Imagine you go to a market notorious for haggling and the company that sold you your wallet monitors all your transactions and reports them to whomever of the market sellers pays most.
You are now the fat chicken, ready to be plucked: You just bought a hammer, now you need nails. From your social media trail sellers can also infer you are somewhat of a dimwit. Hurry, nails are in high demand in your area. But no worries, here is a great offer for you, valid for the next 0.3 hours.
I just can't understand how people have come to accept such erosion of their privacy, ultimately their very own economic interests and agency under the hands of manipulative operators and captured regulators.
What kind of collective inanity allows such social degeneration. Was it always like that? Is there any hope?
Better yet, they now have those e-ink price labels. They could literally update as you walk towards them to show the price they will sell to you.
If you walk off and don't pick something up, they could then change the offer a little. It's no longer '2 for 1', it's now '3 for 2 with a free X'.
Disgusting.
> I just can't understand how people have come to accept such erosion of their privacy, ultimately their very own economic interests and agency under the hands of manipulative operators and captured regulators.
The frog born in boiling water doesn't realise it is hot, it's all he ever knew. The age bracket with the largest disposable income now doesn't know any different, it's how it always was.
> What kind of collective inanity allows such social degeneration. Was it always like that? Is there any hope?
No, technology made it far easier. It's now targeted and automated, it's as worse as it has ever been and continues to get worse. There is not a politician in any land willing to do anything about it - more product sold at higher prices means larger taxes. (And that's if the company doesn't lobby on top.)
Even better - criminals will get the data a way or another and find out your purchasing power, when and where you go leaving your house unattended and what they can tell you or your relatives to effortlessly manipulate into just giving them something valuable.
Who has these labels? And if they did, how would they enforce it? How would a checkout counter know what price you were offered by some random computer sitting on a shelf?
The standard response from someone working in ad-tech: "But isn't it great that an advertisement informs you that you need nails too? Nothing would ever be built without the help from ad-tech!"
I think the answer is very simple: people don't understand and even if they do then they don't understand that what might seem minor "well whatever, it's just some nails this one time," and it doesn't cross over to the huge power this data yields in aggregate.
"always was" is such terrible rhetoric. hand-wavey and without substance. A thought terminating cliche.
It honestly makes crypto look desirable, and buildings designed with sensor blocking materials. You can't passively surveil a data-center. Why should my home, office or shopping mall be any different?
The powers-that-be never gave us a choice to opt-out. It's been a slow gradual decline.
We have to incentivize haggling over our own data. My unseen/unknown data is my asset and I will protect it's financial value.
We can't trust random joes to not sell out crypto exchanges and the like, so you have to build technology that functions as a manual crypto exchange - without a developer on it's back to pull the ripchord and destroy the technology whenever money shows up.
Manual software is key, as soon as it becomes "automated", some developer has to be roped into hand-holding it through tech changes. Crypto software that only exists because a man put it together and went hands-off, is Key.
Then you can build the normal philosophical/structural/relationship management ideas on top of that.
The average person simply has no hope of understanding the flows of modern global capital, data, weapons, etc.
Back in the day, if the local leather tanner was polluting the town water supply... you'd just go tell him to stop, and if he didn't...
Nowadays the only people who have any idea what's actually going on are the ones who are profiting the most from it and have no incentive to shut it down.
> The average person simply has no hope of understanding
If Mastercard used a private detective to follow you when shopping, and he wrote everything you bought and where you bought it into a notebook, which he later delivers to Mastercard, the average person would understand very quickly.
Yes, it always was like this, all the way back to snake oil salesmen and probably even further back. Now we have 'legit' companies that know the exact snake oil you'd want.
There will always be a battle between the wants and want nots.
Now however, the consequences are on a truly global scale, so it becomes more important than ever before, while at the same time becoming less understandable than ever before for normal people. So instead of downtalking the issue, we should highlight it more than ever before and we should inform and educate people more than ever before.
'cept that education sector is struggling to even get financed in places. We even have people seriously thinking schools should finance themselves, because they are too short-sighted, to see the net benefit for a society, that a good education system brings with it. This in the face of ever more things to learn about the digital world. And I live in a country, where there isn't even an official school subject about interacting with this digital world.
I was always under the impression that despite ups and downs there was (on average) progress, improvement, in some broadly defined way.
I am no longer sure. One could always think that we hit a local minimum. But the comatose, practically non-existent debate suggests there are no reacting forces, the malaise runs deep.
