undefined | Better HN

0 pointsa9t98y ago0 comments

I understand that hosted OCR, just like SaaS in general, is not suitable for every use case.

On the other hand, the OCR.space OCR API has a very strict privacy policy:

https://ocr.space/privacypolicy - All uploaded images and the extracted text are deleted immediatly after processing.

0 comments

> All uploaded images and the extracted text are deleted immediately

Until they are served with a subpoena for a particular client, or a sweeping subpoena to store everything forever, or the company is sold and the new parent has different values, or the company decides to mine customer data for advertising uses, or there's a bug in the software, or there's a long-lived cache of the data, or it gets into their backups accidentally or deliberately, or they don't keep the data but keep "just" the meta-data, or they do statistics or analytics before deleting the data, or they are hacked, or they simply change their minds.

In terms of privacy, even a non-free non-open-source local app with DRM or license management is better than a server app with a "strict privacy policy". With a good firewall setup, you can be pretty sure that the local app won't betray you.

bpicolo8y ago

It doesn't seem reasonable to blame them for an arbitrary potential future when they're currently doing the right thing.

icebraining8y ago

"The best way to avoid privacy breaches is not to formulate a detailed privacy policy; it's to reduce your capabilities so that you're unable to violate anyone's privacy."

http://www.daemonology.net/blog/2012-01-19-playing-chicken-w...

mnem8y ago

No, however the description of the plugin should make it clear data will be uploaded to a third party server for recognition so the user can make a choice about that.

1 more reply

m-p-38y ago

> when they're currently doing the right thing

You mean that we have to place some trust that they are. Some users cannot afford that kind of trust.

stingraycharles8y ago

I suggest adding a big notification dialog that explains this when you first try to do an OCR request.

JoblessWonder8y ago

Why did you end up going with a .space domain? We blocked that whole TLD because we were getting massive amounts of spam from it when it first came out.

jolmg8y ago

Oh dear. My main domain and email are in the .space TLD. I hope your practice is not widespread.

Personally, I chose .space simply because it's cool, cheap, and not overcrowded. It also seems to lend itself well to being part of a name.

I know spam is a hard problem, but I wish you wouldn't label me a spammer simply because of the TLD I chose.

treitnauer8y ago

That's one of the problems with cheap domains in the sub $5 range. Some gTLD registries (.space included) thought it was a good idea to offer them really cheap, but what they got were mostly spammers which puts you in a bad neighborhood.

There are a few others which you may want to avoid according to this report: https://securityintelligence.com/enticing-clicks-with-spam/

ignoramceisblis8y ago

The author's full comment:

> Why did you end up going with a .space domain? We blocked that whole TLD because we were getting massive amounts of spam from it when it first came out.

From your comment:

> I know spam is a hard problem, but I wish you wouldn't label me a spammer simply because of the TLD I chose.

The author is not "labeling you a spammer". They're simply stating a fact about their experience. And in fact, it doesn't even mention you.

1 more reply

j / k navigate · click thread line to collapse

0 comments

cantrevealname8y ago

> All uploaded images and the extracted text are deleted immediately

bpicolo8y ago

It doesn't seem reasonable to blame them for an arbitrary potential future when they're currently doing the right thing.

icebraining8y ago

"The best way to avoid privacy breaches is not to formulate a detailed privacy policy; it's to reduce your capabilities so that you're unable to violate anyone's privacy."

http://www.daemonology.net/blog/2012-01-19-playing-chicken-w...

mnem8y ago

No, however the description of the plugin should make it clear data will be uploaded to a third party server for recognition so the user can make a choice about that.

1 more reply

m-p-38y ago

> when they're currently doing the right thing

You mean that we have to place some trust that they are. Some users cannot afford that kind of trust.

stingraycharles8y ago

I suggest adding a big notification dialog that explains this when you first try to do an OCR request.

JoblessWonder8y ago

Why did you end up going with a .space domain? We blocked that whole TLD because we were getting massive amounts of spam from it when it first came out.

jolmg8y ago

Oh dear. My main domain and email are in the .space TLD. I hope your practice is not widespread.

Personally, I chose .space simply because it's cool, cheap, and not overcrowded. It also seems to lend itself well to being part of a name.

I know spam is a hard problem, but I wish you wouldn't label me a spammer simply because of the TLD I chose.

treitnauer8y ago

There are a few others which you may want to avoid according to this report: https://securityintelligence.com/enticing-clicks-with-spam/

ignoramceisblis8y ago

The author's full comment:

> Why did you end up going with a .space domain? We blocked that whole TLD because we were getting massive amounts of spam from it when it first came out.

From your comment:

> I know spam is a hard problem, but I wish you wouldn't label me a spammer simply because of the TLD I chose.

The author is not "labeling you a spammer". They're simply stating a fact about their experience. And in fact, it doesn't even mention you.

1 more reply

j / k navigate · click thread line to collapse