> Service Providers. We work with third parties who provide services including but not limited to data analysis, order fulfillment, list enhancement and other administrative services. We may disclose personal information to such third parties for the purpose of enabling these third parties to provide services to us. Such services may include: marketing distribution, email list management services, advertising, certain product functionalities, customer support, web hosting, customer data management and enhancement, fulfillment services (e.g., companies that fill product orders or coordinate mailings), research and surveys, data analysis and email service.
It really must be. Because for some reason all big companies are hell bent on tricking even the 0.001% power users that actually care by constantly overriding options and nagging people until they accidentally click the wrong thing that one time.
I have no idea what they expect to gain by infuriating that group.
This server could not prove that it is cant.stopdatamining.me; its security certificate is from *.gridserver.com. This may be caused by a misconfiguration or an attacker intercepting your connection
cant.stopdatamining.me uses an invalid security certificate. The certificate is only valid for the following names: *.gridserver.com, gridserver.com Error code: SSL_ERROR_BAD_CERT_DOMAIN
Can't tell if I sense sarcasm or not? Too many folks "talk" about how they're so against data collection, mining, cookies, etc. but use these same tools on their own sites/apps.
Is there a search engine that penalizes or pages with advertising and trackers on them that cross certain lines (e.g. I think "fair" ads are conceivable, and local analyticsa are fine)? Because I think adblockers are nice, but boycotts are nicer, and such a search engine could be a good way to surface alternatives maybe.
No, you are responsible ultimately for what information you reveal or don't.
It's all good having some big behemoth like the EU laying the smackdown with GDPR for companies and sites but that shouldn't mean you let your guard down and expect all sites to follow the rules.
I don't need to care about trackers because I am blocking them pro-actively.
I have NoScript installed and temporarily allowed domains because I wanted to see if a website about stopping mining mines its users.
However, I agree with you, people need to stop downloading random (potentially malicious) javascript and executing it. Getting your info stolen is someone elses fault, but your responsibility.
I think you mean ultimately here, penultimately means last except for one (so that there is someone that is even more responsible than you for the data you reveal or not)
Additionally, you can go a step further into the Privacy mania and install NoScript (JavaScript blocker). In my experience you only need to unblock 1-2 script domains on every website to make it functional.
Except that “uBlock origin” is maintained by the OG developer and “uBlock” (of ublock.org) is a now filthy ripoff owned by some greedy dickhead who OG developer trusted with control over the original repository.
So yeah you only need one of them but I’d stick with the OG “origin” one.
I meant if you have uBlock (origin or the other thing) you don't need noscript-addon, because uBlock (both origin and the other thing) can block javascript.
Sorry for confusion.
A site that claims to be "...the central source for consumers to learn what kinds of information data brokers have about them and how to exercise their opt-out choices" arguably shouldn't itself do data mining. Or should at least be clear about what it is doing with the data that it collects about you.
So would anyone pay for a service like this that acts like an attorney and actively contacts companies for insight into the information they store on you and requests for removal? Included in the service would be class-action suits and other litigative measures. We could introduce a free tier to find out if X companies store anything and a service if you want to clean up. Like legal insurance but then only for data.
Just from personal experience I’ve spent time opting out of these collections in the past. To include, people search websites only to find my information resurface months later. I think this may take constant monitoring. I’m not sure the mechinism that is used for data to be added after asking for opt out/deletion
If you can get judges to rule on costs in favor of the plaintiff (quite usual in my EU jurisdiction) then there quickly arises an incentive for cooperation. All you need is a few high profile wins. Those companies would probably start sharing by default and / or taking opt-out more seriously after that. "It's your data. Fight it!" (How's that for a slogan. And I know it's not grammatically correct.)
It's analogous to the operation of those lawyers asking a few thousand euros for unlicensed use of pictures. That's legit as well here. Legal reverse GDPR extortion. Gives us insight into these customers, who've given us power of attorney or we sue. Lose and pay our bills. Win and we are done and the customers pay a much smaller fee (a person, but hopefully adding up to a reasonable fee).
> judges to rule on costs in favor of the plaintiff (quite usual in my EU jurisdiction)
Please correct me if I'm wrong but I think your costs are broader, include attorneys fees, and are therefore different from US costs. In US courts the prevailing party defaults to including costs when preparing the judgment order (parties do almost all of the drafting in US courts) but "costs" is taken to literally mean court costs as in filing fees and a very limited menu of closely related expenses such as costs pertaining to service of process, court clerk photocopying charges, and the like.
