Comment by thu2111

"everyone would hate it" assumes people know about these things

It's based on direct experience of these tradeoffs.

Firstly, yes, people accept the defaults most of the time. They expect those defaults to be convenient and secure. But even when forced to click through screens that literally won't let them proceed until they consider their privacy settings, they don't care and routinely opt in to data sharing because it's more convenient.

Believe me, Google has tried everything in this space. Every combination of popup, click through, interstitial, notification, endless usability studies. Everything. New products that use user data in clever ways get instant uptake on the order of hundreds of millions of users with virtually no promotion at all. Privacy-oriented features get nearly none despite heavier promotion. To the extent people don't know about privacy settings it's because they do not care.

I know this goes against the tech industry zeitgeist or groupthink. It's unpopular to spell this out, but that's why it's important to do so. Way too many companies and engineers are working on dead-end privacy projects that address an imaginary market demand.

you make it sound as if it was one xor the other. This is sometimes the case to some degree (like checking urls for phishing sites), but far from always.

It's not 100% always, but it's hard to come up with cases where privacy and security aren't in tension.

For instance, one of the reasons you can't build truly end to end encrypted consumer services is people don't want to swap public keys. It's more hassle and nobody has it, so every end-to-end encrypted service has a big central key directory ... which makes the encryption pointless, as the service can still decrypt conversations on demand. That's not the only problem but it's a big one.

Another problem is people expect password reset. You can't build a service without password reset or else you'll have an angry mob at your door demanding their accounts back. If you say, sorry, there's no password reset because the data is all encrypted and we can't get it back then you'll lose your market position. Hence why iPhone backups are unencrypted.

It's not hopeless. Google get the most pressure on these topics so they've been coming up with some of the best solutions. Their Titan architecture is quite innovative in this space, although we'll see what happens when people realise "I forgot my PIN, please verify my identity some other way" doesn't work anymore.

And if others do this to gain an advantage over your business, don't whine, sue them.

I'm afraid this is extremely naive. There is nothing illegal about running user tests, server logging and gathering metrics. And don't talk about GDPR to me. It's a meaningless law that is so badly drafted it affects nothing. You can do basically anything if it's justified by a genuine business need, and understanding customers is an absolute need of any business.

But if the EU under German direction decides to interpret the GDPR such that it bans making convenient and secure software, then so what? America crushes the EU in the software business already. It will simply extend its lead. American startups will learn "don't open offices in Europe and you're OK" and so the EU will continue to degrade its own economy, continue to have no tech startups of note and the USA's more sensible approach to privacy will continue to be the only one that matters.

"boring statistics about religion" led to the murder of hundreds of thousands of Jews.

At the risk of going full Godwin on this thread, that's a severe mis-understanding of your own history. No wonder Germans have such strange approaches to internet privacy if that's what you're being taught. Americans haven't "forgotten" the reasons for wanting privacy, they just don't think spreadsheets were relevant to what happened. And BTW I'm not American.

So: Nazi-ism wasn't enabled by the collection of statistics. They would have hunted down and eradicated groups of people all the same. We know this because communists hunted down threw huge numbers of anti-communists into concentration camps, although being anti-communist isn't a birth trait and that fact existed in no statistical databases. They didn't need Big Data because they had a large network of ideologically motivated informers and collaborators instead: just like Hitler did.

Finally, I'll say that going from "Google runs A/B tests to learn if a new feature is popular" straight to "sue anyone who does this because they're directly leading to Jew murder" is really quite offensive and shows no sense of proportion. Google is not enabling the Third Reich. It's just doing what any boring old city shop does when they experiment with putting different items on sale, or experiment with different layouts of the stores. The fact that it's online changes nothing.