Now the real question is: Is it maybe actually even cheaper to buy them from these tech giants instead paying the people to do the paperwork and get a warrent?
It 100% is more tax efficient and effective than going through the judicial system for every single warrant they want to execute. Can’t blame them for that.
This is close to the real problem. If the NSA is able to buy it without a warrant, that means it’s effectively public information about you that is collected and published without your consent (regardless of what it says deep inside a privacy policy that you are forced to accept to continue). If that information is useful to the NSA, then it shouldn’t be legal for that information to be collected without benefit to the user or sold at all, aggregated or not.
Nah, it should be the default state of affairs. Data mining is stalking and theft. It centers around very poor logic and decisions.
Things like browser cookies are criminal garbage. Storing anything on a user’s computer is stalking. Draw the parallel here; if you want to shop in any local store, I want you to first tell me everything you are wearing and carrying in a way that I can tell every possible detail about it, tell where you came from before you visited this store, where you are going next. They also want to know everything you looked at, how you react to changes in items presented to you and changes in prices. They want enough information to connect you across stores based on your mode of transportation, and have enough data to connect your habits over the last two decades.
Your digital existence should not be subject to slavery either. Ownership over ourselves is a vital aspect of freedom. Privacy is about ownership and dominion. If you dislike all the digital rights management and subscription services nonsense, these exist now as a direct result of people neglecting ownership. In the big picture, this path leads all of humanity back into another age of feudalism. The only difference between a serf and a citizen is ownership over property and tools. Everything happening right now is a battle over a new age of slavery. “You will own nothing and you will be happy about it.” Eventually this turns into 'Your grandchildren will own nothing and say nothing or they will be dead about it." What you do about your privacy now will be a very big deal from the perspective of future generations.
Cookies are an important part of the internet. The misconception that cookies were added to browsers to track people is why websites that operate in Europe are always bothering you about necessary cookies. You’re talking about third-party cookies and analytics tools, which don’t even need cookies at all to track exactly what you’re doing on a single site. Without cookies (or cookies reimplemented using client-side storage APIs instead of regular cookies), websites cannot keep you logged in or remember what you have in your shopping cart or any sort of preferences you have set.
At least in the US, don’t assume that local stores aren’t collecting the same information using cameras and credit card numbers and device trackers (eg if the store has free wifi, which sections of the store are wifi client devices in?).
Cookies are not needed. They are shifting the security onto the user. Secure the information on the server just like any other business. Offloading onto the client is wrong. It leads to ambiguity and abuses. Visiting a store and a business on the internet are no different. My presence gives no right to my person, searches, or tracking in the location or outside of it. Intentions are worthless. The only thing that matters is what is possible and practiced. Every loophole is exploited and should be mitigated. The data storage and coding practices must change.
The security is still implemented on the server. When you log in, most sites issue a cookie or otherwise store in the browser an authentication token. Subsequent requests provide that token so the server knows it’s still you. If the cookie is not persisted across tabs or browser sessions, every time you visit the site you must log in again (there are ways to make browsers do this if you really want to). If you didn’t allow even temporary client-side storage while on the page, most of the internet just wouldn’t work.
From experience, GDPR and CCPA requests are taken very seriously at large tech companies at least, since they’re the most likely ones to be audited or monitored for compliance.
The smaller ones might not care as much, especially if they don’t have a major presence in jurisdictions that have such laws.
However, this article is about data brokers (companies like Acxiom). I’m not sure if those companies properly handle CCPA requests at they’re kinda sketchy.
Note that they’re buying data from data brokers - companies like Acxiom, Epsilon Data Management, CoreLogic, Equifax Information Services, etc. These companies are primarily in the business of collecting data and selling it.
They’re not buying data from companies like Google and Facebook. Those companies don’t actually sell your data; they sell ads that are targeted using the data.
I feel like Ars left out the end of the title: “…with your tax dollars.”
I guess it was implied though.
Now the real question is: Is it maybe actually even cheaper to buy them from these tech giants instead paying the people to do the paperwork and get a warrent?
