Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

With reasonable verification, anyone confirmed to be a part of this breach should be given access to the data, if only for good will. It's a sad state to see that the recklessness (or incompetence) of one entity, and at that a private one, can quickly become a domino in a chain that ends in toppling a person's privacy.

They advertise themselves as having the most accurate data (why wouldn't they advertise themselves this way?) If so, the people it affects have a right to know, and it seems that they have the means to contact them and let them know.



With GDPR that would be your legal right.


... if you are European resident.


Correction: if you are physically present in the EU


Just as medical tourism is a thing, are we going to see privacy tourism emerge as an option? Tour operators can start offering packages...

"The sights of Paris and a personal information purge from the 100 largest US collectors"


Is physical presence the only requirement to be considered a resident? I thought you had to be a resident in the EU.


It's not considering you a resident. The GDPR reads much closer to a declaration of a human right. For example:

Recital 14 - "The processing of personal data is designed to serve man; the principles and rules on the protection of individuals with regard to the processing of their personal data should, whatever the nationality or residence of natural persons, respect their fundamental rights and freedoms, notably their right to the protection of personal data"

Article 3 (2) - "This Regulation applies to the processing of personal data of data subjects who are in the Union"

This hasn't been tested, and each member state could prosecute differently, but it was certainly discussed and then structured in such a way to be a fundamental truth, and in my non-legal opinion (based mainly just on having read the majority of it) it would be interpreted as such by EU courts (ie, not member state courts)


"anyone confirmed to be a part of this breach should be given access to the data"

but how would they ever get the contact information for all of those people? surely that's private information....

oh... right ಠ_ಠ


Much more than just personal privacy. When CEOs, politicians, judges and generals use the internet too do you really want to be the guy/a company that gives them that call? The incentives are all messed up.


The only real strategy is to totally pollute the information with false and erroneous information, while also setting up ways to prevent tracking and fingerprinting and associating. I am somewhat surprised that someone has not yet really emerged as having developed a business model around assuring privacy. It could be dedicated routers with firewalls and built in VPN that also mask device names, combined with browsers and extensions that intentionally pollute browsing history and fingerprinting data, and sends bogus queries and also allows you to set policies for cookies in a little more user friendly manner to only retain specific cookies of specific domains, etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: