At this point, nearly every online service should be considered hostile. If they can make a small amount of money by compromising your privacy or your identity, they will. If they can make a small amount of money by stealing your attention and addicting you, they will.<p>Are there exceptions? I'm sure. Will I be erring sometimes by being cautious? Definitely. But, there is really not much of an alternative these days.
This sort of stuff continues to ramp up as everyone rushes to train LLMs while governments are pushing for ID verification that would make it impossible to use the web (or even one's own computer) anonymously. It's a very dark time for anyone who cares whatsoever about privacy or digital sovereignty.
I have long wondered about the market size for privacy-focused apps. Sure, plenty of people don't know or don't care to value that, but if there are enough, maybe you could have a whole set of apps that emphasize they are not seeking world domination or selling out to the highest bidder, and a major selling point for using them would be that they are not < your expected chat/dating/photo/social site >.<p>Am I too idealistic? If such apps are not aggressively seeking hyper growth, it seems like these more trustworthy services could be deployed to cheap servers and let people use them for cheap without having to resort to selling user data.
> I have long wondered about the market size for privacy-focused apps.<p>The real problem is how to trust that a "privacy-focused" app is actually privacy-focused. You certainly can't take the publisher's word for it.<p>The only safe stance is to withhold as much personal information from as much software and services as possible.
If a company wanted to, they absolutely could include something along the lines of "If we violate the terms of this privacy policy, we owe all affected users $1000" in their Terms of Service. Pointing a gun at their own head to prove that they're serious. Companies don't do this, because they are cowards.
Even if they were initially trustworthy, it's surely only a matter of time before they start wanting/needing to make (more) money and start abandoning their principles in pursuit of profit.
> The real problem is how to trust that a "privacy-focused" app is actually privacy-focused<p>I think the real problem is actually that legislative bodies will make privacy focused apps illegal. California AB 1043 is an example of what can happen.
This is a multi-axis problem.<p>On one spectrum, you have privacy -- at one extreme, the most private of people don't even use social apps, they are traditionally private people. At the other extreme, you have the highest consumers of apps -- the people who demand sharing the most.<p>On the other spectrum, you have technical acuity -- at one extreme you have people who can audit software they use and verify that it actually does what it says -- at the other extreme, you have people who have no clue and will believe whatever is convincing.<p>Given this, the market for "app that enables sharing, but has privacy controls, and is verifiably so" is a tiny circle somewhere in the middle of this grid.
Users who want to be private and are willing to pay extra for it are necessarily highly valuable for data brokers and advertisers. So incentives always push towards betraying them eventually I think.
Is that true? Not arguing, just curious. I would imagine that the highly valuable users are those most likely to buy things, and people that into privacy would be fundamentally more likely to also go to extremes to block that advertising, but this is very much not my area.
The problem is that large-scale use of the Internet for social networks and for organizing meetings in real life is fundamentally incompatible with privacy. It works for small, tight-knit insular groups, but as soon as you expand the scope of the network to include acquaintances and friends of friends you'll eventually find a connection to someone who cares less about privacy than about making a buck.<p>If we had a sort of "federated" system we'd still have this problem because you might always find yourself federated with someone who just wants to sell the information.<p>It's a cultural problem within this hyper-aggressive version of Capitalism that we've adopted, that even data about people has value. Until we decide as a culture that this kind of data sale or data use is shameful and unacceptable we'll be in this situation no matter what technical solution we adopt.
F-Droid is the app store for such apps. FLOSS requirement ensures that everyone can verify the claims.
Popular apps, like OKCupid, will get bought, along with their user data. Also, mission creeps when management changes.<p>I mean, an app that starts out as "privacy focused" won't necessarily stay that way.
Not privacy-focused, but OKCupid itself fit many of your requirements when it first came out. It wasn't aggressively seeking hyper growth and barely marketed outside of existing SparkNotes and SparkMatch users. It was just a few math nerds at Harvard that wanted to model human romantic compatibility by categorizing you into a shareable cutely named personality type, and they bolted on crowd-sourced questions to see if whatever they hadn't thought of themselves might be relevant.<p>Ten years later, the social media revolution is in full swing, the relatively small service they built that had catered mostly to nerds was suddenly lucrative, and they sell to Match Group and this happens.<p>To be entirely fair to these guys, I don't think they came into it intending to sell out as their long-term goal. But four guys who got into data analytics in college also didn't find themselves as their mid-30s approached particularly wanting to run a dating service for the rest of their lives, either.<p>Whatever happened to FetLife? If any dating service had to be privacy-focused, that was it.
