We do take security seriously and we're not doing anything dodgy.
We have business reasons for collecting user data, and users have no real reason to tell us to delete it at will, other than the fact that it makes them feel "creeped out".
The future is probably going to be super creepy. If you want to participate, get over it.
So lets unpick this. You think you're not doing anything dodgy with your users personal information. However you feel that their information is your information and users have absolutely 'no real reason to tell us to delete it' (apart from, you know, it being their information). Then you top it off by taking a screeching right turn and saying 'future is going to be creepy ... get over it'.
Riiiight. You sound like the perfect person to be handing my personal information and I would trust you to take full care of it.
There is an epidemic of snark in the overall conversation about GDPR. I'm sure I have my biases and blind spots, but the majority seems to come from the same direction as the comment you are replying to.
It's not "their" information. It's information about them. I collected it and stored in my servers that I'm paying for, and that makes it my information. Your laws may say differently, but practicality wins here.
Do your users know what information you collect, and what for? If they don't, you're being creepy. Here's the same thing taken to a logical extreme:
"I shoot this sex tape myself with my camera, climbed my tree on lawn, zoomed with my long focus lens, stored it in my computer. It's my data. If they don't like it, they should have pulled their curtain."
There must be a threshold somewhere. When does it stops being acceptable, and starts being creepy?
I'm pretty sure in my country (France), only the police may peep through windows with optical instruments. The work of a private investigator you speak of may very well be illegal, assuming the investigator is not an on duty police officer.
Public places are one thing (he entered this building with that woman at this hour). Looking through private property is another.
Under Canadian Law (which you are subject to, according to your profile) and you're liable if you decide to snoop on a specific persons data, or misuse it in a way that they didn't intend. So, it doesn't seem to be completely your information.
> Your laws may say differently
Sure, Canadian laws in this area are very scattered and backwards. I wouldn't put that forward as a good thing though, or use it as a pretense to not bother protecting or managing your users PII.
Here is the thing: my email and personal info is mine. And if you are using my info to provide me your service that is also ok - I will rent that to you. And give you my CC#.
But if I do not use your service, then I want that you delete all my personal data. Why is that so hard?
But is knowledge of your email address yours? Do you expect to control all knowledge? What action do you take when someone accidentally CCs another party when they should’ve BCC’ed, and your address is leaked?
There are pieces of information that are particularly problematic for other parties to know. An email address is not one of those things.
Retaining email addresses doesn’t necessarily suggest deliberate misuse (or even accidental misuse), however. Unless you’re of the opinion that retaining it after, say, account closure/deactivation, is itself misuse.
I’d take a big issue to an organization storing a social security number or something of that nature, because its leak would represent a significant risk, but email addresses are fairly disposable items that we only voluntarily attach to ourselves to.
But more times than not it does. Since there's a long history of companies doing bad stuff, you definitely don't deserve the benefit of the doubt on this one.
there is also a long history of people giving up their personal data to get some (overall) irrelevant service and then being surprised when their data is missused...
Yes, but how much of that can be attributed to the service not adequately explaining what they are collecting and how they are using it to the users upfront, in a format that non-lawyers can understand?
It is genuinely fascinating to me how different people can feel about things. I get enraged when my "government" tells me what I can and can't do with my body/money/time. If I want to snort coke all day, what business of theirs is it as long as I'm not infringing on others' rights? Likewise, if I want to give my data to a super sketchy website, why shouldn't I be able to?
Obviously it's "safer" to let others make rules and force us inside the fence to keep us sheep away from the dangerous wolves out there. I do understand that perspective to some extent. However I would never trade my freedom for security. The former is not easy to regain.
Except they're not taking freedom away from users, they're taking freedom away from corporations. Freedom that many corporations have been abusing. This is a key difference in perspective.
Your example where you "want to give your data away to a sketchy website" is not in any way representative of reality when a) the website is as ubiquitous as for instance FB, and thus in no way perceived as sketchy, and b) the user makes no conscious decision to consent (let alone "wants it").
I think you have a decent point there, but the comment I replied to literally said:
> Hoping you've blocked access to the EU so I don't happen across it :)
Being glad that he doesn't have the freedom to use the site, thanks to a government law (whether a side-effect of the law or a direct effect is irrelevant, because the law brought it out just the same).
I suspect it's more in teh sense of a "Don't let the door hit you on the way out..." retort.
That is, if you're offering such a service that exploits users for their data, then I would never want to use it, so it might as well be blocked, for all I care.
Maybe even desirable if it was, so you don't come across it by mistake and sign up without doing proper diligence.
Freedom of choice is nice, but there's an argument that putting rat-poison in food products isn't ok, even if you label it on the package.
The government also prohibits you from accepting a job offer for less than minimum wage, and the general consensus is that this gives workers more power.
The government isn't the only source of power and coercion; private companies are too. A lot of these regulations are the one countering the other.
Your premise is flawed: if it was true that without government, companies would just carelessly or intentionally poison us all (not a good way to gain repeat customers btw) then I would agree with you. But obviously I disagree with your premise.
The Jungle is a widely misunderstood book. For one, it's fiction [1] [2] [3].
The milk scandal is interesting tho. I don't disagree that there are people/companies out there that are horrible human beings (or run by horrible human beings), but these are exceptions. There is also a market-based recourse for consumers. Lawsuits and liability is a big deterrent for example. It's also illegal to harm someone (as it should be) so jail time for the offenders is quite possible without having enormous and onerous regulations. And haven't you noticed that it's the giant companies that often push regulation? Because it raises barriers to entry for competitors. Big companies have the resources they need. Using the government to hurt your competitors is one of the oldest traditions in countries with governments big enough and powerful enough to do so.
And they got the crap sued out of them. The lying is the problem IMHO. People know what they're getting now, but millions still choose to smoke. And why shouldn't they be able to?
Companies are careless and malicious despite government and customers actions.
* XIX century wants it's snake oil back
* Didn't hear about China and melamine milk scandal?
* Would you buy food from Amazon if it was co-mingled in current way?
* VW emission scandal
It is easy to be freetard when you do not get diarrhea every so often due to food that was "optimized" (like in XIX century ;)
We have business reasons for collecting user data, and users have no real reason to tell us to delete it at will, other than the fact that it makes them feel "creeped out".
The future is probably going to be super creepy. If you want to participate, get over it.