More regulation won't help here, because the regulation-maker is itself the hostile party.
What would help is full control over the supply chain. Hardware that you own, free and open-source operating systems where no single person is the bottleneck to distribution, and free software that again has no single person who is a failure point and no way to control its distribution.
It's easy to paint the big gov as bad, but this is a case where unfortunately the populace seems to be in agreement with the big bad gov. While most US citizens support encryption, 76% or so, the vast majority 63% also favor government "backdoor" access for national security reasons.
I guess either we believe in democracy or we don't. It could be said that if Veracrypt isn't/can't be backdoor'd, perhaps the gov is simply implementing the will of the people :( via Microsoft.
We're in an interesting spot here and the tension is tangible.
WASHINGTON, DC—Assuming that there must be a good reason for the order, U.S. citizens lined up at elementary schools and community centers across the nation Monday for government-mandated fingerprinting. “I’m not exactly sure what this is all about,” said Ft. Smith, AR, resident Meredith Lovell while waiting in line. “But given all the crazy stuff that’s going on these days, I’m sure the government has a very good reason.” Said Amos Hawkins, a Rockford, IL, delivery driver: “I guess this is another thing they have to do to ensure our freedom.”
(source: The Onion, October 9, 2002[1])
[1] https://theonion.com/american-people-shrug-line-up-for-finge...
There are legitimate reasons for governments to intercept information, with the correct oversight -- enforced legally in an "checks and balances" manner. The fact that there is a breakdown of trust between government and people won't be solved with more encryption.
If in a democratic society, the majority agrees that government should have backdoors (with the correct oversight). Then it follows that Veracrypt should be illegal as its use is not in alignment with the will of the majority.
I personally don't agree with the majority here but can you fault the logic?
In the U.S. in particular, there's strong respect for individual rights enshrined in the Constitution, and a key role of the judicial branch is ensuring that those rights are respected regardless of what the majority thinks. The majority cannot enslave the minority, for example, regardless of what the legislature votes. Nor can it deprive it of speech or free assembly, or guns, or a right to trial by jury.
if only it were so simple
aka leave it to the experts because the majority isn't qualified to make such decisions.
Don't do math that way! That math is illegal! Good boys and girls don't keep secrets!
These people sound ridiculous
Could this be the one exceptional case where people agree with the direction of policymaking? Sure. Is that likely? No, not really.
Also “there is no appeal possible” should be plain illegal.
There’s no apparent mechanism to do so. Support was clueless. The privacy email address responded weeks later with ��“not out department”.
"I'm doing it wrong and it doesn't work" means you're doing it wrong, not that it doesn't work.
And https://www.facebook.com/help/contact/178402648024363 doesn't work either. Black hole, as far as I can determine.
Their chatbot, when asked, sends you to https://help.meta.com/support/privacy/ and says:
> To submit a GDPR objection request on Facebook, you can use the Privacy Rights Request channel.
> Select Facebook as the product you want to submit an objection about.
> Choose the option "How can I object to the use of my information" and follow the instructions.
But that option doesn't exist.
"In addition to the information referred to in paragraph 1, the controller shall, at the time when personal data are obtained, provide the data subject with the following further information necessary to ensure fair and transparent processing: the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject."
EDPB Guidelines on automated decision making: https://ec.europa.eu/newsroom/article29/items/612053 especially page 25 is relevant
C‑634/21 is also somewhat relevant to understand how courts have applied ADM in general context of credit reporting https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A... though it didn't specify what information actually needs to provided for 13(2)(f).
I don’t know the number. But personally I think using the services and ‘simply’ only use them if the disappearance isn’t catastrophic and have the price be low or free while it works isn’t too bad a trade-off.
Admittedly that’s a big ‘if.’
If this requirement was in place they would be a bit more careful about terminating accounts because the cost equation would incentivize it. Maybe they would be more careful in their automation or require more than one level of human review before cutting off access.
These companies are gatekeepers for their platform. It isn’t crazy to require them to act more responsibly.
Start worrying about the erosion of your rights as a consumer.
For instance I don't think to this day it is possible to operate a Mastodon server and be compliant with GPDR and the UK online safety Act. There was the famous case of LFGSS forum about to shut down due to the former, the forum was kind of saved by a group of individuals willing to take the risk but the founder stepped down from fear of legal risks.
There hasn't been home raided and servers and personal computers seized yet but that doesn't mean it can't happen and technically any EU or UK volunteer hosting some forums or open source based social media that isn't GPDR or online safety act compliant could be at risk. For most I believe it is not that they don't want to be compliant but they aren't aware of that and/or don't have the technical means without further development on the software they are using and despite them not abiding to their own user rights, most of their users would be more sad to see them shutdown than the current status of not obeying the law.
It wouldn't. For example, before Gmail, email was often free or nearly free (bundled with your internet service), but in most cases, you could talk to a human if you had issues with the service.
What we couldn't do is turn these business models into planetary-scale behemoths that rake in hundreds of billions of dollars in revenue. In essence, you couldn't have Google or Facebook with good customer support. I'm not here to argue that Google or Facebook are a net negative, but the trade-offs here are different from what you describe.
The contrasting approach, where one designs a platform that remains secure even if the owner is allowed to run whatever software they like, may be more complex but is overall much better. There aren’t many personal-use systems like this, but systems like AWS take this approach and generally do quite well with it.
There's a lot that one can gripe about Amazon as a company about, but credit where credit is due -- their inversion of responsibility is game-changing.
You see this around the company, back to their "Accept returns without question" days of mail order.
Most critically, this inversion turns customer experience problems (it's the customer's problem) into Amazon problems.
Which turns fixing them into Amazon's responsibility.
Want return rates to go down because the blanket approval is costing the company too much money? Amazon should fix that problem.
Too often companies (coughGoogleMicrosoftMetacough) set up feedback loops where the company is insulated from customer pain... and then everyone is surprised when the company doesn't allocate resources to fix the underlying issue.
If false positive account bans were required to be remediated manually by the same team who owned automated banning, we'd likely see different corporate response.
"Financially, it was a year of record performance. Revenue was $281.7 billion, up 15 percent. Operating income grew 17 percent to $128.5 billion." https://www.microsoft.com/investor/reports/ar25/index.html
So don't be so naive to tell us that 1-2 additional people to handle the appeal process is anything but rounding error in their balance sheet.
Do not discount complete, total, utter, profound fucking incompetence as the driving reason behind this.
Getting the business verification was an astounding shitshow. With a registered C corp and everything, massively unclear instructions, UI nestled in a partner site with tons of dead ends. And then even after all the docs, it took another week because -- in an action that nobody could possibly have ever foreseen -- we had two different microsoft accounts due to a cofounder buying ONE LICENSE of O365 for excel and doing domain verification because it suggested it.