Yup, broader costs. Losers often pay quite a substantial part of the legal fees of the winner. A comparatively extreme example: in liability cases with injuries, the judge will often allow quite broad legal costs (about 25% of total claims is legal costs). It's an extreme example since registered attorneys cannot work on that basis, but goes to show that substantial costs to the loser does happen.
Isn't the problem that the ad network(s) would have to extract a fairly high price from us to sell such an opt-out? More than they'd estimate they could make from us... I'd bet it would have to be calculated based on what they've got on you already (so in that sense having been using an adblocker might make you less valuable and thus cheaper for you buy your opt-out).
I would pay a third party opt-out enforcement service, but I would not give a single thin dime to actual advertising companies in exchange for an opt-out, nor would I pay a third party service if they're going to pay such advertisers.
But a lot of them have opt-outs already, which are presumably free. I think we're talking about the just the convenience cost of exercising all of them on my behalf.
I would pay for this, and I'd be willing to pay something approaching professional fees for individual attention, followed by a maintenance/insurance fee like you describe.
Things I'd need (as someone protected by GDPR):
1. strong privacy guarantees on your side
2. transparency about the process and techniques used
3. regular feedback
4. attention to data brokers, but also to anywhere else my pii might be on the internet, which could include shutting down e.g. old accounts on random shops
5. visibility into hacked data dumps (like haveibeenpwned, but for arbitrary information)
I'm pretty sure my information is spread all over at this point, but I'd like to get a handle on how big that spread is and to contain it wherever possible. I'd like to have an idea of how hard it would be for someone with some partial info e.g. a phone number, to determine my name or address.
This kind of service is something that I'm looking for now. I suspect that something like this already exists in "reputation management".
I would, provided I trusted your service to both deliver on its promise and to not itself keep my data (which it requires to opt me out).
I'm surprised some privacy-focused angel (they must exist) hasn't already done this. If I have $10M to play with this would be a great way to spend it for the public good.
Seeing this list and its mix of Email / Phone / Fax / Web systems - and this is only for 50 companies - makes you realise why GDPR-like regulations are needed!
It has always rather irked me that seemingly the only way to stop people from datamining you is to give them more information. Many web pages even specifically complain about third party cookies being disabled in the web browser, saying that they can't possibly honour my preference unless I switch it back on again.
I'd much rather just not hand out the information in the first place.
There needs to be a mechanism to tweak the signal-to-noise ratio. Either 1) stop interact with them and send 0 signal, or 2) have a browser plugin that just provides random interaction on a webpage and increase the the noise. The expensive targeting machines they've built become much less useful.
Mozilla screams bloody murder about security and careless users, but then forces you to choose between "no extensions" and "extensions with unlimited permissions to see everything you do".
It seems sketchy at first glance, but then you pair that with what the addon is actually doing:
- Access your data for all websites (anything that interacts with ads, including blockers, will need this)
- Download files and read and modify the browser’s download history (these two items are single entitlement in firefox, and provides the ability for AN to store the images for ads it clicks on. You get this nice mosaic view of all the ads its clicked, as well as a running total how much click revenue you've burned)
- Monitor extension usage and manage themes (checks if any other incompatible ad blockers installed and notifies the users)
- Access browser tabs (I'm not 100% sure what this one does, but you've already given it full access to everything on every page anyways.)
- Access browser activity during navigation (Killing popups)
The addon itself is GPL3, so I think there's a very low likelihood of shenanigans here. Also compare and contrast with uBlock Origin:
Think of it like fingerprints (it is actually called fingerprinting). Every unique setting you make is a point that could identify you, even settings supposedly intended to increase your privacy. Much like adding a big burn mark to your fingerprint to actual fingerprint to mask its curves, now that big burn mark could be used to identify you even more than the original curves could.
I'm always surprised at how pervasive this is. Most frequently, I see it where you describe - with sites demanding that I sign in/up and disable all tracking prevention before they'll make even a basic effort to let me disable tracking.
But one of the ugliest cases is DMCA takedowns. For big companies, they're quick and easy and usually succeed even when they're completely unjustified. But for unincorporated people, issuing the takedown means providing your name and other personal information to the hosting site. And given that DMCA takedowns are the most efficient way to handle things like sketchy sites hosting stolen nude photos, it's basically a requirement to furnish them with the identity of the person pictured...
So do we have any proof that these sites actually honor the opt-out requests and don't simply add the information we had to provide to them to their dossier?
> So do we have any proof that these sites actually honor the opt-out requests and don't simply add the information we had to provide to them to their dossier?
I don't know, especially for scummy people search websites.
