Most active commenters

    ←back to thread

    Everyone knows your location: tracking myself down through in-app ads

    (timsh.org)
    1957 points apokryptein | 11 comments | 02 Feb 25 17:07 UTC | HN request time: 1.53s | source | bottom
    Show context
    qingcharles ◴[02 Feb 25 20:40 UTC] No.42911578[source]
    One big privacy issue is that there is no sane way to protect your contact details from being sold, regardless of what you do.

    As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.

    And I buy this stuff. Every time I need customer service and I'm getting stonewalled I just go onto a marketplace, find an exec and buy their details for pennies and call them up on their cellphone. (this is usually successful, but can backfire badly -- CashApp terminated my account for this shenanigans)

    replies(33): >>42911665 #>>42911679 #>>42911714 #>>42911768 #>>42911810 #>>42911853 #>>42911874 #>>42912408 #>>42912465 #>>42912852 #>>42912979 #>>42913150 #>>42913418 #>>42913708 #>>42913974 #>>42914004 #>>42914803 #>>42914807 #>>42915963 #>>42916052 #>>42916619 #>>42916711 #>>42916764 #>>42917374 #>>42918405 #>>42918914 #>>42918920 #>>42920277 #>>42920369 #>>42920873 #>>42920949 #>>42940036 #>>42967302 #
    A4ET8a8uTh0_v2 ◴[02 Feb 25 21:09 UTC] No.42911853[source]
    << find an exec and buy their details for pennies and call them up on their cellphone. (this is usually successful, but can backfire badly -- CashApp terminated my account for this shenanigans)

    Honestly, kudos. The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.

    << As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.

    And people laughed at Red Reddington when he said he had no email.

    replies(5): >>42912686 #>>42912897 #>>42913432 #>>42914558 #>>42915754 #
    Aurornis ◴[03 Feb 25 00:29 UTC] No.42913432[source]
    > The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.

    Unless your problem is with the company doing the privacy violations, this doesn’t make any sense.

    replies(1): >>42916954 #
    1. swiftcoder ◴[03 Feb 25 10:50 UTC] No.42916954[source]
    Pretty much all companies are doing the privacy violations. You think your doctors office doesn't sell their contact list?
    replies(3): >>42917112 #>>42917377 #>>42918839 #
    2. jlokier ◴[03 Feb 25 11:19 UTC] No.42917112[source]
    Where I live, which is not in the USA, I'm confident my doctor's office doesn't sell their contact list - or at least, not without statistical anonymisation and aggregation for research purposes.

    They probably outsource processing the data and storing it to other entities, but that will be under contracts which govern how the data may be used and handled. I assume that's not what "sell the data" means in this conversation.

    It would be such an egregious violation of local data protection law to sell patient personal details for unrestricted commercial use, including their contact info, and it would make the political news where I live if they were found out.

    replies(2): >>42917926 #>>43072284 #
    3. dbspin ◴[03 Feb 25 12:10 UTC] No.42917377[source]
    In my country (and I suspect most Western Countries) my doctor would lose his medical licence for selling my contact information.
    replies(1): >>42918388 #
    4. nottorp ◴[03 Feb 25 13:20 UTC] No.42917926[source]
    Also "not in the USA" i actually work on a medical ish application these days (not the in production version, mind but a fork with new features that's entirely separate at the moment).

    I have access to ... zero patient data. Our entire test database is synthetic records.

    5. brookst ◴[03 Feb 25 14:14 UTC] No.42918388[source]
    Your poor oppressed doctor! And I’ll bet they rarely even get to treat bullet wounds. It’s different here in the Land of the Free ™.
    replies(1): >>42919373 #
    6. mapt ◴[03 Feb 25 15:02 UTC] No.42918839[source]
    HIPAA is pretty much the only halfway effective privacy regulation the US has. It imposes strong regulatory, licensure, and even criminal censure for violations.

    It's formulated so that they can give those contacts away rather than sell them, but only to the rest of the medical goods & services supplychain that are involved in your care, who are also bound by HIPAA.

    The worst dark pattern this has generated so far seems to be pharmaceutical company drug reps bribing your doctor to change what they would prescribe you.

    The worst that's likely to happen without regulation, as far as I can tell, involves an associated provider just leaking UnitedHealthcare's full database of every patient and every condition.

    7. jajko ◴[03 Feb 25 15:48 UTC] No.42919373{3}[source]
    Nah its called normal society, ie Switzerland here is the same the benefits of doing so would be absolutely minimal, punishments severe.

    Plus its highly amoral and doctors here are still coming from idealistic breed that wanted to help people, those 2 are practically exclusive.

    replies(1): >>42921786 #
    8. megous ◴[03 Feb 25 19:25 UTC] No.42921786{4}[source]
    This normal in your society? https://electronicintifada.net/content/switzerland-deports-e...

    Interesting thought policing you have in there.

    replies(1): >>42925121 #
    9. Vilian ◴[03 Feb 25 23:52 UTC] No.42925121{5}[source]
    Want me to link the latest mass deportation that USA is doing and compare with one person?
    replies(1): >>42935522 #
    10. megous ◴[04 Feb 25 17:21 UTC] No.42935522{6}[source]
    I'm not arguing that what USA is doing is normal, either.
    11. WhyNotHugo ◴[16 Feb 25 22:16 UTC] No.43072284[source]
    Here in NL my local doctors office just delegates their IT to some US-based company. I doubt they take privacy seriously. Their whole security is a joke. but they make a theatre out of it to give an impression otherwise.

    EU law means little in this respect, since it's not enforced and most people don't understand enough on the subject to even evaluate what's going on with their data (or their clients data).