Ad-hominem (literally: "to the person") requires a person on the other side of the argument. This wasn't made or written by a person, thus ad-hominem does not apply.
Thats a bit pedantic. Youre still arguing against an entity rather than addressing the argument.
If you prompted an LLM to make a PSA that people should brush their teeth, is it a fair to argue that brushing your teeth is bad because an LLM made the argument?
That went out of window and provably failed even before LLM. The strategy of flooding everything with cheap false claims and arguments while demanding that the opponent spends increasing amount of effort and time was a success even before. It became worst with LLM.
So, no, you are making the claim, first prove it is worth any of that effort.
Yeah, most charitably, it seems to be some sort of an LLM art project. And it's another day when we engage with slop because it happens to say something we like.
As opposed to bills sponsored by real people that completely decimated privacy? Patriot Act?
I’ll take slop that has some semblance of reasonable privacy protection any day.
Of course, I’m absolutely for this. It is way overdue. But, what’s the group behind this? Who’s pushing it?
I haven’t read through the bill and text yet, but credibility is important in this fight. Plus, this can change at anytime, so knowing who’s behind it amplifies the trust.
We need to be having these conversations yesterday. Our fundamental freedoms are under attack, and a bill like this would go a long way to protecting future generations
Just because a bill has a name - and pretence - that you like, does not mean that it contains regulations, requirements, or restrictions that you would like.
Upvoted because I like the effort and I want more visibility on this subject.
But I also don’t want to step on the EFF’s toes. They’ve been doing good work on this area for decades and I’d prefer we work with them on policy details.
The bill bans making access to a service contingent on consent. This would kill Gmail, Google Maps, Facebook, Instagram and basically every other ad supported service. Making subscriptions the only consumer business model would be bad imo.
The impacts of the model that BigTech currently follows closely resemble those of product dumping. Effectively banning that model would mean alternative subscription based platforms would stand a much better chance of succeeding than they currently do.
In Europe, more and more public transportation is free, or at least very heavily subsidized
The costs are covered by local taxes, to curb on individual vehicle use and reduce congestion. After some hiccups, some cities manage good economies of scale where everybody, including the environment, wins.
As for housing and food, while there the incentive structure is more fragile, at least, we have homeless shelters that are free, and once again, everybody wins: the costs are very low, and cities are far safer and cleaner.
I appreciate the sentiment, but this doesn't really seem to put itself in the context of the state of play at the federal level. Namely, pro-privacy states have existing legislation they want to be the 'floor' of privacy protections, and anti-privacy states want to use a federal bill to preempt those laws, making the federal law the ceiling that they can lower in one fell swoop. There are real risks to a federal law that preempts state legislation.
Defining a picture of your government id not being a sufficient credential for… well anything would probably be enough to kill all these age verification laws and might get some traction legislatively if you frame it right.
It has the benefit of being literally true, whoever thought the was necessary to have a bunch of hard to forge security measures on IDs which require physical inspection probably wouldn't be okay with easily faked scans being accepted.
> Require Social Security Numbers to authenticate preventing fraud.
There's a ton of stuff piled into the agenda on this page but that one in particular stumped me. Is it proposing that people (who?) are required to use their SSN to authenticate (for what?) or that the SSN agency is supposed to authenticate... something before doing something?
> (i) Finance and high-risk identity proofing.—No person shall extend credit, originate a loan, open a high-risk financial account, or provide another high-risk financial service based solely on a Social Security number, static identity information, or an uploaded image or copy of a government-issued identity document. A person engaging in such activity shall use multi-factor identity verification reasonably designed to verify both record consistency and claimant control, using less intrusive reasonably reliable methods where available.
> (j) Social Security number not sufficient identity credential.—A Social Security number, taxpayer identifier, or similar identifier shall not by itself be treated as proof of identity for purposes of this Act.
So, to me at least, it sounds like they actually mean "Providers must not use SSN for authentication (including fraud)".
I’m too cynical because at this point I can only believe this is to help billionaires and ICE hide their identities/money, or it’s to strip away all privacy (as bills are often named the opposite of their purpose).
You delete the rest of your spam database and replace it with `fn can_send_spam(_: Email) -> bool { false }`. You delete the "can we spam you" checkbox from your checkout page and replace it with "return false".
For legitimate newsletters and similar: you delete any and all forms that allow signing up to receive emails without affirmative consent from that email address that they want to receive mail, and you offer a one-click effective-immediately "unsubscribe" to retract that consent at any time. Then, you can tell if you can send someone mail based on whether they're in your database of people who have explicitly consented to send you mail, and you don't ever send email to anyone else other than one-time consent requests and order-confirmation-style transactional mail.
The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
>The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
That's not actually how HIPAA compliance works. You're required to keep 7 years of communications, and part of those communications is who you sent it to. Amazon SES sends complaint notifications and you're not allowed more than 1 complaint per 1000 emails or they shut you down too. People who are repulsively anti-spam have ruined email as a medium.
I'm merely pointing out the technical aspect of this bill is ridiculous and everyone sending transactional emails will fight you, killing any bill you might have.
