Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
londons_explore 5 hours ago

There isn't much difference between giving this data to 20,000 researchers all over the world and simply publishing the data on the web.

I personally would like data like this to simply be published, together with a law that says using the data to make personalized decisions affecting those individuals is punishable with life in prison.

Basically, this data is 'opensource', but not for use to decide insurance premiums, job offers, or the contents of news articles.

probably_wrong 4 hours ago | parent | next [-]

> There isn't much difference between giving this data to 20,000 researchers all over the world and simply publishing the data on the web.

As a researcher who regularly deals with such data there is a MASSIVE difference. Yes, I have access to the data but I am restricted on how it can be stored (no cloud), what I can and can't do with it, and for some of it I'm even mandated to destroy it once the research project is over. I have the informed consent of every participant, some of which withdrew halfway throughout the collection without any penalty to them. I also don't need a new law because I'm already bound by existing ones, by the contract I signed when I joined, and by the confidentiality agreement I signed when the project started. While I don't know that the leaker(s) will be identified, the existence of the data itself already calls for legal action while giving a starting point for investigation.

Your suggestion, on the other hand, seems to be "let's put this data out there without people's consent and make companies pinky promise that they won't use it in their black boxes in a way that's virtually impossible to detect or prosecute". Those two things are definitely not equivalent.

chris_va 2 hours ago | parent | next [-]

I am not arguing either way, but I think you missed the point.

When you give O(20000) people you have a 1-0.9999^20000 (high) probability that that will leak anyway (either 1/20000 people not following the rules, or just the accident/attack surface area).

dweekly 3 hours ago | parent | prev [-]

[dead]

spacebanana7 4 hours ago | parent | prev | next [-]

> together with a law that says using the data to make personalized decisions affecting those individuals is punishable with life in prison.

This works well in theory but is basically unenforceable. It's barely possible, if possible at all, to audit how FB or google make ad targeting decisions - but once stuff gets into the fragmented ecosystem of data brokers and market intelligence consultancies all hope is lost.

To say nothing of state actors, like countries who might deny you a visa based on adverse medical info or otherwise use your information against you.

Pay08 5 hours ago | parent | prev | next [-]

I can't wait for this to be used for assassination by peanut.

basisword 5 hours ago | parent | prev | next [-]

Which would be fine if that's what the people who gave their data over agreed to.

cs02rm0 3 hours ago | parent | prev | next [-]

The web is global, UK law certainly isn't.

keybored 5 hours ago | parent | prev | next [-]

“We didn’t make a decision based on that.” Done and dusted?

chii 3 hours ago | parent [-]

or it's made the onus for the proof that the data wasn't used, so if your decision didn't come with a proof it wasn't, the party making the decision can be sued for it.

Like a clean room implementation requirement.

estearum 4 hours ago | parent | prev [-]

well you just articulated the difference

licensing it to researchers allows you to create, monitor, and enforce policies like the one you describe

stealing it does not