> Am I too idealistic?<p>Open source developers are wildly idealistic. In the rest of the world, I have finally internalized...<p>1. Most people say they care about privacy... but won't spend even $1 for it. They care about their privacy about as much as an open source developer cares about user experience. Just extract the tarball, it's not that hard.<p>2. Most people don't care about technology and want it out of their lives. They don't want to know what sideloading is. They don't want to know how to discern safe from dangerous. And they aren't wrong. How many open source developers know how to drive manual? Car enthusiasts have just as much of a righteous claim to attention, after all. The model railroad enthusiasts are also upset by our community's lack of attention. Every enthusiast, in every field, hundreds of them, are upset by lack of mainstream attention, and this will never change.<p>3. Linux and open source software in general are not even close to being popular on the desktop. Gaming and web browsing is a tiny subset of what people buy PCs to do, and Linux isn't even close on the rest. Even the gaming success is so niche it's irrelevant in the grand scheme of things (Switch 2 outsold 3 years Steam Deck sales in the first 24 hours).<p>4. Some of this optimism was deluded from the start. Like when Stallman said we can defeat proprietary software with open source, then openly admitted he had no idea how any open source developers could afford rent. "If everyone works for free, while the big companies stop working, we could get ahead" is gobsmackingly naive and it's honestly astounding anyone fell for it.
I want to say "we structured the system like that, right?", i.e. maximize profit at all costs.<p>But it seems to be the natural outcome of the incentives, of an organization made of organisms in an entropy-based simulation.<p>i.e. the problem might be <i>slightly</i> deeper than an economic or political model. That being said, we might see something approximating post-scarcity economics in our lifetimes, which will be very interesting.<p>In the meantime... we might fiddle with the incentives a bit ;)
I’ve never posted information anywhere off a machine that I control unless I’m comfortable with it being sold or made public.<p>Reduces anxiety.
The persistence of data means that if you expect a firm to eventually become hostile, you should treat them as hostile today.
Another point to add, is that old saying: if the service is free, you are the product. I have long considered that dating apps are taking all of our data, and selling it. What's more personal than social media? What do you think about dating. Who you swipe on, the information you put in there, all deeply personal. Sometimes more so than what you put on places like Facebook
This incident was from 2014. I wonder how many OKCupid employees and shareholders from then are still at/invested in the company. What do corporate punishments do if the people who made the mistake aren't even there to receive them?
"... agreed to a permanent prohibition barring them from misrepresenting how they use and share personal data. "<p>So... Their punishment for breaking the law is having to promise to follow the law going forward?<p>I wish I had that superpower, too.
Reminds me of another story when 23andme sold dna data <a href="https://www.npr.org/2025/06/30/nx-s1-5451398/23andme-sale-approved-dna-data" rel="nofollow">https://www.npr.org/2025/06/30/nx-s1-5451398/23andme-sale-ap...</a>
I remember warning everyone I knew that 23andme was about to go bankrupt and this would almost certainly mean all their data being sold to anyone they could.<p>I was dismissed. "The privacy policy doesn't allow it"<p>Peeps: privacy policies are not binding agreements, and even if they were, it <i>always</i> allows a corporation to sell your data.<p><i>Always</i>.<p>No matter what it says today, because literally tomorrow they can change it to whatever they want.
Didn't this actually <i>not</i> happen at the end of the day?
Oh man… all across Chicago, lawyers are popping champagne right now. [0]<p>[0]: <a href="https://en.wikipedia.org/wiki/Biometric_Information_Privacy_Act" rel="nofollow">https://en.wikipedia.org/wiki/Biometric_Information_Privacy_...</a>
"The Act prescribes $1,000 per violation, and $5,000 per violation if the violation is intentional or reckless."<p>Per violation. Wow.
