I’d say a little yes and a little no. I educate every new user that comes into my company on infosec awareness, with a big segment on data footprint and information leakage. I show them where their data is, how easily and with how many ‘channel partners’ share social, history and other data, and where they’ve been exposed in real time. I’ve done this with a few thousand people. The overwhelming majority say: “I’ve got nothing to hide.” Or: “if I get better deals, it’s fine.” not getting that by being tracked they’re probably getting worse deals.
For the “nothing to hide” folks, I ask to see their wallet or purse. They’re all scoffs and brave mugs initially as they show how unafraid they are as I start rummaging through at the front of the class. Then I start pulling out cards and ID. And they’re still OK as I glance around the room. Then I pull out my phone and tuem my back - then a lot of nervous shifting in seats starts happening as I look over my shoulder while taking pictures of the floor with the shutter sound turned on. That’s the point where I ask if they truly have nothing worth protecting.
And at the end of all that - after setting up and teaching them how to use the comped corporate password manager, 80% still make passwords that they’ve used before. THE SAME DAMN MORNING as these exercises.
I don’t think people care. And they certainly don’t know. But they don’t want to be bothered by the nuance of it all. It’s just too much, which is why we need a congress with a goddamned backbone to pass some legislation with teeth to protect customer’s data.
I agree that people can’t learn everything about every market. But what people care to learn about and pay attention to counts for something.
Imagine your friends are trying to decide on a place to eat. You suggest a very healthy restaurant where all the food is listed with ingredients and their source farms. But then someone says, “Eh, I wanna save money. Let’s do Taco Bell.” You explain that that’s an objectively worse decision. That food health is really important. That in the long run, eating unhealthy actually costs more in medical bills. But they decided to go to Taco Bell.
Putting your foot down and demanding the healthy option might objectively be the “right” choice. But in reality, they’ll just get Taco Bell on their own time and resent you for taking their choice away. People have to be presented with the information and decide for themselves or they’ll just resent the institution enforcing the choice.
My analogy makes it clearer to highlight a point. But you’re right that Honda wouldn’t shut down if these regulations are passed. But It could be that the companies they’re partnering with are giving them a cheaper rate on infotainment systems for a cut of the data that’s collected. If we made Honda produce two Civics. One that steals your data and one that is just $200 more expensive, then we fully educate people on why the more expensive version is better. And then they STILL chose the cheap data miner. Then taking that option away with regulation is wrong. I might not agree with consumers here. But the reality is that they might just not agree with us about what’s important. Enforcing a choice because we “know better” isn’t right.
If the majority of people come together to push a regulation because it’s something we don’t even want to consider when purchasing electronics, then great. I’m just not sure that’s the case. And I think we get into trouble jumping to regulation on every issue because often what people say they want, isn’t really what they want.
deleted by creator
I’d say a little yes and a little no. I educate every new user that comes into my company on infosec awareness, with a big segment on data footprint and information leakage. I show them where their data is, how easily and with how many ‘channel partners’ share social, history and other data, and where they’ve been exposed in real time. I’ve done this with a few thousand people. The overwhelming majority say: “I’ve got nothing to hide.” Or: “if I get better deals, it’s fine.” not getting that by being tracked they’re probably getting worse deals.
For the “nothing to hide” folks, I ask to see their wallet or purse. They’re all scoffs and brave mugs initially as they show how unafraid they are as I start rummaging through at the front of the class. Then I start pulling out cards and ID. And they’re still OK as I glance around the room. Then I pull out my phone and tuem my back - then a lot of nervous shifting in seats starts happening as I look over my shoulder while taking pictures of the floor with the shutter sound turned on. That’s the point where I ask if they truly have nothing worth protecting.
And at the end of all that - after setting up and teaching them how to use the comped corporate password manager, 80% still make passwords that they’ve used before. THE SAME DAMN MORNING as these exercises.
I don’t think people care. And they certainly don’t know. But they don’t want to be bothered by the nuance of it all. It’s just too much, which is why we need a congress with a goddamned backbone to pass some legislation with teeth to protect customer’s data.
Did you just read the last sentence? Lol. AFTER proper education about the risks of lack of data privacy, if they still don’t care then so be it.
The thing is, nobody can be educated on everything. It’s impossible.
Nobody can know every part of a supply chain, how every aspect of everything they buy is made or how it works or the ramifications of all of that.
It is impossible for a person to do this stuff.
This is why regulations need to be part of the equation.
I agree that people can’t learn everything about every market. But what people care to learn about and pay attention to counts for something.
Imagine your friends are trying to decide on a place to eat. You suggest a very healthy restaurant where all the food is listed with ingredients and their source farms. But then someone says, “Eh, I wanna save money. Let’s do Taco Bell.” You explain that that’s an objectively worse decision. That food health is really important. That in the long run, eating unhealthy actually costs more in medical bills. But they decided to go to Taco Bell.
Putting your foot down and demanding the healthy option might objectively be the “right” choice. But in reality, they’ll just get Taco Bell on their own time and resent you for taking their choice away. People have to be presented with the information and decide for themselves or they’ll just resent the institution enforcing the choice.
But people’s choice won’t be taken away. Honda will still exist even if they have to abide by stricter privacy laws.
My analogy makes it clearer to highlight a point. But you’re right that Honda wouldn’t shut down if these regulations are passed. But It could be that the companies they’re partnering with are giving them a cheaper rate on infotainment systems for a cut of the data that’s collected. If we made Honda produce two Civics. One that steals your data and one that is just $200 more expensive, then we fully educate people on why the more expensive version is better. And then they STILL chose the cheap data miner. Then taking that option away with regulation is wrong. I might not agree with consumers here. But the reality is that they might just not agree with us about what’s important. Enforcing a choice because we “know better” isn’t right.
If the majority of people come together to push a regulation because it’s something we don’t even want to consider when purchasing electronics, then great. I’m just not sure that’s the case. And I think we get into trouble jumping to regulation on every issue because often what people say they want, isn’t really what they want.