Because that would be sad af
It 100% is more tax efficient and effective than going through the judicial system for every single warrant they want to execute. Can’t blame them for that.
Need to make selling aggregated personal information illegal.
This is close to the real problem. If the NSA is able to buy it without a warrant, that means it’s effectively public information about you that is collected and published without your consent (regardless of what it says deep inside a privacy policy that you are forced to accept to continue). If that information is useful to the NSA, then it shouldn’t be legal for that information to be collected without benefit to the user or sold at all, aggregated or not.
Sure, just do what California did via the CCPA and CPRA.
You can opt out of that party selling your data.
Nah, it should be the default state of affairs. Data mining is stalking and theft. It centers around very poor logic and decisions.
Things like browser cookies are criminal garbage. Storing anything on a user’s computer is stalking. Draw the parallel here; if you want to shop in any local store, I want you to first tell me everything you are wearing and carrying in a way that I can tell every possible detail about it, tell where you came from before you visited this store, where you are going next. They also want to know everything you looked at, how you react to changes in items presented to you and changes in prices. They want enough information to connect you across stores based on your mode of transportation, and have enough data to connect your habits over the last two decades.
Your digital existence should not be subject to slavery either. Ownership over ourselves is a vital aspect of freedom. Privacy is about ownership and dominion. If you dislike all the digital rights management and subscription services nonsense, these exist now as a direct result of people neglecting ownership. In the big picture, this path leads all of humanity back into another age of feudalism. The only difference between a serf and a citizen is ownership over property and tools. Everything happening right now is a battle over a new age of slavery. “You will own nothing and you will be happy about it.” Eventually this turns into 'Your grandchildren will own nothing and say nothing or they will be dead about it." What you do about your privacy now will be a very big deal from the perspective of future generations.
Cookies are an important part of the internet. The misconception that cookies were added to browsers to track people is why websites that operate in Europe are always bothering you about necessary cookies. You’re talking about third-party cookies and analytics tools, which don’t even need cookies at all to track exactly what you’re doing on a single site. Without cookies (or cookies reimplemented using client-side storage APIs instead of regular cookies), websites cannot keep you logged in or remember what you have in your shopping cart or any sort of preferences you have set.
At least in the US, don’t assume that local stores aren’t collecting the same information using cameras and credit card numbers and device trackers (eg if the store has free wifi, which sections of the store are wifi client devices in?).
You don’t need to get consent for necessary cookies.
Cookies are not needed. They are shifting the security onto the user. Secure the information on the server just like any other business. Offloading onto the client is wrong. It leads to ambiguity and abuses. Visiting a store and a business on the internet are no different. My presence gives no right to my person, searches, or tracking in the location or outside of it. Intentions are worthless. The only thing that matters is what is possible and practiced. Every loophole is exploited and should be mitigated. The data storage and coding practices must change.
The security is still implemented on the server. When you log in, most sites issue a cookie or otherwise store in the browser an authentication token. Subsequent requests provide that token so the server knows it’s still you. If the cookie is not persisted across tabs or browser sessions, every time you visit the site you must log in again (there are ways to make browsers do this if you really want to). If you didn’t allow even temporary client-side storage while on the page, most of the internet just wouldn’t work.
Great take!
We’re still trying to figure out if that actually does anything.
From experience, GDPR and CCPA requests are taken very seriously at large tech companies at least, since they’re the most likely ones to be audited or monitored for compliance.
The smaller ones might not care as much, especially if they don’t have a major presence in jurisdictions that have such laws.
However, this article is about data brokers (companies like Acxiom). I’m not sure if those companies properly handle CCPA requests at they’re kinda sketchy.
How do we opt out?
Sure I can. This isn’t Oceania. We have a process for a reason.
Note that they’re buying data from data brokers - companies like Acxiom, Epsilon Data Management, CoreLogic, Equifax Information Services, etc. These companies are primarily in the business of collecting data and selling it.
They’re not buying data from companies like Google and Facebook. Those companies don’t actually sell your data; they sell ads that are targeted using the data.