undefined | Better HN

0 pointsbawolff3y ago0 comments

> then you can pretty much get rid of them storing anything at all about you.

But why would they want to?

If i understand, the premise of this idea is basically that we don't trust service providers with our data/to have our best interests at heart.

So we make a complex system where service providers (for the sake of argument, i dont know if i buy this) must respect our wishes.

Which raises the question, why would they?

Either a) service providers are good, and this system is pointless.

Or b) service providers are evil and they wouldn't use it and/or would subvert the intention.

> If you don't want them to know you anymore, just remove the version of your data encrypted for them.

Assuming they dont store it. Can't unring a bell.

> The overall idea is that by switching to this model, websites / apps will become 99% front-end only, APIs will switch to smart contracts, and you will have total control of your data.

Idk what y'all are smoking over there, but its clearly the good stuff.

0 comments

Galanwe3y ago

>> then you can pretty much get rid of them storing anything at all about you.

> But why would they want to

Well the overall premise is that if they don't need to, it will become harder to justify to your users. The second premise is that legislation can be put in place to forbid the ad hoc storage of PIIs.

Europe already has in place legislation to allow users to have read and removal access to their PIIs stored by third parties, it does not seem inconceivable that a logical next step would be to actually enforce that users have real ownership of their PIIs by forbidding providers to store them at all.

> Either a) service providers are good, and this system is pointless.

Not really. The issue with personal data is not just good/bad. There is a spectrum in between.

You can be the best intentioned provider and still get hacked. When you think about it, it actually makes no sense to trust any service provider with your data considering 99% of them are not going to be able to properly store and secure them. Why not have a system that is secure by default.

And then there's the whole gray zone of what happens if the company sells your data, exploits it internally, gets bought by another company, changes EULA, shares with her parent company, etc.

> Idk what y'all are smoking over there, but its clearly the good stuff.

Try to be more open about it and don't get dragged on by the anti crypto trend blindly.

Sure there are a bunch of ridiculous things out there, but there's also actually good ideas.

bawolffOP3y ago

> Well the overall premise is that if they don't need to, it will become harder to justify to your users. The second premise is that legislation can be put in place to forbid the ad hoc storage of PIIs.

If your system requires a government enforced monopoly, or some sort of class uprising, to succeed, its probably a bad system.

Literally any system, regardless of how good an idea it is, would succeed under those conditions.

j / k navigate · click thread line to collapse