Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Yeah but what is a leak?

Any time someone who's not me or a direct party to a transaction or conversation learns something about me then that is a "leak".

> Do you consider it a leak when a data transfer to another company is intentional?

If I do business with my bank then the bank should have no right to sell my information to a third party for any reason whatsoever.

If I do business with my hair stylist then the credit card processor should not have any right whatsoever to do anything with the facts:

- where was the hair stylist? That's private.

- who was the hair stylist? That's private.

- when was I at the hair stylist? That's private.

- what did the hair stylist sell? That's private.

- why did I go to the hair stylist? That's private.

Nobody except my hair stylist and myself should have this information.



> someone who's not me or a direct party to a transaction or conversation

It sounds to me like this definition strongly promotes consolidation. The bigger a party is, the more information it would be allowed to have and the more ways it can use it to cross-sell.

> If I do business with my hair stylist then the credit card processor should not have any right whatsoever to do anything with the facts...

Should the credit card company be allowed to use the information about your transaction to assess how likely it is that someone has stolen your card?


> Should the credit card company be allowed to use the information about your transaction to assess how likely it is that someone has stolen your card?

I've been called by the credit card company many times for failed transactions that I've authorized. When fraud did occur then I was not contacted by my card company and I had only noticed the fraud because I actively monitor my card.

The credit card company should be able to determine what it wants without providing the information to any other entity. No, I do not think that the credit card company should be permitted to sell the information about my transaction under the guise of determining how likely it is that someone has stolen my card.


> I've been called by the credit card company many times for failed transactions that I've authorized. When fraud did occur then I was not contacted by my card company and I had only noticed the fraud because I actively monitor my card.

Yes, credit card antifraud has both false positives and false negatives. It's not clear to me whether you're going from there to saying that it is useless?

> I do not think that the credit card company should be permitted to sell the information about my transaction under the guise of determining how likely it is that someone has stolen my card.

I think I misunderstood you earlier. When you wrote "the credit card processor should not have any right whatsoever to do anything with the facts..." I thought you meant that they shouldn't be allowed to use the credit card data to do anything, including fraud prevention, not just that they shouldn't be allowed to sell it?


> It's not clear to me whether you're going from there to saying that it is useless?

Not only am I saying it's useless but I am also saying that privacy is more valuable than the anti-fraud measures that can be gained from data mining.


Are you also going to make gossip illegal?

Are customer reviews going to be illegal?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: