> Every online service costs money to provide. [...] Since most people are unwilling to pay for online services, the way to cover these costs is by advertising to the users.
Why does it follow that we should be okay with privacy intrusions?
Companies don't have a right to their business model. If we as a society decide to limit how companies can collect and use our data, and it forces some to start charging their users or go out of business, that's okay! Just because that's a sustainable way to run a business right now doesn't mean it should be.
This is also based on the assumption that you can't have ads and privacy. We had ads for a long time without privacy invasion. Just have the ads match the content being viewed (instead of the person viewing the content)
The reason why consumers are unwilling to pay for service is because VCs have funded companies ability to give away tremendous value to achieve fast growth. Because of this consumers now have an expectation for free.
Previously when software was sold at retail, consumers had no qualms paying for software.
So maybe you are right and the root problem are the business models and specifically the funding behind those models.
> The reason why consumers are unwilling to pay for service is because VCs have funded companies ability to give away tremendous value to achieve fast growth. Because of this consumers now have an expectation for free.
> Previously when software was sold at retail, consumers had no qualms paying for software.
When was this? I recall the warez, cracking and keygen scenes being huge years ago (before the rise of SaaS).
In this case 'people' does not mean 'every single person' but rather 'a significantly large enough amount of people as to represent a valid business model in many cases'.
That misses the point. Theft and hacking are still prevalent, that hasn't changed. What's changed is that people expect software like Facebook, Twitter, or Gmail for free. Decades ago the average consumer walked into a Fry's or Microcenter and bought their copy of Windows.
No.. the early internet was pretty much all free to read, the only thing that's ever really been able to charge is porn. For everything else if it looks like a website, acts like a website then people expect it to be free. Try to charge and people will move on.
How would we as a society decide that? The majority of society is more concerned with putting food on the table and paying their rent, and would have zero interest in deciding to get rid of "paid by data" products. Unless we as a society can provide everyone the basic amenities first(food,home,maybe a job), I am not sure people are willing to let go these seemingly free services. Getting control of your data is very important, but the vast majority of humans have many far more pressing concerns.
And there are many assumptions in your post that are not necessarily true:
1. Services could still be free to most users, with paid versions that provide more functionality.
2. Privacy invasion and advertising has a cost, that those very people worrying about food have to pay. They don't have to pay 2$/month for e-mail, but then will spend N$ for the expertly marketed toy/cereal their child is throwing a tantrum over, and their own purchasing choices will also be affected adversely - advertising works.
The assumption that most of western society is busy with securing basic survival seems like a constructed knockout argument. The fact that you are here to discuss the matter indicates that doesn't apply to yourself for instance.
As for how society would decide it, I see consumer pressure as decisive, the more ethical handling of data becomes a selling point, the more financial incentives companies have to implement and market it. It's visible right now in how Apple positions itself against Google as the more privacy minded company with enough public appraisal to challenge, if not invalidate, your assumption.
There is no "we" in this. I would express it:
>Why should "I" accept that privacy intrusions are okay?
As long as it's a voluntary business relationship, there's nothing to say. If your scale of preferences tells you that privacy is a more important factor than the service itself, then use the services that suit your demand, but don't prevent others from acting differently.
>If we as a society decide to limit how companies can collect and use our data...
Why? I don't have the right to decide for you. If you decide to get married, do I have the right to tell you how to proceed in your contractual relationship with your partner? As long as it is a voluntary contract and the individual rights of others are respected..., does the rest of society or the government have the right to decide or impose rules for you or your partner on how your association proceeds?
"Take it, leave it or shut up." If the concept of "privacy" is as important to society as it is to you, it will lead to an increase in demand and supply linked to services that incorporate greater privacy into their products. You don't need to do anything about it, but whatever you try to do in an arbitrary, subjective and coercive way, it will be objectively immoral and violent towards the rest of the people.
>Companies don't have a right to their business model.
They have that right because we all have it, just as you have the right to plan your life but you don't have the right to plan someone else's life.
Should you be able to sell human organs? Child pornography? If you agree to let someone pay your family and kill you, should they be chargeable with murder?
These are all voluntary business relationships. They're illegal because society has mostly agreed that there should be a limit to how much a transaction can extract from someone. That people, even at their most desperate, should still be protected.
And yes, the bounds here can be arbitrary. Selling organs is illegal while selling sperm and eggs is not. But ultimately, most everyone agrees that we should draw the line somewhere. The entire point of a society is a set of norms around how to interact with others.
> If your scale of preferences tells you that privacy is a more important factor than the service itself, then use the services that suit your demand, but don't prevent others from acting differently.
