That seems awfully harsh, and I'm not sure why you're being so cynical. I am interested in working towards a better future, but no matter how dumb you believe I am, comments like yours definitely won't lead there either. In an effort to continue the conversation constructively:
I understand the power of connected systems because I've worked with distributed computing systems for the better part of a decade. The more servers the better in my field, and the more situations they can compute in (my pocket, a volcano,space, etc.) the better. I like my computers connected, but I also like them under my control.
There's a reality to swallow; my grandmother doesn't want to configure a server, or understand what a certificate or even a yubikey is. A truly universal privacy and security management system has to do better to make privacy accessible.
Context is important; my health clinic knowing my cholesterol level: important. My credit card company knowing my cholesterol level? Unnecessary. It's going to be important to categorize personal information and provide controls on access.
What if my government adds a new type of issued ID? How does a company efficiently request access to my "swolshon_id" and provide rationale for it's use?
Is a company allowed to reject services if I choose not to provide a portion of my user data? Alternatively could some requirement be to require companies provide services that operate with limited access?
#1 Post-Snowden the general public has demonstrated they don't really care about privacy. As long as that is true, both companies and governments can demand a lot and get it, even though they don't need it.
Strictly from a computing standpoint (I can't address healthcare providers etc.), the root of many of these problems are at the consumer OS level and the incentives for the companies which build them.
We have three big problems: Google, Apple, and Microsoft. The incentives for these three are misaligned from having secure multi-device computing.
Amazon is as bad or worse, just look at the issues they've had with employees accessing Alexa audio recordings along with their security camera stuff. Fortunately their phone flopped.
Out of the big three, Google has been the worst offender here for the last 10 or so years. Apple has been pretty good, especially with actually security the hardware and stomping out 0days, but watch out: advertising is their growth business. Microsoft has a long history that isn't trustworthy.
Post-GPT3.5+, privacy matters a whole lot. The difference between people who will get completely p0wned and those that don't will be how much public and accessible data is out there. This will have a perverse feedback loop of companies demanding even more personal data and proprietary verification hardware.
I understand the power of connected systems because I've worked with distributed computing systems for the better part of a decade. The more servers the better in my field, and the more situations they can compute in (my pocket, a volcano,space, etc.) the better. I like my computers connected, but I also like them under my control.
There's a reality to swallow; my grandmother doesn't want to configure a server, or understand what a certificate or even a yubikey is. A truly universal privacy and security management system has to do better to make privacy accessible.
Context is important; my health clinic knowing my cholesterol level: important. My credit card company knowing my cholesterol level? Unnecessary. It's going to be important to categorize personal information and provide controls on access.
What if my government adds a new type of issued ID? How does a company efficiently request access to my "swolshon_id" and provide rationale for it's use?
Is a company allowed to reject services if I choose not to provide a portion of my user data? Alternatively could some requirement be to require companies provide services that operate with limited access?