I imagine that's going to be a pretty bitter pill to swallow for a lot of companies. How do you think they'll continue to police it? What happens in a year's time when than company is sold to someone else, for example?
Personally, I feel like people in general are too quick to hand apps access to their machines. For example, I know a bunch of people who used grammarly, and I said to them at the time - wait, you're basically installing a key-logger that sends your data to a 3rd party - what happens when they lose it?
My experience is that many people simply don’t care. A friend of mine told me that he uses the Kayak app a lot. He gave them access to all his emails. They scan every incoming email for trip itineraries and push it to his app whenever they find something. I was a bit shocked and asked him if he didn’t care that they could read all his emails. He said “no I don’t care, there’s nothing I’d like to hide and I love the convenience”. Well, fair enough I thought.
And then, there’s is often nothing I can tell people to make them afraid. Sure,
I’d never do such a thing. But because I don’t trust the corps, not because I could really articulate what bad could possibly happen in the worst case.
I wonder if your friend would object if you asked to browse through his email right then and there, or download it all as an archive to look through later.
I imagine most people wouldn't really want to do that, even if they believed they had nothing to hide and use apps like kayak.
Might be a good way to make a point (or maybe not, but it's interesting to think about).
Yes that's also a very good question. I think if you combine the two, you get "would you prefer to give email access to your friend or to a random stranger" - it's actually a tough question for me to answer.
I guess maybe it's like how you're comfortable talking about a medical issue with a doctor you've never met before, but you wouldn't necessarily want to discuss it with friends.
Why do you need to "make them afraid"? Why is your feelings toward privacy the only correct one?
Owning a keyboard is potentially "giving everything you type to a company". Connecting to the internet at all is possibly giving the whole world access to your machine. Using ANY service is giving them information about you that could be used against you.
Why are those tradeoffs okay, but giving a company access to your email not (access, which is already given to Google as the one actually running the email service)?
Nobody is saying they want it to be a free-for-all where anyone that gets access to your information can use it any way they want with no security or tools in place to manage it. But I feel I should be allowed to decide who I'm able to give my information to, especially when I get something in return. And I want there to be controls in place to prevent abuse, I want to be able to revoke that access at any time, and I want the legal system to be on my side if things go wrong, but I don't want someone condescendingly trying to make me "afraid" of a conscientious decision I made that is making my life better and all parties involved are happy with.
Just like how you shouldn't be lambasted for using a keyboard which could possibly contain a keylogger embedded in the device, I shouldn't be insulted for wanting to use tools and services on my information that benefit me.
Thank you. That’s a very insightful question and it made me think. I have no answer yet why I (we) view some tradeoffs as ok and others not. Will think about this...
I came in a little hot in that comment, and pushed some of the arguments to their extreme, so I want to apologise for that.
But I really appreciate the response! It's a nice breath of fresh air when someone responds like you did, especially when my comment was a lot more aggressive.
There's not going to be an easy solution for this kind of stuff, but at the end of the day I feel it's a necessary evil, very similar to how many countries deal with freedoms or natural rights.
If we err on the side of giving people choice, that means that more bad actors will be able to hurt than if we didn't. But I feel that freedom is something to be protected, and it is worth the added work and risk of allowing bad actors to get a foothold.
No need to apologize! You didn't come across as "aggressive". Your comment made me think and that is important. Taking arguments to their extremes helps sometimes to get a discussion really going...
If you use AdBlock or any other browser extension then they also has access to all your email. But for some reason people on HN care more about granting API access than about what apps actually have access.
> And then, there’s is often nothing I can tell people to make them afraid.
You need only to send your friend an email:
"Steve,
Please remember to bring the poison and knife tonight when you meet me under the bridge at 12am at 1st and Congress. I will meet you there with the cocaine and unmarked bills. I appreciate your help in this matter, and suspect Bob will not see it coming."
Yes, that’s what I always used to say too. But then again in Europe this is almost impossibly from a regulations point of view. Also, no insurance has the capabilities to do that ;-)
> Your app will have the remainder of 2019 to complete the assessment.
> The assessment fee is paid by the developer and may range from $15,000 to $75,000 (or more) depending on the size and complexity of the application.
> This fee is due whether or not your app passes the assessment; the fee includes a remediation assessment if needed.