Its puzzling and confusing because none of that phemomena seem pre-ordained. Its all self-inflicted through abysmally bad governance. Literally made up through behavior and choices.
1. People did not accept this "erosion of privacy". They just don't understand. Mastercard is not going to the every customer and telling them, what exactly they do, what it means and so on. Sure, they ask for "explicit consent", they have contract and agreements and tons of legal documents describing every step. But that does not help people understanding what they do. That is the big misunderstanding of legal requirements like GDPR: It does not prevent erosion of privacy.
2. In general, this is not an erosion of privacy. Honestly? I really do not care what a company does with my transaction data. Why? Because I work in the field of data analytics, big data and I got a little idea of what happen: I'm just a small dot in a very huge picture. Sure, at some point in the very beginning of this process the company tracks my data. But this single data point is not of value. Only the aggregation of an massive amount of data point has a value. Saying "your data" is just framing the opinion into a direction "data collection hurts your privacy". Really no one cares about Mr A from B in C, born in 1900, having n kids and m wifes.
3. You may reply that my data is in danger, if a company is collecting it. That is right. And that's probably the main goal of legal stuff like the GDPR. Data breach can only happen to existing data. No data, no breach. Too easy. But if this is the argument, then you may stop using the internet or any other service.
So, to sum it up:
Let's blame the companies for 1 (misleading) and 3 (no security)... but 2? Yeah well. I think it's fine to collect data. I mean... it's a human thing! Information advantage is an evolutional advantage and information comes from data.
Actually all current card payment providers should be put out of business altogether. Two companies(master/visa) hold complete control over the entire customer spending in the whole world.- They also prevented banks from catching up to the 21st century, technology-wise, and we still do not have instant online payments. There is so many things bad with banking and many causes can be traced back to these card payment providers. We need alternatives, as many as there are banks in the world. Every bank needs to be a card payment provider, an online payment gateway providers and so on.
Not the whole world, this is mostly in the United States. In Europe its more like what you describe, banks are the card payment provider and we have (near) instant online transfers. Credit cards are relatively unimportant here.
What are you going on about? Pretty much all European banks issue Visa/Mastercard credit and debit cards (sometimes under their subbrands Maestro and VPay) by default to pretty much all customers.
Most in-store payment processing goes directly over those two companies still.
Banks are already processing payments. When you put your credit card in your bank's ATM, the ATM is managed by the bank. It connects to your bank server and all the authorisation and processing is being done by the bank. Visa and mastercard provide connection to other banks. When you put your card in another bank's ATM or buy something in a business associated with another bank.
Getting ride of the Visa/Mastercard duopoly would mean that all banks must connect to all other banks, which they do not want to do, believe me. That would be an administrative hell for them. Which is why they've been putting up with those two for so long. These are the google of banks. They are convenient.
The alternative would be some sort of joint venture between all the banks. The result would less fees for the banks but no benefits for the client as the bank would keep the margin and it would still be a privacy hell.
Another alternative is a public utility. But a lot of people will be as uncomfortable providing their payment data to the government.
> The alternative would be some sort of joint venture between all the banks. The result would less fees for the banks but no benefits for the client as the bank would keep the margin and it would still be a privacy hell.
This is what happens in India. UPI (unified payment interface) was launched by NPCI which is kind of a joint venture between the regulator and banks. In an abstract sense, the bank processing the payment does connect with every other bank via NPCI.
The underlying rails are an older infrastructure of IMPS[1] which is the interbank money transfer system.
I do not agree with the privacy hell part. When bank transfers happen, they anyway have to do the required checks with the other banks. Frankly, people in my circle never even cared if it could be a privacy issue for us.
On another note, there was always incentive to launch NPCI in india because 1/ The infra is relatively newer so it was easier to do (java I think) 2/ Almost all banks' software was built by Infosys/TCS etc. (in java) and that meant the ones integrating would be the same parties who practically used the same architecture 3/ Visa/Mastercard did not have that kind of penetration in 2010 so settlements were a real issue faced by every bank.
In US or European case, the issue seems bigger because the problem is half solved by Visa/Mastercard, so there is a bit of inertia to solve the same problem again.
> Getting ride of the Visa/Mastercard duopoly would mean that all banks must connect to all other banks, which they do not want to do, believe me. That would be an administrative hell for them.
