Comment by GeekyBear
2 months ago
> we are concerned that SB2420 impacts the privacy of users by requiring the collection of sensitive, personally identifiable information to download any app, even if a user simply wants to check the weather or sports scores.
Avoiding the collection of user data in the first place (if it's possible) is exactly the correct approach to user privacy.
Soo the strongest form of privacy protection isn't better storage or better policies, it's simply not creating the data in the first place
Instead of fixing consequences, eliminate the cause? It sounds almost like common sense.
I think most laws should look reasonable from the common-sense viewpoint. And when they don't, there should be a serious explanation.
Privacy legislation and infrastructure are both designed to eschew common-sense. It's how the fed gets away installing backdoors in iOS and Android: https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...
3 replies →
Yes. It's more secure to have your website simply not require the user's SSN than to implement the best security in the world to handle their SSN.