Comment by rsynnott
16 days ago
Also, _Discord_ deleting them is really only half the battle; random vendors deleting them remains an issue.
16 days ago
Also, _Discord_ deleting them is really only half the battle; random vendors deleting them remains an issue.
Not to mention collecting them at all means those servers are a primo location for state actors to stage themselves to make copies of data before being deleted.
To say nothing of insider threats of which likely exist across every major social media platform in service to foreign govs.
It was this deep into the thread when I decided I don’t think I need internet service this bad, let alone Discord. I think I’m out. Let us know how it goes!
All of these types of developments, of the trap door starting to close, really do totally depend on the addiction, the dependency that was created to make sure the people would be unable to withdraw themselves. We now have some generations of people who have only been online and in a fantasy world of games and “TV”. It seems the system has calculated that we have crossed the threshold after which the system is self-reinforcing and there is very little chance of effective resistance, let alone reversal.
6 replies →
> Not to mention collecting them at all means those servers are a primo location for state actors to stage themselves to make copies of data before being deleted.
Not to nitpick, but in this case they'd be collecting data they already own.
For state actors - they frequently have issues "connecting the dots". Or heck - maybe connecting the dots is easy but it's a manual process that introduces too much friction for them to do casually. Maybe some of the data they connect it with is not trustworthy.
If the dots already come pre-connected, it makes the job easier.
Not to mention its value as blackmail material shoots up because it comes pre-associated with your government ID and/or a scan of your face because fewer sources/methods need to be risked.
In addition to the sibling comments, even if they do own the ID itself, they do not own the association with Discord users, and the ID might also be faked.
1. Foreign state actors
2. Inter-hostile agencies within the u.s.
I am pretty sure US gov doesn't have my id.
The feds don't own state IDs in the US, at least.
> Also, _Discord_ deleting them is really only half the battle; random vendors deleting them remains an issue.
This really is the issue. Of the 5 or so data breach notifications I received last year, none are from an entity I have a direct relationship with. They're all from a vendor used directly or indirectly by these entities.
The real answer is more serious penalties for having data breaches. Having 6 concurrent "identity monitoring" services is of zero value to me.
Vendors like that would be in deep GDPR shit if they claim to not store highly sensitive data and then do in fact store highly sensitive data.
Generally the GDPR is not rigorously enforced, but when it comes to sensitive data like face scans, IDs, medical data etc. the hammer comes down a lot swifter and harder.
GDPR does not stop a breach.
Discord already lost user IDs. Will GDPR delete them from the darknet?
"We delete them immediately after we have sold them to our 579 parters"
Weird that I have to get a list of all the cookie vendors that know I visit a website to show me an ad about something I already bought but the guys with my ID don't need to be listed.
Under GDPR they need to be listed.
GDPR isn't a cookie law — it's a PII law. They need to tell you all parties that get your ID picture, or they're in breach.
GDPR is not a PII law. The term is not mentioned once in GDPR. GDPR speaks of "personal data", which as Wikipedia puts it "is significantly broader".
2 replies →