As with other measures: show me that not using the card guarantees my privacy?
The only thing that is guaranteed is that I've lost the discount. Recording accounts from credit, debit, or check payments leaves the customer equally screwed.
More likely: I request loyalty cards under assumed names and discard or exchange them often.
Though that likely leads to other data trails. Anonymisation and tradecraft are hard.
This is absolutely preposterous. Scrubbing every single instance of data collection is obviously very difficult, but there are tons of high impact, low cost things you can do but that people choose not to do. That really belies the "people actually care but feel powerless" nonsense.
For example:
Browsing only in an incognito window prevents the persistence of many kinds of identity across browsing sessions, at the low cost of having to type a username and password more often. (I already do this for Facebook because their cookie policy passes my personal line. It's not a hardship at all, but that may be because when I have the power to change something I don't like I prefer doing it instead of simply whining and pretending I'm powerless).
Not using a loyalty card prevents tracking of your purchases and the only cost is the loss of a two percent discount.
Goimg to google's ad settings and turning off personalized ads. The cost is: ten seconds and seeing 10% more ads.
Counter-counterexample: EFF's Panopticlick shows how much individually identifying data can be obtained simply from browser fingerprints. IP address adds to that. Verizon was injecting tracking headers into its subscribers' Web traffic directly.
Again: the problem with countermeasures is that you've got to take a hell of a lot of them before you've any real assurance of even modest privacy.
See RMS's "How I do my computing" essay, featured here recently.
I did mention that "complete" privacy is rather costly, but I think it's silly to Ignore low cost countermeasures that have a high impact. Hell you can even defend against fingerprinting, which is basically a medium cost very high impact fix.
I also disagree that the stated countermeasures don't have much of an impact. The universe of entities that get any sort of picture of your behavior narrows VERY sharply, and the remaining holdouts (the govt, those who control the pipes) quite obviously require policy solutions
Yes, countermeasures can be taken. I apply a number of defenses myself:
? Multiple browser plugins: adblock, noscript/scriptsafe, ghostery, privacy badger, uMatrix. They work, variously, but also make browsing more of a pain. Applying these to, e.g., my parents' systems leads to inevitable (and difficult to diagnose remotely) issues. The median state of technical user competence is very low.
? Privoxy. Though not on my primary browsing sessions as it's routed through...
? Tor. If you want to destroy your browsing experience, route all traffic through Tor. Some sites flat out fail to function (e.g., Craigslist), generally because they block all traffic from proxies. Others repeatedly throw up captchas, including several (Cloudflare comes to mind) who rely on JS entirely, and cannot be bypassed for non-JS browsers. Also: pretty much all commandline tools (curl, wget, youtube-dl) are difficult or impossible over Tor, and you'll have to disable proxy for them. In other cases, Tor is seen as "suspicous activity" and triggers account protection, a/k/a self-triggered denial of service:
https://www.reddit.com/r/dredmorbius/comments/2w618r/how_to_... (also discussed on HN).
(Some way to be able to toggle multiple (or no) Privoxy modes easily would be useful.)
? An extensive set of /etc/hosts blocks. Drawn from uMatrix's blocklists, plus additions of my own. It's a total of 62,290 entries, including most common (and many uncommon) tracking and advertising sites.
Plus other practices in real-world tradecraft.
It's still 1) tedious and 2) only modestly effective.
Email, mobile comms use, and messaging generally remain far less protected than I'd prefer.
Also it says that people who know feel powerless to do anything about it. What choice do they have, other than live in a cave?
reply