That's completely ignoring network effects: I want to delete WhatsApp from my phone. But if I do so, it means I won't be taking part in everyday family life anymore.
Then you agree with me. Your preference is greater for "being in contact with someone" than your privacy or other factors. Case closed.
Or are you saying that someone should force your family members to use another product that suits your personal preferences?
I'm saying that, as a society, we should not allow products that don't respect people's fundamental freedoms. The disagreement between us is whether privacy should be considered a constitution-level fundamental freedom. In fact, in my country (Germany), the Supreme Court has ruled that it is.
What if the plebeians don't mind privacy intrusions? What if they are happy to give away their privacy on a platter if they are getting free email, digital maps, traffic stats, cloud drive and a whole lot of other goodies from Google? Never underestimate the power of freebies!
Plebeians? Is that what you think of people who are too busy, working to pay for basic food and living conditions, to take any time whatsoever to understand how they still pay even for "freebies"?
Yep exactly. I consider myself common that's why I don't get offended by the word "plebeian". In my books, plebeian is just a synonym for "commoners", there is no other meaning to it.
Why are you so sure that that's what "society" wants? Most people do not want to pay Google $20/month to look stuff up on the Internet. If that's what you think "society" wants then you live in a hermetic bubble.
I'm with you. Again and again we see how certain conclusions and opinions expressed on this site presuppose a global knowledge about the preferences of other people. Regulators, planners and collectivists assume that what is bad for them must be bad for others, that what is good for them must be good for everyone and therefore "have" the right to force people to act as they think they should act according to their arbitrary criteria.
If "society" requires services with a greater emphasis on privacy, they will be more in demand and will find their corresponding offer in the marketplace.
>Why we can't have privacy on the internet...
Bullshit. We can have whatever we want, but if I demand something I must offer something in return, be it money, private data or unicorns. There is no such thing as a free coffee.
> they will be more in demand and will find their corresponding offer in the marketplace.
Ah yes, the classic refrain of “the free market will just fix everything” despite that, you know, not being the case time-and-time-again.
A huge number of products and services these days are “supply driven demand”, so consumers voting with your wallet is extremely limited in scope and power: you’re not being given a representative set of available options, you’re being given the choice between a few-often superficially different- options that companies are happy to provide. Coupled with the fact that many companies and the advertising industry as a whole has pushed a narrative of “just give up all your data, it’s fiiiinnne” means consumers aren’t informed or aware of all the options they could demand. Add in the fact that a huge number of people simply don’t have the luxury of shopping around for their preferred product at every opportunity.
> "the free market will just fix everything"
I think the market doesn't fix anything because there's nothing to fix in this case.
> you're not being given a representative set of available options...
What would those options be? Who decides that? For me the market does, who should do it for you?
What I'm saying is simple, if there are more people who demand services that respect their privacy, then the offer of those services will arise. If, for example, we are in an abstemious society no one will demand wine, then it is foolish to try to produce wine under those circumstances. It will only be profitable to produce wine there if the preferences of that society change.
>"just give up all your data, it's fiiiinnne"
I don't know. It may or may not be fine, you decide for you and I decide for me. I'm not going to force you to make a decision you don't want and I hope you do the same.
Anyway, it's silly to say that we can't have privacy on the Internet.
My position is that we can have the services we want, privacy, security, with whatever preponderant factor we want to have, but not for free.
You will pay with money, with personal data or whatever the other party accepts as payment, but you will always pay.
All this discussion takes place only in contexts where there are people who think they can access all kinds of things for "free", who have the right to dispose of someone else's work, capital, time or property as they please.
Whether we like it or not, the market currently tells us that, in general, access to certain services is more valuable than consumer privacy.
> There are bad actors out there - fraudsters/scammers, terrorists laundering money, legal gun manufacturers moving money around, child pornographers, people who believe in evolution (even among humans), people advocating abandoning Islam, Russians posting Pepe memes, and journalists/revenge pornographers revealing truthful information that people want kept hidden.
I can think of maybe two of these that are are “bad actors”.
I did some napkin math on ad revenues arpu for the big 5 ad supported tech companies and came to the conclusion that you could cover all of their revenues if you could charge $7-10/month for every user, which is netflix money for a set of services that are far more useful than netflix itself.
So I forsee something like 'setapp/netflix for privacy' that could cover it all for $10/month with enough scale.
Because honestly, paying $10 for each subservice quickly adds up to $100s/month
I strongly believe it's doable and there's a market - although small - for that. WhatsApp used to be $1 a year and it was profitable.
> https://www.investopedia.com/articles/personal-finance/04091... The short answer used to be $1 at a time. In some countries, the app used to cost about $1 to download; in others, the first year is free, but each subsequent year costs $1 – in other words, WhatsApp had a subscription model. At the peak under this model it has about 700 million users worldwide; yearly revenue can be estimated at $700 million per year at this time.
