I once talked with a colleague from the data-analysis field. Apparently the company they work at is somewhat in the legally grey area.

They advised other companies on hiring candidates, by scraping all possible data about them online (which included buying anonymized advertising data and correlating it to all their publically available data and the data from the application). Using that, they claim to predict worker motivation, loyalty, how often they are sick, their political alignment, what their acceptable rate is, if they are going to ask for a raise, how well they work under pressure and much much more.

Since hearing it this has basically become my thread model.

As I am writing this, I realize that it is probably time to delete my Lemmy account and never post here again lol

Default threat model: Some malignant demon, who is at once exceedingly potent and deceitful, has employed all his artifice to deceive me

Random hackers, companies, dragnet surveillance.

The companies are probably the biggest exposure as we are forced to interact with them for utilities, flights etc . They get hacked all of the time and dont bother to secure their data.

Also as a side note I hate how lots of places just assume you want to download their shitty spyware ridden apps or hand over your phone number or an email.

deleted by creator

I found the Anarcho-Texh security guide helpful in getting started thinking about this with more nuance. I’m including the link below but here’s a short summary

Are you an: Individual Journalist Targeted Activist

Are you annoying: Random assholes Assholes with resources The State

Each category has bigger security needs on one side and more powerful tools on the other. It’s kind of humbling to realize that I’m just an individual and the NSA has no special interest in me, but that makes me feel better using a separate browser without additional security to shop on sites that block a VPN etc

(Also tbh I’m not sure when this page was last updated and I have no involvement with the org. Just a cool resource)

https://github.com/AnarchoTechNYC/meta/wiki/Persona-based-training-matrix

I’m an activist so yk I probably need a more strict model

I am mostly concerned with tracking from the private sector; I see privacy as more of an ethical dilemma than an immediate threat, although the corporate surveillance business model is contributing to problems in the real world (data drives social media algorithms which brainwash and radicalise people, leading to increased violence and social chaos). If there is a better alternative to some privacy-invasive big tech app or service then I will make the effort to switch to that. I am willing to sacrifice convenience to support projects that I believe are doing things the right way, or at least putting some effort into being better. However the reality is that most people, whether it’s my friends and family or just acquaintances, do not share my ethical concerns and/or are unwilling to make personal sacrifices and this means I will always need to remain open to compromise to avoid isolating myself socially.

When it comes to the public sector, I am mostly interested in circumventing the federal government’s mandatory data retention laws. which were imposed by a conservative government I didn’t vote for. Again, this is more of an ethical decision; I believe I should have the right to opt out and if the government won’t allow me to do that then the next step is to use tools like VPNs to ensure that data is less personally identifying than it otherwise would be. And again, like data collection from the private sector, my attitude towards government data collection varies depending on whether I see a reason for it to exist. Mandatory data collection of lawful civilians for vague “national security” reasons is overreach and doesn’t have an obvious practical benefit, but during the worst of the COVID years I was okay with the compulsory government tracking of where I had been and when. I saw the pandemic as an immediate challenge we needed to overcome as a society and I was willing to sacrifice my privacy to contribute towards the collective effort.