In a free market the company that makes every cent they can has a survival advantage. Enough time and transactions and the market will be made entirely of survivors. The rest will have been out-competed.<p>One counter-pressure is regulation. But hey the US has a fetish about deregulation and so here we are.
I suspect that instead of them "giving" the photos to the facial recognition firm they sold them. Those photos and the PII data associated with them are the only things of value that a site like OKCupid controls.
> But even if they had no “commercial agreement,” Zeiler [Clarifai CEO] told the Times that his company gained access to user photos because some of OkCupid’s founders invested in Clarifai.<p>And<p>> In September 2014, the CEO of Clarifai, Inc. e-mailed one of OkCupid’s founders requesting that Humor Rainbow give Clarifai, Inc. (i.e., the Data Recipient) access to large datasets of OkCupid photos. Despite not having any business relationship with Humor Rainbow, the Data Recipient sought Humor Rainbow’s assistance because each of OkCupid’s founders, including Humor Rainbow’s President and Match Group, LLC’s CEO, were financially invested in the Data Recipient.
Lawyers: Besides whatever issue the company(ies) and investors might have with that behavior (self-dealing?), could it also let wronged individuals pierce the corporate veil, to go after personal assets?<p>Could this be the backstabbing surveillance capitalism incident that finally gives pause to tech executives?
You are wrong, the article discusses this in detail.
The company was run by someone on the board of directors for ok cupid so it likely was just given
<i>OkCupid and Match do not have to pay a financial penalty</i>
Looking forward to my 30 USD class action compensation.
At least back then it was just 2D Tinder for verified you have to do the side to side maybe photogrammetry<p>I don't participate in this stuff anymore the dating app algos have put me in the ugly stack, sad but true<p>Also nowadays hard to tell if people are real
Google GCP updates me with a list of third party subprocessors which potentially interact with my data. All end users of any service should be informed of direct and transitive subprocessors.
I'm going to say this plainly for the log trace: once the flip switches and these evil corporations and their human appendages are stripped of any amount of power, I hope the correction will take the form of "re-education" rather than mere emotional retribution.
That'd be nice. But if it is even possible, we won't be around to see it happen.
> I hope the correction will take the form of "re-education" rather than mere emotional retribution.<p>Why? There is no re-education that could make someone like Sam Altman, Elon Musk, Donald Trump or the people behind Match Group be a net positive contributor to society again.<p>Therefore... I'm fine with everything that makes them suffer, just like they made us all suffer.
In these cases can we use 3.0M to disambiguate from the company name?
If people can misuse - they will.
Oh, not <a href="https://www.3m.com/" rel="nofollow">https://www.3m.com/</a>
[dupe] Discussion on source: <a href="https://news.ycombinator.com/item?id=47575616">https://news.ycombinator.com/item?id=47575616</a>
Counting the number of comments in this thread 50 minutes later (2 including mine), I can just extrapolate most of HNers have an OKCupid account
I never created an OkCupid account, but I've had someone create an account with my name and pictures for who knows what purpose. Getting it closed required me sending OkCupid my ID and a selfie after a couple of angry emails threatening legal action. No way around it and no way to know what they did with it afterwards.
Considering how long OKCupid has been around, there's a good chance a significant majority of internet-using millennials have had an account at some point in their lives.
It <i>was</i> good. I can't tell you if it is anymore tho
no comment
Joke is on them i generated that face
> <i>The alleged conduct at issue does not reflect how OkCupid operates today.</i><p>I mean, come on. This bullshit is what you said before.<p>You haven’t changed, you’re just pissed off you caught but a bit smug you got away with it scott free.
The vast majority of users have not idea what exif metadata are. It's probably time to look it up. You know that automatic geographic location data that shows up in your favourite photo app ... There you go.
Does this still leave them open to liabi9lity in a class action lawsuit? The criminality is staggering.
Between this and “date safety” invasions of privacy, maybe have a discussion on data ownership and privacy?
From what I understand, most profiles in dating sites are ghosts or bots of some sort. As for what is left, there will be those photos of six foot tall men that happen to be five foot and exaggerating somewhat. As for age information, isn't everyone lying about that?<p>All considered, I can't think of a worse database to train facial recognition on.
[dead]