There's no reason we couldn't get a $10 a month budget that would give users mail, instant messaging, file sharing or hosting of some kind. But there wouldn't be any of the perspective of the spectacular kind of growth the adtech bubble is trying to sell or integrated software solutions à-la Google that monopolies like so much.
"People won't pay for privacy" is it, and it's really a subset of the larger truth that it's hard to get people or businesses to pay for security. (Privacy is a part of security.)
I worked with a serial entrepreneur once who refused to tell his tech people to spend any time on security. He said "no company ever failed because of bad security... nobody cares about anything except UX and price." I dont think he was 100% right but I do think he was like 98% right.
Privacy is like legroom on flights. Everyone complains about it being taken away but nobody will pay even a little bit for it. Price signals say nobody really cares.
Meanwhile advertisers, governments, and political propagandists will pay handsomely for user data. If anything the price signals say to minimize privacy and maximize surveillance surface area.
It's not like nobody will pay for it - usually, the option isn't available. When the market doesn't offer an option, or offers it bundled with a lot of other unrelated options, then you can't claim people "voted with their wallets" - much for the same reason you can't claim people voted for issue X in a typical democracy, given that they only had a choice between whole political parties.
WRT. legroom - don't know the history here, but I doubt it was ever an isolated issue by which people could differentiate otherwise equivalent flights. Plus, there's the "boiling frog effect" involved, in which you remove conveniences in very small increment that at every point sounds like a reasonable trade-off, but it wouldn't if 20 years worth of changes were to happen immediately.
> Privacy is like legroom on flights. Everyone complains about it being taken away but nobody will pay even a little bit for it. Price signals say nobody really cares.
That's not true at all, otherwise first class, business class and even premium economy would not exist. I've personally paid extra for a seat with more legroom on 2 hour Ryanair flights. It's just a question of what you value (and can afford).
The same goes for privacy - there is definitely a portion of users out there willing to pay extra for services and companies that, at the very least, exploit your user data less than the others. See Apple's latest stance - they are basically packaging privacy as a luxury good. Or the VPN market, paid email providers instead of Gmail, chat applications such as Signal, Riot, Telegram...
He is wrong in that quite a few (smaller) companies have gone defunct due to bad security, but he was right in that the hare that cuts every corner, rushes its product to market and (maybe!) gets breached will outperform the turtle that gets hamstrung by the governance, security and bureaucracy within its shell and doesn't produce anything.
People can’t pay for privacy if it’s not offered as an option, because most solutions are being offered by groups who have a vested interested in not offering privacy options.
If these options do not exist - which is not true - it is because there is not enough consumer demand.
No one produces wine in an abstemious society for obvious reasons.
The only reason that private/censorship-free platforms end up filled with nazis, is that they have nowhere else to go. If all the platforms are private/censorship-free, then the problem is mitigated.
I think this is because of the assumed level of risk. People don't think it'd happen to them.My colleague's house was nearly burgled. Once that happened, he invested in intrusion detection system and etc.So his level of assumed risk has gone off the charts. Some years ago I made a suggestion to the company owners that we should ramp up on security,at least starting with getting an antivirus. One said he'd use the insurance from the bank if we get robbed,while the other said it slows down his PC( an avid player)...While now we do have much more than just an antivirus, the assumed level of risk is still pretty low. People simply don't care...
If I see a computer with an antivirus on it(besides the default windows defender thing), I assume it is less secure than something with an antivirus. Most often it was installed by someone who was either mislead about the benefits of an antivirus and/or tricked into installing it. Getting adblock is an massively better way of making a computer secure.
I admit, if I see a computer with anti-virus software running on it these days, my first assumption is that its the anti-virus software that's the scam/payload...
I hate anti-virus software. I have yet to be convinced it is worth the CPU cycles it eats. I would rather reformat my hard drive if there is a malware issue than have McAfee running 24/7
The better ones will alert you before you detonate anything, so having an agent can be useful for preventing less savvy users from getting infected with viruses last seen in 1992.
>how many of you pay at least 500rs/month for services that give you privacy
It's my understanding that's between $7.00 and $8.00; I pay less than half of that to have an entire server I use for things such as hosting my own email server for my personal use.
>Instead of paying for it, many of the people at the panel wanted the government to mandate it. Moreover, many people seemed to think it would somehow be free to provide.
I can understand why this would be looked down upon, but isn't this the manner of thing a government is intended to do? If we're going to pretend democracy is so great, then people wanting the government to outlaw certain business models is perfectly reasonable.
