Posted by ColinWright 21 hours ago
The straight-from-LLM writing style is incredibly grating and does a massive disservice to its importance. It really does not take that long to rewrite it a bit.
I hope at least he wrote it on his local Llama instance, else it's truly peak irony.
> Here’s the thing about the DPF: it’s the replacement for Privacy Shield, which the European Court of Justice killed in 2020. The reason? US surveillance laws made it impossible to guarantee European data was safe.
> The DPF exists because the US signed an Executive Order (14086) promising to behave better. But an Executive Order is not a law. It’s a presidential decision. It can be changed or revoked by any future president with a pen stroke.
This understates the reality: the DPF is already dead. Double dead, two separate headshots.
Its validity is based on the existence of a US oversight board and redress mechanism that is required to remain free of executive influence.
1. This board is required to have at least 3 members. It has had 1 member since Trump fired three Democrat members in Jan 2025 (besides a 2-week reinstatement period).
2. Trump's EO 14215 of Feb 2025 has brought (among other agencies) the FTC - which enforces compliance with the DPF - under presidential supervision. This is still in effect.
Of course, everyone that matters knows this, but it doesn't matter, as it was all a bunch of pretend from day 1. Rules for thee but not for me, as always. But what else can we expect in a world where the biggest economy is ruled by a serial rapist.
Because it should still be my choice as to what you do with it, which data you associate with it, and how you store it. Removing that choice is anti-privacy.
When your face is on your LinkedIn profile, anyone can download it and do whatever they want with it. Legally. Here, the vendor has to tell you how they use it.
All for a checkmark next to my profile that says I'm a real human.
Why is that your assumption?
I'd consider that a feature that would increase trust in such a platform. These platforms require trust, right?
So that means you are participating in the evil that KYC services are.
It's a strange logic. "Evil thing X will happen anyway so it's acceptable for me to work in a company doing evil thing X". You should be ashamed of building searchable databases of faces
So, in aggregate, all 17 data leeches are getting info. They are not getting info on all you users, but different subsets hit different subsets of the "subprocessors" you use.
And there's literally no way of knowing whether or not my data hits "two" or "three" or all 17 "at the most".
> but especially your _face_ is going to be _everywhere_ on the internet. Who are we kidding here? Why would _that_ be the problem?
If you don't see this as a problem, you are a part of the problem
> If you don't see this as a problem, you are a part of the problem
I think you're misunderstanding me. I'm just saying that there are way bigger fish to fry in terms of privacy on the internet than passport data. In the end, your face is on every store's CCTV camera, your every friends phone, and every school yearbook since you were a kid. Unless you ask all of them to also delete it once they are done with it.
By the way, ever since facebook was a thing I always asked my friends not to tag me in any photos and took similar measures at every opportunity to keep my data somewhat private.
That is, multiple regulations already explicitly restrict the amount of data you can collect and pass on to third parties.
And yet you're here saying "it's not that bad, we don't send eggregious amounts of data to all 17 data brokers at once, inly to 2 or 3 at a time, no big deal"
> In the end, your face is on every store's CCTV camera, your every friends phone
If you don't see how this is a problem already, and is now exacerbated by huge databases cross-referencing your entire life, you are a part of the problem
Obviously our faces are public, but there’s no easy way to tie it to all my PII unless I give it to them.
Hiding all this very important info (which literally affects the users life) behind an insignificant boring click! Even the most paranoid user will give up in certain use cases, (like with covid 19 which even though didn´t agree, you needed to travel, work making it compulsory). Every company that uses deciving techniques like this should be banned in Europe.
You read and agreed with the terms explicitly stating the data would be used to do those things, and it was not at all necessary for you to do that. What else do you want? It seems like consent isn't the issue. You just don't like what this company does, and still volunteer your data for them to do just that. Now you regret it and write a blog post?
One thing is to be tricked or misled, or for a government to force your face to be scanned and shared with a third party. Another is to have terms explicitly saying this will be done, requiring explicit agreement, and no one forcing you to do it.
When the author says that Persona claims the "legitimate interest" basis for these data, they're saying that Persona is trying to achieve maximum flexibility for using the data (since "consent" generally requires specific agreement on a specific use for the data, and the burden of maintaining the consent records, where "legitimate interest" does not).
https://www.bulletproof.co.uk/blog/consent-vs-legitimate-int...
This is where I disagree. You basically have to use LinkedIn to participate in today’s job market. These large platforms that are protected by network effects should be highly regulated so they cannot abuse your privacy and rights.
In many companies, you don’t need to bother applying without a LinkedIn profile. You’re not even going to be considered for a position, full stop.
I was once part of the process of creating one. After two rounds, business decided too much money is wasted here and all the nonsense will stay. Better to have too much listed than too little.
Less off topic -- there are some black hat marketers that (I think) buy or create verified profiles with attractive women, then they use the accounts for b2b sales through linkedin DMs. I find that amusing. Neutered corpo bois are apparently big poon hounds. Makes sense when you think about it -- that type of guy is craving female attention and probably does not have the balls to do anything in real life, so a polite DM from a fake linkedin thot would be appealing.