Quote from: _MT_ on November 19, 2020, 11:38:02
Quote from: vertigo on November 18, 2020, 18:03:38
IMO, IP address should absolutely be considering personal, since it gives your approximate location and can be used in combination with other data to determine your identity and to build a profile on you.
...
As an interesting side note, which would be humorous if it weren't so sad, is that when I search Big Sur to see if it is for x86 (didn't look too deep, but it does appear it is), the first result was from Apple, which says "macOS Big Sur elevates Mac to a new level of power and beauty with a refined new design, major app updates, and more transparency around your privacy" (emphasis added). /smh
This has been going on for years. The problem, the change with Big Sur, if I understand it correctly, is that user level firewall can no longer block system level processes (which includes trustd). And the same is true for VPN. User level VPN software cannot shove traffic from system level processes into the tunnel. Those processes have to cooperate on their own. And yes, this is potentially very concerning (it could make you, for example, more vulnerable on public wireless networks). It depends on how much you trust Apple to do a good job.
I don't think approximate location is good enough. I'm not sure even street level location would be enough, much less a quarter. A German court argued that a website operator could persuade ISP to disclose your personal information and therefore IP is personal (they presented two lines of thinking and this was one of them). To me, that sounds like bollocks. ISP shouldn't disclose personal information outside of court orders and such. Doing so should be illegal and harshly punished. The real argument for me is that while a particular operator might not be able to match IP with identifying information, someone else might. Why do we even care? It's partly because we treat non-personal data poorly. It's going to be more likely for the data to be given to someone else or stolen and otherwise mishandled. It should definitely be properly protected.
The reality is that I don't need to keep your IP address outside of compliance with law (where I should treat it as personal) and prevention of network attacks or diagnosis of network issues (where I should store it separately and only for short term). I care about performance. I care about errors. I might care about what you requested and where you came from when an error occurred. Consider a broken link. Knowing where you came from is a big help. But I don't care who you are. As a human. I care about you as a user. I can identify you in a way that doesn't disclose your IP address and is not persistent beyond a browsing session. And use that in logs. Making it useless to third parties if my logs get stolen. But I will still be able to track you throughout my website for the purposes of usage analysis. Of course, if you're a shop, for example, it might be possible to link this ID with personal information via orders and invoices (time stamps, order numbers in URLs, etc.). That part of your system should be built accordingly. Once a problem is fixed, there is no need to keep an expanded log entry. If there were no problems, there is no need to keep the logs for long. I might want to keep performance data, but I care about the numbers for future reference, not individuals. If you're analyzing effectiveness of a marketing campaign, you should delete the data afterwards or periodically if it's long running. There is always a way. The reasons to desire such information are not technical.
The problem in this space is called Google Analytics and share and like buttons from social networks. And of course, advertising networks. GA is a nice tool. I get why people use it. But frankly, some of that information is simply none of your business. I understand that an operator of one shop might want to know where else are his customers shopping. But they have no right to snoop like that. Imagine hiring people to follow your customers around and log where they go, what they do. Creepy as hell. Too expensive in real life (that's why they use different methods - like loyalty programs), easy to do on the Internet. Tracking should be strictly opt-in with a strict ban on tricking, manipulating, pushing and bullying. Of course they don't like the idea as almost nobody would cooperate. They would probably have to pay the people money to entice them into giving up privacy (like it's done with loyalty programs).
Approximate location can be used in combination with other details to identify you or, at the very least, narrow it down quite a bit. Depending on who's trying to identify you, they could use a combination of any number of things, such as sites visited, what browser you're using, screen resolution, installed fonts, OS, how you type, mouse movements, etc. IP can help by providing more info on you (where you live, whether down to the city or, in more rural areas, down to one of very few houses) and by vastly reducing your anonymity pool (instead of having to separate you from millions of people using the other available factors, now you only need to be separated from anywhere from a couple dozen to several thousand).
And I agree ISP shouldn't be able to disclose it; unfortunately, they're allowed to do much more than that in the US, with a recent law allowing them to collect info on you, e.g. sites you visit and probably things like your schedule and how much time you spend online, and sell it. So even though you're (over)paying them for a service, that's still not enough for them, and they want to make even more money off of you on the back end. It's reprehensible, and I wish I could say it's unbelievable the law passed, but that's just the state of the corrupted government these days.
I also agree about the issues with tracking, which, combined with the ISP issue, is why I use a VPN combined with uBO, Privacy Badger, and other precautions. It's just ridiculous that it requires so much extra work and money to protect oneself because not only does the government do nothing to help, but they're often complicit. And even then, doing all that, I'm well aware that my identity is still likely known to at least some players (government and Google at least), even when it appears that I'm anonymous. It's crazy. And most people simply don't know how bad it is, or how to protect against it. And as you're probably aware, it's so much worse than social media buttons and analytics and ads. Things like fingerprinting, tracking pixels, cookies, referers, AMP, etc. And that's just the web. Then there's OS snooping, Amazon and Google listening to and recording you through your phones/tablets/Echo/etc, Google (and probably Apple) tracking you through your phone, even after you "disable" it, and so on. And then there's companies using people to do free work for them, training their systems, by providing tons and tons of photos for facial recognition and solving captchas to train image recognition. It's all just a big mess.
With the loyalty programs, I understand how they're used to track purchasing patterns with the company, but I don't see how it could be used to track you outside the company, i.e. to see where else you shop or what else you buy. So while you're losing a little bit of privacy, it's not much. Instead of the company just knowing they sold products A and B, they know they sold them to you specifically, though unless you pay cash they can know that anyway, or at least that credit card # 1234.... bought those items. And if they really wanted to, they could probably tie that card to you even without your knowledge or consent. So I don't see loyalty programs as being much of a privacy issue personally, though I'd be interested to know if I'm missing something regarding them.
Deutsch
English
Español
Français
Italiano
Nederlands
Polski
Português
Русский
Türkçe
Svenska
Chinese
Magyar