I enjoyed reaching the gist of your meaning: Legislation needs to be written.
So let’s hope that can happen.
Agreed. The first step I think is education, letting people know the value, pointing out that it is a pandemic problem that affects everyone, then convincing politicians that they are being robbed too. If a lawmaker thinks they’re a victim, then they might actually pull their finger out.
And on a personal level, what have you heard about people who intentionally make their data useless?
This has been my strategy.
I do that to some degree, with some things. Like with captcha, I play a game of getting things wrong, but just enough to get through. Not every attempt though, I want it to still think I’m a human that’s smarter than the machine, then when I think it’s giving me a genuine training screen I spoil it.
I don’t use cash as much as I maybe should, I prefer it in some regards, but contactless card purchases are just so easy. I’ve never used Google or Apple Pay, though, but that’s more because I run custom firmware. Also, I’ve since learned that when you use your phone to pay it’s the equivalent to chip and PIN. You are authorising the transaction and taking responsibility for it, whereas if you use a contactless debit/credit card it is processed as “cardholder not present”, whereby the seller assumes more responsibility if you dispute it. This method of transaction isn’t new, it’s how catalogue or telephone purchases were always done, as well as online purchases. But if you use your card with chip and PIN, or if you use your phone, you will have a much harder time disputing any transaction.
Have you heard much about this strategy? How might it work if everyone used it? Generally thoughts for how we can defy their machine and protect ourselves?
In terms of user data protection, really I think the cat is long since out of the bag. There’s no putting it back in - and in many ways we shouldn’t, as data is useful and has benefits to society. I think it should go either one of two ways:
Allow businesses to continue their free data collection, but force them to make the raw data public. Any processing they do can be private, but the raw data doesn’t belong to them.
Have businesses start paying the data subject for their data.
In the meantime, one way a user can limit their data collection using restrictive privacy browsing settings. For my personal PC’s, I not only run uBlock Origin but also uMatrix - a deprecated extension made by the same author. This has similar funcionality to uBlock Origin when you set it to author mode, where it can selectively block different domains, but uMatrix presents it as a matrix which also allows you to select the type of content as well as domains. By default, it blocks all 3rd party frames, audio/video media, scripts, XHR, and “other”, so quite often it leaves websites broken on first load, but then I pick through and enable the bare minimum of content to get it working. This isn’t for everyone, of course, as it can be a hassle sometimes - particularly with payment processors which are all done on multiple 3rd party servers. However, it does highlight to me how endemic Google are with captcha, even when it doesn’t give you a captcha prompt. I can’t log into some of my online banking without enabling connections to Google, which is sickening. This is an example of what uMatrix looks like:
The extension doesn’t get updates anymore, so my lists are out of date compared to uBlock Origin. I’m pretty sure I could update them manually, but since I run uBO as well I don’t really feel the need. I’ve tried running just uMatrix, but uBO has its own array of special lists and without those YouTube ad blocking doesn’t work.