Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The answers to online platforms trafficking in personal data and metadata is two parallel and concurrent efforts:

1. Much tougher data privacy regulations (needed per country)

2. A central trusted, international nonprofit clearinghouse and privacy grants/permissions repository that centralizes basic personal details and provides a central way to update name, address(es), email, etc. that are then used on-demand only by companies (no storage)

By doing these, it simplifies things greatly for people and allows someone to audit and see what every company knows about them, can know about, and can remove allowances for companies they don't agree to. One of the worst cases is the US where personal information is not owned by the individual and there is almost zero control unless it's health related, and can be traded for profit.



Will you use a central trusted, international nonprofit clearinghouse and privacy grants/permissions repository that is run by the government of China / Iran / [state]?

It is important for privacy activists to understand that „centralised“ is an anti-pattern for privacy.

Instead we need security and control over our data on devices and internet platforms guaranteed by the law.


Yes, I agree. I hate web-forms so much that I wrote a Firefox extension that fills them automatically (using LLM).

It sounds to me like what you're describing under 2 is a real usecase for blockchain contracts?

Store your latest data encrypted on-chain and give every 3rd party you trust a key that corresponds to the relevent part of the data?

Curious about opinions on this.


I'm not talking about a distributed or self-hosted technical solution, but a centralized trusted nonprofit organization. Technology alone can't automate away privacy management issues.


3rd party would only have read access, I'm assuming? Also would love to try out the extension.


Can you share this Firefox extension? Sounds super handy!


I created an app to do end-to-end encrypted contact info sharing and updating with your second point in mind. By holding only encrypted data that can't be accessed by us, people will hopefully trust their contact info is only in the hands of people they want. https://neu.cards


You might be interested in Peergos for the storage and access control part. We have a profile where you can control access (and revoke) to each field individually. E2EE because most people wont want to self host.

https://peergos.org/posts/social-profile


The second one sounds something similar to the Solid project, which is what Tim Berners-Lee is currently working on: https://solidproject.org/.


Or it just all happens on the client side before it even hits the Internet. I would love if Firefox allowed users to use Postgres instead of sqlite to store their places.sqlite database.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: