(www.thecentersquare.com)
Why the right to opt-out, instead of requiring sale of data to be opt-in?
I’m not sure how this stuff happens on the backend, but if I sign up for something and there is an opt-out page buried somewhere, I assume they’ve already sold my data by the time I can get to the opt-out page. I still make a best effort, but once it’s sold, it’s really too late. There needs to be an option to never sell it in the first place.
It's so annoying. No means no, not "pester me later"!
You have to then go into settings -> icloud and disable the main one and then like 30 individual ones.
There should be a big toggle at the top that says "Disable All Cloud Backups" they can feel free to throw in a warning.
If you aren’t using iCloud for any of this, why use it at all? I believe you can still use an iPhone without an iCloud account, can’t you? Without any cloud sync, I’m not sure what the value is, just sign out.
I’m sure you’d lose the ability to download apps, but most of those are also using iCloud to sync data.
For what it’s worth, Apple seems fairly decent about not opting users in to new stuff. When they released Messages syncing via iCloud, I had to explicitly turn it on for my various devices. The same was true for several other things.
Nope, You have to have an apple account tied to a physical phone number or you can't sign in on the device or use it at all and they opt you in to the 5GB free plan and yes, the 30 sliders is apps but that doesn't alter the fact that I want to be asked before they exfiltrate my data, technology should exist to serve the user and part of that (at least in my opinion) is respecting privacy.
Yes you can sign out and you can untoggle the boxes but that is rather my point, it's opt out not opt in.
I don't want default exfiltration of data from my devices to a faceless American corporation without that been my choice.
> Bill sponsors Rep. Brad Paquette, R-Niles, and Sen. John Cherry, D-Flint, are now working with advocacy groups on potential replacement legislation, according to the MFEI.
Well, we might as well be realistic - none of us have had any privacy for a very, very long time. It's just that our governments can't quite yet use it against us the way they'd like to without revealing the scope. The goal here is really just to add some additional plausibility when our privacy _is_ violated.
Remember, the panopticon observed people who were in a prison.
Regulatory capture is real.
If we have to live in a panopticon I think access to the data should be available to everyone. That eliminates the power imbalance and/or makes the idea of the thing distasteful to powerful people who might actually try to restore privacy and eliminate the panopticon.
Being able to accurately articulate a position one doesn't possess themselves is necessary to effectively countering it.
So that's where we are now? "If we have to live in the torture nexus, let's at least make it equitable"
But I think the latter factor wins out, so we should just oppose obviously bad things in a non-clever fashion.
I have no power to stop what's happening. I might as well make the best of it for myself and my family, and hope it becomes so bad that people who actually do have the power to stop it do something about it. Maybe it'll rise to the level that enough individual citizens will call out for change, but I continue to be amazed at what people will put up with in the name of convenience, continuation of their lifestyle, and, as it relates specifically to surveillance capitalism, shiny digital doodads and baubles that bring them temporary joy.
Capital being speech in the US, since I'm not a billionaire I have very little influence.
I have optimism and hope for people doing good things locally, but absolutely no hope large-scale problems will ever be fixed. I feel like the US political system experienced some phase change in the last 50 years, has "solidified", and is now completely unable to do anything meaningful at scale. The New Deal couldn't happen today. The interstate highway system couldn't happen today. The Affordable Care Act started off as a watered-down, weakened version of what it could have been (because anything more radical would never have passed), and the private interests have had 20 years to chip away at it, sculpting it into a driver of revenue. Heck, we can't even build mass public transit at the level of cities.
Private capital, meanwhile, soldiers on accomplishing its goals in spite of (or because of) our political gridlock.
I'd love to feel differently.
This is not being pushed by private companies. There is no money in it. It is being pushed by governments, and those governments use those private companies as (willing) vehicles to do things that it is illegal for them to do directly. And it is not being pushed by the democratic portions of governments, which have been minimized and weakened to the point of invisibility. None of this makes it to the ballot, "both" sides support it.
Since the turn of the millennium, all powers have been pushed to the Executive, in every Western country. And the Executive wouldn't be the Executive if he/she weren't completely compromised. Governing with 20% of the support of the public is the norm now in Western governments and institutions. If more than 20% of people support you, you're a "populist dictator."
Sam Altman owns an identity verification company for example.