1. User requests for email alice@example.com to be removed from database
2. Company removes "alice@example.com" from 'emails' table
3. Company adds 00b7d3...eff98f to 'do_not_send' table
Later on, the company buys emails from some other third-party, and Alice's email is on that list. The company can hash all the email addresses they received, and remove the emails with hashes that appear in their 'do_not_send' table.
You'd have to normalize the emails (and salt the hashes), but seems doable?
The oligarchs would roll on the ground laughing at this cute desire from the plebs for a few crumbs. The system is so corrupt and bought, it doesn't matter if this passes or not because it will be diluted, unenforced, and/or overturned by a largely corrupt legislature, executive, and judiciary. All hopeful this time™ feel-good efforts will turn to shit until the corruption is sufficiently removed and prevented. No amount of idealist wishing, "trying", protesting, or campaigning for a single issue can materially change the reality of extremely corrupt, criminal elites having captured the important levers of power. That's reality. Therefore, the first order of business is fixing the corruption before all other single issue advocacy can be addressed.
Haha. This will accomplish nothing, because the surveillance dragnet is built and used by the people themselves, who deliberately (ab)use the very technologies that enable this breach of privacy at scale. Can't have your cake and eat it too.
It will probably accomplish nothing for other reasons. There are secret laws in this country which violate the constitution. I don't think the average person appreciates privacy as much as they should. But saying they are complicit in the making of this mess is going way too far. There are not so many choices in tech as you think. The most private ones require high technical expertise, and involve risks other than those presented by corporate tech. For example, you may have to trust a small number of unpaid individuals (who may even be anonymous) to deliver software.
You are saying exactly, and I mean exactly, what they would want.
Dismissing an avenue of progress outright is to be defeatist or to sow defeat.
AI is going to use all this information against us. Because AI alignment can’t be better than people and corporations deploying the AI.
Lack of privacy is now a gaping security hole, being continually exploited on all our devices, across most sites on the internet.
[EDIT: And the leverage that information enables is being auctioned off to manipulators who we are exposed to continuously. This is just the beginning.]
We need to plug this security hole now, before power centralizes further and we can’t.
> Do you honestly think the lobbying from them would be more or less if this bill gained any traction?
Small communities are thwarting these companies’ datacenter buildouts. The difference is they show up. Defeating privacy in tech is easy because there is no functional opposition.
> too much money on the other side to let this gain traction
This view is unfortunately common among regular privacy advocates. That makes them politically useless.
To have a hope, this bill needs to target support outside tech, where civic laziness and nihilism are normalized. I’m not seeing any indication of that strategy here.
What percentage of this is lawslop?
https://github.com/righttoprivacyact/bill/tree/main/tests
There’s clearly a non-trivial level of LLM involvement.
I want to say 100% lawslop. I can’t figure out who’s behind this to ascertain their qualifications and acumen in the space.
100% seems like a safe place to start speculating from but I can be talked down.
I think this kind of argument is a modified version of an ad-hominem attack.
When you disagree with an argument, you are supposed to address the argument itself, not the thing making the argument.
Ad-hominem (literally: "to the person") requires a person on the other side of the argument. This wasn't made or written by a person, thus ad-hominem does not apply.
Thats a bit pedantic. Youre still arguing against an entity rather than addressing the argument.
If you prompted an LLM to make a PSA that people should brush their teeth, is it a fair to argue that brushing your teeth is bad because an LLM made the argument?
Let's call it "Ad machinam".
A literal form of "to the machine”: none of the rights that a person has.
Example usage:
“That’s not a rebuttal; it’s an argumentum ad machinam -- you’re rejecting it just because AI wrote it.”
And really when you think about it, all AI is is just the a statical recombination of (almost) everything that (almost) everyone has written.
So it's a kind of mechanical recombination of ideas.
Almost like reject the argument because the logical reasoning was supplied emotionally.
Presumably why the person you are responding to called it a modified ad hominem.
That went out of window and provably failed even before LLM. The strategy of flooding everything with cheap false claims and arguments while demanding that the opponent spends increasing amount of effort and time was a success even before. It became worst with LLM.
So, no, you are making the claim, first prove it is worth any of that effort.
This seems like a chicken and egg problem.
Made me coin a term.
Ad hominllm: the dismissal of a work or an argument because an LLM was, or may have been, used in its construction or editing.
Pronounced: ad homin-ellem?
It all makes sense, I don't care if it's LLM-generated or not. I'm fine with 100% LLM-written bill if it protects me from Flock et al.
I agree, and it wont... We will all be tracked at all times as the new global economy is created.
Biblical times.
Yeah, most charitably, it seems to be some sort of an LLM art project. And it's another day when we engage with slop because it happens to say something we like.
Who has ever written like this:
As opposed to bills sponsored by real people that completely decimated privacy? Patriot Act? I’ll take slop that has some semblance of reasonable privacy protection any day.
There's some obvious issues that come with LLM generated bills. LLMs tend to stay very generic, to have a lower chance of being "wrong".