At least in Europe, we do have instant online transfers between banks. But yes, the duopoly situation sucks. And of course, the privacy situation with credit card companies is not nearly as bad in Europe as it's in the US.
I think we need more regulation and government oversight here - even in Europe, but especially in The Land of the Free.
> Two companies(master/visa) hold complete control over the entire customer spending in the whole world.- They also prevented banks from catching up to the 21st century, technology-wise, and we still do not have instant online payments.
India has UPI, China has WeChat Pay and AliPay, Russia has MIR, and forced Visa/MC out of business for domestic payments like five years ago. Adding insult to injury, all these systems do have instant online payments.
Oh, and Japan has JCB, heard African and Latin American countries have their own systems too. The "world" you're talking about is a small one.
Isn't writing about it on internet, making people aware of the issue, discussing, doing something about something? Or you meant get his superman costumes and jumping on buildings catching visa/mastercard executives?
> To opt-out from our anonymization of your personal information to perform data analyses, please provide your Mastercard or Maestro payment card number
Does this mean you're opting out of the anonymization, but not the collection of personal information?
It is deliberately confusing, but ultimately the meaning behind seems to be "this particular data collection is not for personal advertisements, we got that covered in some other way".
> We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights, except where the different price or level of quality of good or service is reasonably related to the value of the data that we receive from you. In some instances, we may not be able to provide you with the good or service that you request if you choose to exercise certain rights.
I ended up creating a “my data” account. I am curious what MC has been collecting across my 2 MC branded cards (one of them is an Apple Card which advertises protecting user privacy).
Once I get back that report will be requesting deletion.
I requested the personal information they have about me related to a Maestro debit card I use as my main debit card, and the result was: "We did not find matching results for you!".
That's bullshit - it should be through the issuer. I have a half dozen different mastercards, plus variants for online wallets, all with distinct card numbers. IIRC, my Apple card has at least 4-5 numbers associated with it. (iPhone, Apple Pay on the web, Watch, physical card and i think my macbook)
Any idea if Mastercard is worse than Visa/Discover? It's not a healthy competitive market, but there are options, I'm curious if I should be making an effort to use one.
“For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for...”
“But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement. .... But the deal, which has not been previously reported, could raise broader privacy concerns about how much consumer data technology companies like Google quietly absorb.”
Coincidentally, just earlier today I was looking for one-time-use prepaid cards. I thought I'd buy a few $100 worth cards and use them for pseudo-anonymous transactions. However, all I could find were prepaid "debit cards" (which could be easily tied back to be) our store specific "gift" cards.
Curious to see if anyone has a good solution for that? (In the US.)
Visa vanilla is fairly practical for most threat models. I know some orgs are trying to do more ad targeting via security cameras across multiple stores, but afaik you'll have no problem paying cash for a visa vanilla gift card, activating it online (through a vpn or something if you're worried about that level of tracking), and then using it like a credit card at nearly any brick-and-mortar store and many online retailers.
Potential flaws:
(1) They used to have a bit of overhead (1-5%). Not sure nowadays.
(2) None of that is ironclad anonymity. Don't be an outspoken gay ukrainian hacktivist journalist visiting russia or anything.
(3) Some organizations will only do business with you if they're able to slurp up more data than the initial transaction would suggest to a reasonable person. You can't use prepaid phones to sign up to many online accounts (notably Facebook for a long time) because the site owner can't slurp up your address and other info without certain postpaid plans, and you can't use any pseudo-anonymous card [0] to make transactions at a place that wants to buy your address and purchasing habits from the card issuer.
[0] Solutions like privacy.com might qualify here perhaps, in that you can actually anonymize your name/address/... and still use most of the sites trying to capitalize on that data, but fundamentally that just turns them into a middleman with the same data, and I expect they'll sell out eventually. Plus they have raw access to your bank account and other things you might not want to give out.
>You can't use prepaid phones to sign up to many online accounts
Presumably this is meaning prepaid phone numbers? Also assuming this is likely a US thing? Or I'm misreading it somehow.
Because otherwise, I've always bought my phone cash and buy my airtime and data prepaid (no contract) in both EU and Africa and have never come across a service that restricted my phone number for being prepaid.
I tried to buy something with a new vanilla visa prepaid card while on a VPN recently and found stripe failed the transaction with a vague something happened error. And then found the visa balance check website plays the same game. Googling around it sounds like they've blocked the card and I'll have to call them and wait on hold if I want any chance of getting the stolen funds back. The card doesn't work on my standard IP either now.