However, I've requested a lot of disclosure reports and opted out of a lot of stuff, and I don't think I've volunteered anything the dataminer probably didn't already know. The real big names like Lexis Nexus and the credit bureaus have their tentacles in everything, so it'd be very difficult to hide your address, telephone number, and property information from them.
The requests that require emails or phone numbers have never rejected throwaway accounts or non-personal phones numbers I have access to. I think they mostly ask for them to impede bulk opt outs.
Or just use the bulk opt-outs provided by the advertising industry organizations. The first is webchoices (the blue triangle you see in the corner of some ads, which allows you to report ads, see how you were targeted, etc.) and the second is the NAI (Network advertising initiative, a non-profit pushing self-regulation for advertisers.)
Opting out of tracking via first-party cookies. I mean the owner of a website could just share my page visits with an ad network regardless of third-party cookies.
Sure. It would be inadequate even if it worked as described -- having to opt-out from every browser and machine you use, and then again when you clear cookies? That's unmanageable.
But it doesn't work as described. Perhaps one or two companies might pay attention to the opt-out, I don't know, but I do know that it makes no difference that I can see.
Also, it does nothing to stop the worst of advertising's sins: tracking.
So, all in all, I consider it utterly worthless. It's far better and more certain to block everything browser-side.
There are some rules to follow if you really want them to work. Opt out on all your browsers, opt out again after clearing cookies, etc.
> You may still receive other types of online advertising from participating companies, and these companies may still collect information for other purposes consistent with the DAAC Principles.
The "Take Control of your Data" call to action takes me to list of 'how to opt out from company X' which exists in plenty of other places, and I'd have to submit them myself. Nothing that goes into data usage, etc. Then there's the privacy policy as others have pointed out, and the analytics/facebook scripts.
There's no functionality or service provided that I can find. The blog seems to be retweets and noise.
Not sure how this got voted onto on the front page, it doesn't seem to be a legitimate thing.
Doesn't opting out cause a Streisand Effect?[1]. I mean, if you go out of your way to hide something it makes you even more interesting and you stand out. My own strategy for not having data collected on me is to compartmentalize and have various contextual identities across different services and never cross contaminate identities and never have all my personal info in one centralized location that makes it easier for the likes of Acxiom Corporation to profile me. I call it identity 'sharding'.
Your strategy doesn't work, FYI. If you have /ever/ used the same device or network they are linked. If you've ever used a credit card across your 'shards', if you've ever logged into a service (especially gmail/fb) accross 'shards' then your identities are linked. You'd need entirely separate devices, networks, names, browsing habits, social accounts, etc. You might've lowered their confidence, but that has nearly zero effect. Cross-device graphs are exceptionally advanced.. all the machine learning/etc that gets discussed on hn is used to beat users like you. Oracle is one of many vendors who do this.
If you scroll to the bottom you'll see that this is a lead generator for attorneys, who are notorious for using "advanced" advertising techniques. They bring in a hot lead, like this site seems well designed to do, and write a letter for $X+.00, and maybe repeat as whack-a-mole goes.
What if there were a browser plugin that would generate large amounts of fake data, and sent that to ads/analytics/trackers whenever they popped up, in addition to preventing the actual user's data from being sent?
The Canadian Do Not Call law actually publishes your number for political parties, pollsters, and charities giving them approval to call you. So, yes, being on the do not call list will actually increase the number of calls you receive.
I can't for the life of me understand why we don't yet have dual-consent calling. Your call should only go through on my phone if you have my number and I've added yours to my address book. Otherwise you should go straight to voicemail.
That's what I do. If a call comes into my phone from a number that isn't in my address book, it just gets sent straight to voicemail. My phone won't even ring.
The only reason I don't just drop the call completely is to cover situations where a someone not in my address book might be calling me for something important.
These just opt you out of browser options, cookies, etc. I'd like to see a tool that actually removes real PII from these co's databases. Know of a tool around that does it?
We need to update the fair credit reporting act with a data retention and opt out section for online activities. The key would be making the violations punitive enough that only crooks, and not these supposedly respectable corporations, would be willing to abuse.
> Service Providers. We work with third parties who provide services including but not limited to data analysis, order fulfillment, list enhancement and other administrative services. We may disclose personal information to such third parties for the purpose of enabling these third parties to provide services to us. Such services may include: marketing distribution, email list management services, advertising, certain product functionalities, customer support, web hosting, customer data management and enhancement, fulfillment services (e.g., companies that fill product orders or coordinate mailings), research and surveys, data analysis and email service.
https://www.stopdatamining.me/privacy-policy/