Em May 25, 2025

First, they'll ask for your official IDs to confirm your age and identity.

This will create a large treasure trove
of sensitive data, which will attract criminals, and will inevitably leak from either negligence or malice, sooner than later.

Then, they'll claim your official ID is
unreliable, because it was stolen so many times, and demand you share your biometric data.

They will collect your face scan,
your palm scan, and even your iris scan (no exaggeration, these are all already being collected by some companies for identification). They will claim it's super safe.

This will create a large treasure trove
of sensitive biometric data, which will attract criminals, and will inevitably leak from either negligence or malice, sooner than later.

Then what? Rinse and escalate.

You will have lost control of not just your corporate social media accounts by participating to this, but to any data capable of validating your identity, to your privacy rights, to the protections you could use online to stay safe.

We don't have to wait that it escalates.

We can, and must, push back and say No now. Start to say No now.

#Privacy #Biometrics #DataMinimization #AgeVerification

Show threadCasse bonbon, le tonton relouMay 25, 2025

@Em0nM4stodon

Nothing will change without a strong incentive.

Corporations, States, We ( because we are all responsible ) do collect data not because we need it, but because we can.

When I was young, train ticket was sold as a one time token. Now, the train company wants to know my name, birth-date and gender. It is not doing it because it needs it, but because it is not horribly expensive, not prohibited by law and technically possible.

This is the true meaning of law and regulation : to set a limit on what decency is.

We can put a fine on company that leak data ( I'm not in favor : it would be too late and be an incentive to hide data leaks ).
We can put a tax on personal data : each database should pay a fee for each personal data stored ( name, address, IP, ... ). Small fee. ( this has another advantage : it will give a legal base to prosecute spammers, hacker ... )

Any other idea is welcome !

Show threadcuan_knaggs
@cassebonbon @Em0nM4stodon and a needing strict and explicit consent for each bit of data shared with another party
May 25, 2025 at 9:26amWeb
Show threadcuan_knaggsMay 25, 2025
@cassebonbon @Em0nM4stodon i do worry about the tax/fee to collect, that means that small or non-profit orgs are going to have a very had time
Show threadCasse bonbon, le tonton relouMay 25, 2025

@mensrea @Em0nM4stodon

The fee should be small and free bellow some threshold.

Typically if Amazon pay millions, it will not significantly impact its benefit. but limiting data may improve their profit.

Thinking of Amazon use case :

* store most data in browser local storage ( credit card, address, name,.... ), if user ask for it.
* transmit delivery address directly to the delivery company ( browser to shipping company ). if shipping company want to store data, it's at their own expanse.
* amazon may archive invoice data in an offline system that has a manual access with "read access" fee.
* if amazon want to do data mining on customer habits, then it should pay for collecting data

Show threadcuan_knaggsMay 25, 2025
@cassebonbon @Em0nM4stodon the details will be tricky. like here financial legislation has data storage requirements for all transactions. but yes, financial penalties for keeping data without direct cause, and restrictions and barriers for any sharing