But this is possible because we let them use this data. Thankfully, in EU the GDRP makes this almost impossible.
On a side note, working on a platform that is similar to sentiance in data aquisition, but for totally other purpose and zero effect on privacy, due to a transparent anonymization.
Legally, I cannot collect any data and keep the source. So I do strip all the possible identification, until someone's effort to pin point to any personal data becomes economically unfeasible. I also tend to store as little as possible raw data and in some cases, I do data scrambling, where the data as in values is not important for the engine.
A demand to forget has to show that I have data on that person. Without this, claim is impossible. No invasion.
"Anonymizing" data is a myth; stripped or hashed columns can usually be recovered by correlating the remaining data with other data sets.
> until someone's effort to pin point to any personal data becomes economically unfeasible.
Which admits that the data probably is recoverable, just "economically infeasible". Do you have proof of that claim? Unfeasible for who? In general, the difficulty of re-correlating data goes down as the amount of data grows.
> I do data scrambling, where the data as in values is not important for the engine.
DJB once described[1] hashing as "magic crypto pixie dust" that "takes personally identifiable information and makes it incomprehensible to the marketing department".
> A demand to forget has to show that I have data on that person.
So you're trying to launder data to circumvent the letter of the law. This kind of scofflaw, antisocial attitude is how you attract reactionary, heavy handed regulations.
There is no other data set to correlate. Simply all the external context data is not recorded anywhere. Not even in logs. Unless some higher agency is going to hack some network driver to pick up the tcpip source, etc, I don't see how the data could be associated with datetime and location. This is why I was talking about "economically infeasible".
Data scrambling doesn't mean hashing. Sorry, here you are wrong. It's a on-the-fly frequency/timedomain scrambling, means someone has to physically, again, access a server and pick up from the memory the algorithm. And no marketing department, all research here!
The other stuff, I wound't reply, but let me asure you, there is no law circumventing. We are open and if someone can pinpoint of some personal data, there is no issue removing it.
I was recruited to work there, since they are from my local neighborhood I know them some time already.
They have a history of analyzing data with financial support from Samsung.
They are a smart bunch, don't have bad intentions towards people.
That being said, their goal is indeed ... Well not something I value personally.
But they are all good guys that are eager to make an amazingly powerful product.
I agree that the result can be abused.
That being said, there should be a middle ground where both parties should benefit.
I normally don't comment, but I don't want to see them look like a villain. They are excited engineers.
>they are all good guys that are eager to make an amazingly powerful product
Lovely. They are also devoid of vision and ethics about the likely results of their actions. In short, they fail to consider the saying:
"The road to hell is paved with good intentions".
Have they even considered the question: Which of their targets would EVER sign-up for their service?
Who are their customers, and why would they pay for the service? The only plausible reason to pay Sentiance is to understand a target's behavior at a fine-grained level in order to insert a stimulus to get them to do something they would otherwise not do willingly. (or a stalker, to assault them).
So, they are making a wonderfully powerful tool to enable strangers to change a target's behavior without permission. Yet they are not bright enough to avoid putting a "sign up" popup on their website in a way that interrupts their own video.
They will enable someone to cause serious damage to our world. Please get a message to them that they need to stop and shut down.
If they want to build something REALLY powerful, they should pivot to building something to allow us to DETECT & PREVENT other software on our phones/computers from doing what they are now trying to do.
It doesn't really matter how nice, smart, talented, excited, curious, or well-meaning a person is. Judge them by their actions. What they build and what it is used for.
If you could pass a message them, please tell them to get a grip and realize how insanely creepy what they are doing is, and they should probably not do it, even if it makes them a bunch of money.