Readit News
You are now the fat chicken, ready to be plucked: You just bought a hammer, now you need nails. From your social media trail sellers can also infer you are somewhat of a dimwit. Hurry, nails are in high demand in your area. But no worries, here is a great offer for you, valid for the next 0.3 hours.
I just can't understand how people have come to accept such erosion of their privacy, ultimately their very own economic interests and agency under the hands of manipulative operators and captured regulators.
What kind of collective inanity allows such social degeneration. Was it always like that? Is there any hope?
If you walk off and don't pick something up, they could then change the offer a little. It's no longer '2 for 1', it's now '3 for 2 with a free X'.
Disgusting.
> I just can't understand how people have come to accept such erosion of their privacy, ultimately their very own economic interests and agency under the hands of manipulative operators and captured regulators.
The frog born in boiling water doesn't realise it is hot, it's all he ever knew. The age bracket with the largest disposable income now doesn't know any different, it's how it always was.
> What kind of collective inanity allows such social degeneration. Was it always like that? Is there any hope?
No, technology made it far easier. It's now targeted and automated, it's as worse as it has ever been and continues to get worse. There is not a politician in any land willing to do anything about it - more product sold at higher prices means larger taxes. (And that's if the company doesn't lobby on top.)
The standard response from someone working in ad-tech: "But isn't it great that an advertisement informs you that you need nails too? Nothing would ever be built without the help from ad-tech!"
What they don't know is that they pay twice, once with their data and once with money. And the prices they pay now include the cost of the adtech too.
It honestly makes crypto look desirable, and buildings designed with sensor blocking materials. You can't passively surveil a data-center. Why should my home, office or shopping mall be any different?
The powers-that-be never gave us a choice to opt-out. It's been a slow gradual decline.
We have to incentivize haggling over our own data. My unseen/unknown data is my asset and I will protect it's financial value.
We can't trust random joes to not sell out crypto exchanges and the like, so you have to build technology that functions as a manual crypto exchange - without a developer on it's back to pull the ripchord and destroy the technology whenever money shows up.
Manual software is key, as soon as it becomes "automated", some developer has to be roped into hand-holding it through tech changes. Crypto software that only exists because a man put it together and went hands-off, is Key.
Then you can build the normal philosophical/structural/relationship management ideas on top of that.
Back in the day, if the local leather tanner was polluting the town water supply... you'd just go tell him to stop, and if he didn't...
Nowadays the only people who have any idea what's actually going on are the ones who are profiting the most from it and have no incentive to shut it down.
-Pynchon, Gravity's Rainbow
If Mastercard used a private detective to follow you when shopping, and he wrote everything you bought and where you bought it into a notebook, which he later delivers to Mastercard, the average person would understand very quickly.
There will always be a battle between the wants and want nots.
'cept that education sector is struggling to even get financed in places. We even have people seriously thinking schools should finance themselves, because they are too short-sighted, to see the net benefit for a society, that a good education system brings with it. This in the face of ever more things to learn about the digital world. And I live in a country, where there isn't even an official school subject about interacting with this digital world.
I am no longer sure. One could always think that we hit a local minimum. But the comatose, practically non-existent debate suggests there are no reacting forces, the malaise runs deep.
Its puzzling and confusing because none of that phemomena seem pre-ordained. Its all self-inflicted through abysmally bad governance. Literally made up through behavior and choices.
2. In general, this is not an erosion of privacy. Honestly? I really do not care what a company does with my transaction data. Why? Because I work in the field of data analytics, big data and I got a little idea of what happen: I'm just a small dot in a very huge picture. Sure, at some point in the very beginning of this process the company tracks my data. But this single data point is not of value. Only the aggregation of an massive amount of data point has a value. Saying "your data" is just framing the opinion into a direction "data collection hurts your privacy". Really no one cares about Mr A from B in C, born in 1900, having n kids and m wifes.
3. You may reply that my data is in danger, if a company is collecting it. That is right. And that's probably the main goal of legal stuff like the GDPR. Data breach can only happen to existing data. No data, no breach. Too easy. But if this is the argument, then you may stop using the internet or any other service.
So, to sum it up: Let's blame the companies for 1 (misleading) and 3 (no security)... but 2? Yeah well. I think it's fine to collect data. I mean... it's a human thing! Information advantage is an evolutional advantage and information comes from data.
