Comment by jsrozner

I'm saying we should not allow per-user analytics. Currently companies build a profile of each user and correlate that with all the other similar users. Then they target other users who are hypothesized to be similar.

I'm arguing that no per-user analytics should be able to be conducted. A store can track how many times product A is purchased, but not that product A and B were purchased by the same user. Using the latter info for anything other than providing a summary of what the user has purchased (to the user) should be illegal.

Yeah it would be complicated. But you could do it by creating a new obfuscated user ID for each transaction.

Or even better, by having each person store their own data and mandating that companies delete all records. The company can provide a signature on the transaction record (a receipt!) that the user keeps to prove the purchase if there's a conflict later on. But the company cannot keep a copy of any per-user info, the receipt, or the transaction info; nothing beyond the fact that product A was purchased on a certain date.