Even on Hacker News, threads about children and social media or short form video will draw a lot of comments supporting harsh age restrictions, including an alarming number of extremist comments in favor banning under-18s from using the internet or phones.
It’s not until the discussion turns to implantation details that the sentiment swings firm negative. The average comment in favor of age restrictions hasn’t thought through what it would mean, they only assume that some mechanism will exist that only impacts children and/or sites they don’t care about.
As soon as the implantation details come out and everyone realizes that you can’t restrict children without first verifying everyone’s age or that “social media” includes Discord and other services they use, the outrage starts.
We’re now entering the phases where everyone realizes that these calls to action have consequences for everyone because there is no easy solution that automatically only impacts children.
I think there should be age restrictions. I prefer to do it in a privacy-preserving way. But I’m also not happy about conditioning the former on the existence of the latter.
The call to ban children from social media seemed like it was coming loudest from tech people - like HN users.
How did they think this was going to work?
Do not try and derail this thread with facts about vaccines!
There is popular fury against the big tech companies for harming our children. That makes it politically advantageous to put forward solutions. Electeds are responding to that incentive.
Tech privacy “advocates” are notoriously useless at civic engagement, so most of the time I assume the electeds had nobody to talk to other than parents’ groups, who are going to pick the simplest solution to put to pen: the companies have liability to age gate.
They need to pay a service provider to have the capability to do bad things (or be exposed to bad things)
Why can't we just ask/compel the service provider to identify these people (or block the bad things).
For any politician the line of thinking will be something like that. It comes off as incredibly long hanging fruit that would have broad positive impact for the whole of society. Like the apple in the garden of eden, just walk over, take a bite, and you'll be a political hero without having to do much work at all.
Isn't that basically what's happening? Service providers, such as Discord recently for example, are asking for identification to prove users are of a certain age. If you punish service providers for providing services to minors then they will need to do age verification.
In addition there are more services, such as social media, becoming age-gated.
The enforcement hurts the sensibilities of people like us on hackernews but it's common sense to a lot of people. We live in very polarizing times, but as you've noted, it has bipartisan support. The easiest explanation is the hackernews-friendly take of lack of enforcement mechanisms is the more radical one.
Personally I think it's a bit sad but inevitable. The laws are just catching up. And there will absolutely be some good coming from it, such as holding companies liable for breaking the law.
Now the claw is closing, and government and big tech are combining. We're either going to let this tiny inbred elite track, monitor and rule every portion of our lives, or we're not. There are no solutions through government, and there are no technical solutions.
Right now you should be buying more computers than you need and datahoarding.
It is disrespectful that they can pretend with a straight face that they've suddenly discovered privacy concerns. The people who pay them started by priming them with the best arguments and lines that their "media" guys could come up with to dismiss those concerns and to paint the people bringing them up as Chinese terrorist pedophiles. They probably just figured out that they need to wait after the midterms, eliminate a few people and get a few others in, then they could get it passed attached to something else. While they're consciously planning, we're simply reacting and ascribing to ignorance and incompetence what is far better explained by malice.
The entire purpose of these laws is to destroy privacy. It isn't churches and puritans lobbying for them. There's no visible constituency lobbying for this, just a bunch of people who have been softened into going "well, if it helps..."
People need to ask themselves who's getting this stuff done? There are so many things that 70-80% of the electorate are loudly clamoring for that can't even get acknowledged by anyone in power or in the mainstream media, but this stuff gets passed?
The laws typically don't require them to check ID but instead punish them for selling to minors. You then have several major differences from the online case:
In a physical store where they're neither de facto nor de jure required to check your ID when you're clearly an adult, many of them then don't. There is no feasible way to do the same thing on the internet so instead it effectively becomes requirement to ID everyone, which is different.
In a physical store the clerk can already see your face and hear your voice. It's already hard to be anonymous while interacting in person. A law that compromises anonymity in a context where it was already compromised is different than a law that compromises it in a context where it wasn't.
In a physical store, someone who checks your ID is a human being. They're probably not even going to remember you, are just a store clerk even if they do, and you can see if they try to photocopy your ID or similar and refuse to allow it. Or, you may have a human relationship with that person and trust them not to share your identity with their employer or anyone else. For an online service it's a computer operated by a corporation, and then there is no way for you to tell they're not storing the information, which they have a perverse incentive to do so they can tie all of your future and past interactions with them to your ID. This results in a much stronger chilling effect.