>Will you pay $20-50 a month to replace your free online services with privacy preserving ones?
I'll pay for a server and that's all. If I can no longer read some articles online because of a pay wall, then I won't, but I may if it's otherwise available to me gratis, but I still won't allow any JavaScript to run and so won't see any advertisements. If they dislike people not viewing advertisements, they should have a pay wall, but many of these organizations are aware people won't pay for what they offer.
>User tracking enables product managers/UI designers to figure out exactly what customers want, and give it to them.
They can go to Hell.
>A special case of fraud which also relates to the problem of paying for services with advertising is display network fraud. Here's how it works. I run "My Cool Awesome Website About Celebrities", and engage in all the trappings of a legitimate website - creating content, hiring editors, etc. Then I pay some kids in Ukraine to build bots that browse the site and click the ads. Instant money, at the expense of the advertisers.
This never ceases to amuse me, so far.
>To prevent this, the ad network demands the ability to spy on users in order to distinguish between bots and humans.
They can also go to Hell.
>Question: What does the government call a payment platform that provides privacy to it's users?
>Answer: Money laundering.
Money laundering is a made-up crime, just as with jaywalking and copyright infringement.
>In many cases, censorship authorities require social networks and others to track and notify them about people posting illegal content (Nazi imagery, child pornography, Savita Bhabhi, anti-Islamic content).
Oh, so the government makes rules that make something illegal, so the illegal thing is bad. Yes, I can't run a service that transfers money and is unmoderated, because it's illegal. I'm American and I'm well aware this ''freedom'' I enjoy is a lie.
>This is a fundamental collective action problem, and no player in the game seems to have the ability change things.
Right, governments conspire against their citizens, but this is an intractable problem.
>There are bad actors out there - fraudsters/scammers, terrorists laundering money, legal gun manufacturers moving money around, child pornographers, people who believe in evolution (even among humans), people advocating abandoning Islam, Russians posting Pepe memes, and journalists/revenge pornographers revealing truthful information that people want kept hidden. Any privacy preserving network, at it's core, allows these people to engage in these actions without interference.
Is running a server really that cheap if you include the up front costs, maintenance, and your own time? What about the costs of having an offsite backup?
As someone who also has their own personal server, I can definitely say it's not cheap.
>Is running a server really that cheap if you include the up front costs, maintenance, and your own time?
It's annoying, but it's still cheap. What ''up front costs'' do you mean? Maintenance is mostly me struggling with software someone else wrote and wanting to replace it with my own; the smaller services I run, Gopher and Finger, use software I wrote so I need not configure some awful software written by someone else. My goal is to eventually only run services with server software I've written, such as for email and FTP and whatnot. I have spare time and knowing how to maintain a server is useful.
I'm clearly an advanced user, however. Still, I've offered others some things, not that they want them. I could host email for my family and whatnot if I needed to.
>What about the costs of having an offsite backup?
I use scp to transfer it to my machine. It's all measured in single digit megabytes.
>As someone who also has their own personal server, I can definitely say it's not cheap.
Okay. I don't know what you do with yours, but I run email, HTTP, Gopher, Finger, and I want to have FTP and Bittorrent available soon. The email server gives me the most problems, but that's mostly because of other email servers, as I didn't need to do much configuration and it's measured in hours rather than days. The HTTP is preconfigured and I've written the software I use for Gopher and Finger, although I want to replace it with better software I write, later.
Paying a third party for your privacy is a fools errand. If you want privacy, then use the tools on hand. Your credit card number is the last thing you should be sharing online with anyone if you value privacy.
When I see things like this, I just wish HN had a superupvote button. Definitely adding this to my "favorite, underappreciated articles that everyone should read" list. I think a solution to the problems outlined in the article is sneakily smuggling privacy with something else (Apple sort of does that) or making government resistant solutions. I mean systems that you don't even run, that you release to the world and you have no control over. Solutions that communicate in ways hard to detect, and have no central points of failure. Solutions that are hard to shut down, that never die unless the last two computers using them die. They must be tampering and censorship resistant, no matter if you call the censorship censorship, protection against terrorism or preventing copyright infringement. Yes, it is hard, especially that, for any hope of success, the solutions must be as good (or better) than centralized ones. If they are not (if their UX is not), people won't flock to them. That is our only hope of winning in this war. The fight will be hard. It laready is, but that's the only way forward, if we don't want to live in an Orwellian state in twenty years.
Why does it follow that we should be okay with privacy intrusions?
Companies don't have a right to their business model. If we as a society decide to limit how companies can collect and use our data, and it forces some to start charging their users or go out of business, that's okay! Just because that's a sustainable way to run a business right now doesn't mean it should be.