Most in-store payment processing goes directly over those two companies still.
Getting ride of the Visa/Mastercard duopoly would mean that all banks must connect to all other banks, which they do not want to do, believe me. That would be an administrative hell for them. Which is why they've been putting up with those two for so long. These are the google of banks. They are convenient.
The alternative would be some sort of joint venture between all the banks. The result would less fees for the banks but no benefits for the client as the bank would keep the margin and it would still be a privacy hell.
Another alternative is a public utility. But a lot of people will be as uncomfortable providing their payment data to the government.
This is what happens in India. UPI (unified payment interface) was launched by NPCI which is kind of a joint venture between the regulator and banks. In an abstract sense, the bank processing the payment does connect with every other bank via NPCI.
The underlying rails are an older infrastructure of IMPS[1] which is the interbank money transfer system.
I do not agree with the privacy hell part. When bank transfers happen, they anyway have to do the required checks with the other banks. Frankly, people in my circle never even cared if it could be a privacy issue for us.
On another note, there was always incentive to launch NPCI in india because 1/ The infra is relatively newer so it was easier to do (java I think) 2/ Almost all banks' software was built by Infosys/TCS etc. (in java) and that meant the ones integrating would be the same parties who practically used the same architecture 3/ Visa/Mastercard did not have that kind of penetration in 2010 so settlements were a real issue faced by every bank.
In US or European case, the issue seems bigger because the problem is half solved by Visa/Mastercard, so there is a bit of inertia to solve the same problem again.
[1]: https://www.npci.org.in/PDF/npci/upi/Product-Booklet.pdf
What would be so strange about that?
https://en.wikipedia.org/wiki/Single_Euro_Payments_Area
I think the EU's getting there with open banking directives like the PSD2:
"the provision of a standardised and reliable access interface to payment accounts (i.e. an application programming interface, API)" https://www.ecb.europa.eu/paym/intro/mip-online/2018/html/18...
I think we need more regulation and government oversight here - even in Europe, but especially in The Land of the Free.
India has UPI, China has WeChat Pay and AliPay, Russia has MIR, and forced Visa/MC out of business for domestic payments like five years ago. Adding insult to injury, all these systems do have instant online payments.
Oh, and Japan has JCB, heard African and Latin American countries have their own systems too. The "world" you're talking about is a small one.
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
Does this mean you're opting out of the anonymization, but not the collection of personal information?
The wording here could definitely be improved.
> We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights, except where the different price or level of quality of good or service is reasonably related to the value of the data that we receive from you. In some instances, we may not be able to provide you with the good or service that you request if you choose to exercise certain rights.
Once I get back that report will be requesting deletion.
I am in EU.
“For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for...”
“But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement. .... But the deal, which has not been previously reported, could raise broader privacy concerns about how much consumer data technology companies like Google quietly absorb.”
https://www.bloomberg.com/news/articles/2018-08-30/google-an...
https://archive.vn/SLmFw
I’ve opted out all the same, no mention was made that nothing would be done, or assurance that this might not be an issue for me.
[Edited for accidental Yoda grammar]
I agree. Just curious if I should be preferring a specific card company.
Best to opt-out of each that you use.
Curious to see if anyone has a good solution for that? (In the US.)
Potential flaws:
(1) They used to have a bit of overhead (1-5%). Not sure nowadays.
(2) None of that is ironclad anonymity. Don't be an outspoken gay ukrainian hacktivist journalist visiting russia or anything.
(3) Some organizations will only do business with you if they're able to slurp up more data than the initial transaction would suggest to a reasonable person. You can't use prepaid phones to sign up to many online accounts (notably Facebook for a long time) because the site owner can't slurp up your address and other info without certain postpaid plans, and you can't use any pseudo-anonymous card [0] to make transactions at a place that wants to buy your address and purchasing habits from the card issuer.
[0] Solutions like privacy.com might qualify here perhaps, in that you can actually anonymize your name/address/... and still use most of the sites trying to capitalize on that data, but fundamentally that just turns them into a middleman with the same data, and I expect they'll sell out eventually. Plus they have raw access to your bank account and other things you might not want to give out.
Presumably this is meaning prepaid phone numbers? Also assuming this is likely a US thing? Or I'm misreading it somehow.
Because otherwise, I've always bought my phone cash and buy my airtime and data prepaid (no contract) in both EU and Africa and have never come across a service that restricted my phone number for being prepaid.