information about the buyer. All they get is a random UUID that allows them to confirm with their own financial institution that the bill was paid and there is now money in their account, and even their financial institution only knows the UUID and which financial institution transferred the money to them, not which individual.

If the only thing the intermediary could discover is which bank you use and absolutely nothing that could allow them to steal your money, who needs Paypal? The fact that it doesn't work like that is the scam.

[SoftTalker]

I don't use Paypal. My credit cards protect me from fraud. And it rarely happens. In fact it's been well over a decade since I had a fraudulent charge on any of my payment cards. Funny how when there's motivation, protection happens.

[adev_]

> My credit cards protect me from fraud.

Your credit card protect you against nothing. Reimbursement in case of fraud is not fraud protection, it is just bare minimal customer service.

In fact, the first thing your bank will do when your credit card number has been leaked and was used for a fraud... is to replace your credit card.

Because they know that, when the number is in the wild, it will happen again. The system is inherently insecure in case of dataleak.

Visa and Mastercard spent decades and millions constructing systems like "3D secure" supposed to protect again that by enforcing external authentication factors. But since the system is not enforced in every country, it is still a problem today.

[zrobotics]

I'm not trying to be snarky, but it sounds like you have never had to implement an online payment system directly using a merchant account. If you've only used something like Stripe, there's a lot of requirements and compliance that the card companies do that has been abstracted away.

Visa & Mastercard have pretty singularly forced online payments to the level of security they are currently at. PCI compliance is pretty much solely driven by the card companies. If your payment details leak then yes, they want to issue you a new card. Half of that is making the customer feel better, but the other half is that the secrets need to be rotated since they've been exposed. SSH keys aren't vulnerable if generated properly, but if you expose the private key then the key needs rotated.

If you actually follow PCI compliance standards, there is no way to leak a customer's full payment details that I'm aware of. You could still leak other PII, but card # and CVC are something you can't access even with admin privileges on your recurring billing app.

So the card companies do quite a lot to protect against fraud and make people comfortable using their cards for online purchases. They just do this by requiring merchants to follow specific minimum practices. I'm not trying to glaze them, there is more they could do; and they do this to protect their bottom line. But fraud charges cost them a lot of money, and their interests align with consumers in this case to prevent fraud as much as they can.