I agree that people can’t learn everything about every market. But what people care to learn about and pay attention to counts for something.
Imagine your friends are trying to decide on a place to eat. You suggest a very healthy restaurant where all the food is listed with ingredients and their source farms. But then someone says, “Eh, I wanna save money. Let’s do Taco Bell.” You explain that that’s an objectively worse decision. That food health is really important. That in the long run, eating unhealthy actually costs more in medical bills. But they decided to go to Taco Bell.
Putting your foot down and demanding the healthy option might objectively be the “right” choice. But in reality, they’ll just get Taco Bell on their own time and resent you for taking their choice away. People have to be presented with the information and decide for themselves or they’ll just resent the institution enforcing the choice.
I’d say a little yes and a little no. I educate every new user that comes into my company on infosec awareness, with a big segment on data footprint and information leakage. I show them where their data is, how easily and with how many ‘channel partners’ share social, history and other data, and where they’ve been exposed in real time. I’ve done this with a few thousand people. The overwhelming majority say: “I’ve got nothing to hide.” Or: “if I get better deals, it’s fine.” not getting that by being tracked they’re probably getting worse deals.
For the “nothing to hide” folks, I ask to see their wallet or purse. They’re all scoffs and brave mugs initially as they show how unafraid they are as I start rummaging through at the front of the class. Then I start pulling out cards and ID. And they’re still OK as I glance around the room. Then I pull out my phone and tuem my back - then a lot of nervous shifting in seats starts happening as I look over my shoulder while taking pictures of the floor with the shutter sound turned on. That’s the point where I ask if they truly have nothing worth protecting.
And at the end of all that - after setting up and teaching them how to use the comped corporate password manager, 80% still make passwords that they’ve used before. THE SAME DAMN MORNING as these exercises.
I don’t think people care. And they certainly don’t know. But they don’t want to be bothered by the nuance of it all. It’s just too much, which is why we need a congress with a goddamned backbone to pass some legislation with teeth to protect customer’s data.
it’s not that they don’t care; it’s that they don’t understand the impact it has on their life and i’m convinced this is true of everything.
Did you just read the last sentence? Lol. AFTER proper education about the risks of lack of data privacy, if they still don’t care then so be it.
The thing is, nobody can be educated on everything. It’s impossible.
Nobody can know every part of a supply chain, how every aspect of everything they buy is made or how it works or the ramifications of all of that.
It is impossible for a person to do this stuff.
This is why regulations need to be part of the equation.
I agree that people can’t learn everything about every market. But what people care to learn about and pay attention to counts for something.
Imagine your friends are trying to decide on a place to eat. You suggest a very healthy restaurant where all the food is listed with ingredients and their source farms. But then someone says, “Eh, I wanna save money. Let’s do Taco Bell.” You explain that that’s an objectively worse decision. That food health is really important. That in the long run, eating unhealthy actually costs more in medical bills. But they decided to go to Taco Bell.
Putting your foot down and demanding the healthy option might objectively be the “right” choice. But in reality, they’ll just get Taco Bell on their own time and resent you for taking their choice away. People have to be presented with the information and decide for themselves or they’ll just resent the institution enforcing the choice.
But people’s choice won’t be taken away. Honda will still exist even if they have to abide by stricter privacy laws.
I’d say a little yes and a little no. I educate every new user that comes into my company on infosec awareness, with a big segment on data footprint and information leakage. I show them where their data is, how easily and with how many ‘channel partners’ share social, history and other data, and where they’ve been exposed in real time. I’ve done this with a few thousand people. The overwhelming majority say: “I’ve got nothing to hide.” Or: “if I get better deals, it’s fine.” not getting that by being tracked they’re probably getting worse deals.
For the “nothing to hide” folks, I ask to see their wallet or purse. They’re all scoffs and brave mugs initially as they show how unafraid they are as I start rummaging through at the front of the class. Then I start pulling out cards and ID. And they’re still OK as I glance around the room. Then I pull out my phone and tuem my back - then a lot of nervous shifting in seats starts happening as I look over my shoulder while taking pictures of the floor with the shutter sound turned on. That’s the point where I ask if they truly have nothing worth protecting.
And at the end of all that - after setting up and teaching them how to use the comped corporate password manager, 80% still make passwords that they’ve used before. THE SAME DAMN MORNING as these exercises.
I don’t think people care. And they certainly don’t know. But they don’t want to be bothered by the nuance of it all. It’s just too much, which is why we need a congress with a goddamned backbone to pass some legislation with teeth to protect customer’s data.