Em May 25

First, they'll ask for your official IDs to confirm your age and identity.

This will create a large treasure trove
of sensitive data, which will attract criminals, and will inevitably leak from either negligence or malice, sooner than later.

Then, they'll claim your official ID is
unreliable, because it was stolen so many times, and demand you share your biometric data.

They will collect your face scan,
your palm scan, and even your iris scan (no exaggeration, these are all already being collected by some companies for identification). They will claim it's super safe.

This will create a large treasure trove
of sensitive biometric data, which will attract criminals, and will inevitably leak from either negligence or malice, sooner than later.

Then what? Rinse and escalate.

You will have lost control of not just your corporate social media accounts by participating to this, but to any data capable of validating your identity, to your privacy rights, to the protections you could use online to stay safe.

We don't have to wait that it escalates.

We can, and must, push back and say No now. Start to say No now.

#Privacy #Biometrics #DataMinimization #AgeVerification

Show threadCasse bonbon, le tonton relouMay 25

@Em0nM4stodon

Nothing will change without a strong incentive.

Corporations, States, We ( because we are all responsible ) do collect data not because we need it, but because we can.

When I was young, train ticket was sold as a one time token. Now, the train company wants to know my name, birth-date and gender. It is not doing it because it needs it, but because it is not horribly expensive, not prohibited by law and technically possible.

This is the true meaning of law and regulation : to set a limit on what decency is.

We can put a fine on company that leak data ( I'm not in favor : it would be too late and be an incentive to hide data leaks ).
We can put a tax on personal data : each database should pay a fee for each personal data stored ( name, address, IP, ... ). Small fee. ( this has another advantage : it will give a legal base to prosecute spammers, hacker ... )

Any other idea is welcome !

Show threadHak Foo 

@cassebonbon @Em0nM4stodon What if they had to carry breach insurance for their data-- with a serious payout attached?

The carriers would say "you want to store 40 petabytes of data not strictly necessary for your business, fine, but it's gonna cost you several tens of millions of dollar-euros per year to cover it for when you inevitably post live API keys to Github"

May 25 at 6:50amWeb
Show threadCasse bonbon, le tonton relouMay 25

@hakfoo @Em0nM4stodon

I'm European with roman law mindset.

I would object that when a company leaks my personal data, it is almost impossible to demonstrate an actual prejudice.

Thus company don't pay anything when data leaks.

So insurance fee is almost null....