@drahardja 💯 I've been saying that in addition to holding business and governments accountable for data leaks, we must implement regulations that prevent collecting information not necessary to get the job done. I realize, even this is an idealistic dream, but it's what we should work towards.

@drahardja but what if you invent, at astronomical expense, a perfect cyber Fort Knox which no one can break into because an employee clicked a link saying "FREE CANDY" which then directed them to a website where they put in their login details and MFA code?

@drahardja thank you for your TED Talk

@drahardja easier said than done. It's legislated for some industries to collect information, and, in Australia, they must keep it for a certain amount of years 😖

The data retention legislation has already been blamed for the sheer amount of data stolen

@drahardja @bastardsheep huge if true

@drahardja don't hold data if you can't secure it

@drahardja hackers be like https://youtube.com/clip/UgkxqLBeGsKQkXJN3L7DlRkcP5PSd8bUICVW

@drahardja That's no fun. Also less profitable.

@drahardja impossible level of wisdom 😉

@drahardja
So easy!
Yet, this seems unthinkable to absolute most companies, they will offer you everything in the arsenal: from OTPs to having to set a new password after having logged in from a different IP address once — and no, of course your can't use your old one the one that is complex and yet you remember it well.
But not forcing you to enter your real name and other such things seems completely out of the question.

@drahardja Literally illegal in half the world now.

@drahardja@sfba.social Related talk: https://idlewords.com/talks/haunted_by_data.htm

@drahardja So like "Zero Trust" but for customer data collection, so "Zero Data"

@drahardja
I do not recall which but I did notice a few online retailers give you the option to NOT have your credit card information kept for future use. That should be the normal default everywhere.

Retailers should not need your credit card information at all.

http://the5thc.blogspot.com/2022/04/how-to-make-credit-card-purchases-safer.html

@drahardja@sfba.social b-b-b-but how do we send out personalized intimate ads otherwise?

@drahardja
While waiting on hold for the bank, I heard that I could ask them to not use voice recognition. She was incredulous, but we got there. Now I have to answer ID questions, but the hackers have less opportunity to get my voice now.

@drahardja Have you tried publishing any app on any app store? Half the questions are unanswerable if you don't.

@drahardja You do business with some company online: why do they need your information, say, 5 years later? Should be a law: "dump info after 3 years' of no further business..."

@drahardja Cashier at Counter- Can I get your phone number?
Me- Nah.
*her perplexed look*

@drahardja There are companies who literally have no value other than the data they're collecting. Those companies, if liquidated, would sell their data to the highest bidder and the problem would persist. We need to make holding data toxic, or data extremely short lived. Like it should self destruct after 48 hours. And any company caught selling data should have its assets frozen. Money, credit, real estate, crypto. Forfeit.