@aral Interesting - but how do you enforce (1) - obliging data to be held only locally if it can be?

All code to be open source so individuals can check it and sue? Or certification/licencing red tape to validate all software before anyone is allowed to share it?

@pperrin @aral unfortunately I think 1 is unenforceable even so, as it can be easily circumvented by an invented feature (that nobody asked for) which "needs" that data.

And 2 looks like it will end up banning stuff like "aggregating locations to calculate traffic congestion“, which can be done ethically but requires anonymous but unencrypted location data.

You can allow anonymous uses but then you're opening an elephant-sized loophole.

@qwazix @aral

Indeed.

I'd much rather give google my public key and 'require' all the data it saves regarding me to be encrypted with that key and the original destroyed.

(ditto all other central services)

If they want access to my data, I will authorise on a case by case basis... maybe.

I can always access my data - but to pass it to others it would have to be decrypted with my private key, encrypted with their public key and passed to them...

Either party can kill the agreement at any time.

@pperrin @aral that sounds like a workable solution. It requires to teach people what a public key is and stop that nonsense "if there's a padlock it's secure" bullshit. Let everyone see garbled stuff and decrypt them, make it real.

Follow

@qwazix @aral if you have trust in 'government' to enforce good behaviour then you just need a box to tick to say if only you, or you and the service provider have access to your data.

Googles location history stuff is great in many ways for the person who was being tracked --- the issue is who has access to that data... I don't want my data deleted, I just want it to be private. The internet can 'forget me', but I still want access to the memory.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!

We adhere to an adapted version of the TootCat Code of Conduct and follow the Toot Café list of blocked instances. Ash is the admin and is supported by Fuzzface, Brian!, and Daniel Glus as moderators.

Hosting costs are largely covered by our generous supporters on Patreon – thanks for all the help!