Moreover, a lot of these laws predate the sort of databases that now exist. If someone started making surveillance cameras that could undetectably read the barcode from your government ID if you took it out anywhere in the store and then record it in a database to associate with your activity, your typical defense from that would be to not take it out while you're in the store. At which point a government mandate to show them your ID would have different implications than it did in 1975, which could affect its constitutionality.
1) Not true. The burden is on the seller to verify age. Sure, they can try to do it visually but if they fail they are still liable.
2) Even if true, nothing changes in a legal sense if they lose the ability to informally verify age because thats not a legal right of the consumer. It's just an incidental feature of buying in store which some people value. There may be a difference there, but its not a legal one.
3) Texas law didn't mandate age verification by ID specifically.
Note that this is not what I said. You overgeneralized it - I will assume without bad intention. The question is if it's illegal to require porn companies to verify the age of their users.
> Can you let us know what your source is?
The Free Speech Coalition and Kagan, Sotomayor, and Jackson of the Supreme Court, to start. That was their minority opinion in the suit filed against Texas for requiring online porn companies to verify the age of users. The plaintiff argued it was a violation of the first amendment - it is a common argument.
https://www.scotusblog.com/2025/06/court-allows-texas-law-on...
The argument against the legality of these laws has always been highly suspect. There is a common sentiment that these laws are not good - but when pressed to explain why they aren't legal you get crazy arguments like this, that it violates the first amendment.
The claim made by some is that its illegal to require porn companies to do age verification due to the first amendment. It's really the only legal theory I've seen that supports the claim that the Texas law and others are unconstitutional. The rest just amounts to "it's bad so they should rule against Texas and others."
If his comment was based on some different understanding lets state it so we can clarify, but I think I already have. Of course its not illegal to ask someone's age on the internet. Is that truly what you believed I was saying?
"We recognise you are attempting to access this website from a country belonging to the European Economic Area (EEA) including the EU which enforces the General Data Protection Regulation (GDPR) and therefore cannot grant you access at this time. For any issues, e-mail us at info@franklinnews.org or call us at (847) 497-5230."
This is extremely funny given it's an article about privacy concerns :)
I like being covered by gdpr. Though I really cannot see any country's gdpr peops taking anyone in the US to court. A very simple "Fuck you" (along the lines of The Pirate Bay) would end any legal conversations. It would be different if the news organisation had an office in the EU. Anyway, i have a vpn, so....
Are they going after money they have in the UK or are they delusional enough to think they can successfully fine a company with no ties to the UK?
We await the larger rodent.
More accurately, "we do not have the staff or funds to figure out what every single random law around the globe requires of us, and since foreign countries are not a realistic advertising market for a local Michigan newspaper, there's really no reason for us to try."
It probably wasn't worth the effort to block foreign countries just from random unnecessary compute cost to serve a site to them, but when those countries start being serious about penalties you could face for serving their residents? Now it's justifiable to block non-US countries.
After all, using a VPN doesn't absolve companies of the GDPR.
Every site that gdpr-blocks itself is saying that they intend to extract value from your data and they don't want to tell you how.
Sometimes if you're just one person and the EU isn't a core market and you are a small business or non-profit, it's easier to just say, ok you know what, no thanks to all this for now.
Also not a "European law" by any measure or understanding, that's a international organization that does police cooperation across the continent (and further), it isn't even a law enforcement agency... Not exactly sure how you could confuse that with laws, but here we are.
This may be true for in house ads, but there are ad networks that already are able to personalize ads and have ad inventory for such foreign countries.
Anyways, it sounds like a win-win here, they get to not care, and we get to be rejected with clear reasons why, so again, benefits all around.
The data download and removal side of GDPR seems useful for more "entrenched" use cases where you have an account and a long history on a service but... fly-by website visits should not be this heavily regulated. Blocking cookies and scripts is trivial.
If you look at it through an equity angle, needing extensions relegates the negative effects to those that are already not "well off" — the technologically illiterate who don't know what to do or know someone who does.
They refuse to allow visitors to visit their website without taking, processing and selling their data and letting those visitors know that this is happening. That they outright block me instead of doing those anyways, clearly is a good thing and in my benefit.