I could also ask my 5 year old to draw a bill for me, that's as successful as giving a generic bill.
> LLMs tend to stay very generic, to have a lower chance of being "wrong".
It depends entirely on how you prompt them.
Of course, I’m absolutely for this. It is way overdue. But, what’s the group behind this? Who’s pushing it?
I haven’t read through the bill and text yet, but credibility is important in this fight. Plus, this can change at anytime, so knowing who’s behind it amplifies the trust.
We need to be having these conversations yesterday. Our fundamental freedoms are under attack, and a bill like this would go a long way to protecting future generations
Just because a bill has a name - and pretence - that you like, does not mean that it contains regulations, requirements, or restrictions that you would like.
This project is collecting personal information without disclosing who is collecting it
And yet you are "absolutely for this"?
Upvoted because I like the effort and I want more visibility on this subject.
But I also don’t want to step on the EFF’s toes. They’ve been doing good work on this area for decades and I’d prefer we work with them on policy details.
Here’s a whitepaper on their policy positions: https://www.eff.org/wp/privacy-first-better-way-address-onli...
The bill bans making access to a service contingent on consent. This would kill Gmail, Google Maps, Facebook, Instagram and basically every other ad supported service. Making subscriptions the only consumer business model would be bad imo.
The impacts of the model that BigTech currently follows closely resemble those of product dumping. Effectively banning that model would mean alternative subscription based platforms would stand a much better chance of succeeding than they currently do.
a) It wouldn't kill them. They would have to change their business model though.
b) Shouldn't our laws prioritize natural-persons over corporate desires?
Companies don't have a right to a specific revenue model. Humans should have a right to their own identity.
My desire is to be able to use those products without paying for them. And to use them with friends and family members that can't pay for them.
> My desire is to be able to use those products without paying for them.
You can't actually do that. None of those companies are charities.
You pay one way or another.
If you desired to inject heroin into your veins, that wouldnt mean we should decriminalize it
Sure, and while we're at it how about busses that you don't have to pay for? And food? And housing, why not?
In Europe, more and more public transportation is free, or at least very heavily subsidized
The costs are covered by local taxes, to curb on individual vehicle use and reduce congestion. After some hiccups, some cities manage good economies of scale where everybody, including the environment, wins.
As for housing and food, while there the incentive structure is more fragile, at least, we have homeless shelters that are free, and once again, everybody wins: the costs are very low, and cities are far safer and cleaner.
You are acting as if that is crazy talk. It IS possible. And desirable, to many of us.
Just not going to happen. But the post above was discussing wants.
How is paying for a product instead of being the product a bad thing?
That view is overly simplistic. People find real utility in ad-supported tools and apps.
But the question is if its a net negative for society. People found real utility is leaded gasoline too, but we rightfully had to ban that
I'm ok with that. for too long the parasites have hidden behind "advertising" as a way to collect data.
Say it loud so the kids in the back can here:
- IF IT IS FREE YOU ARE THE PRODUCT -
nonsense.
You could have a mail client with a static banner ad at the top.
Those exist! People choose to use gmail because of the scale, stability, and feature set paid for by targeted advertising.
[dead]
I appreciate the sentiment, but this doesn't really seem to put itself in the context of the state of play at the federal level. Namely, pro-privacy states have existing legislation they want to be the 'floor' of privacy protections, and anti-privacy states want to use a federal bill to preempt those laws, making the federal law the ceiling that they can lower in one fell swoop. There are real risks to a federal law that preempts state legislation.
We have to try.
Defining a picture of your government id not being a sufficient credential for… well anything would probably be enough to kill all these age verification laws and might get some traction legislatively if you frame it right.
It has the benefit of being literally true, whoever thought the was necessary to have a bunch of hard to forge security measures on IDs which require physical inspection probably wouldn't be okay with easily faked scans being accepted.
Privacy advocates, UNITE!
Just leave your name and email on this contact form on github, so privacy can be solved once and for all!
(/s, but an interesting paradox for pro-privacy initiatives soliciting identifiable public support)
Does anyone know what this part means?
> Require Social Security Numbers to authenticate preventing fraud.
There's a ton of stuff piled into the agenda on this page but that one in particular stumped me. Is it proposing that people (who?) are required to use their SSN to authenticate (for what?) or that the SSN agency is supposed to authenticate... something before doing something?
The bill text is at https://github.com/righttoprivacyact/bill/blob/main/bill/rig...
It contains following:
> (i) Finance and high-risk identity proofing.—No person shall extend credit, originate a loan, open a high-risk financial account, or provide another high-risk financial service based solely on a Social Security number, static identity information, or an uploaded image or copy of a government-issued identity document. A person engaging in such activity shall use multi-factor identity verification reasonably designed to verify both record consistency and claimant control, using less intrusive reasonably reliable methods where available.
> (j) Social Security number not sufficient identity credential.—A Social Security number, taxpayer identifier, or similar identifier shall not by itself be treated as proof of identity for purposes of this Act.
So, to me at least, it sounds like they actually mean "Providers must not use SSN for authentication (including fraud)".
Full text:
https://github.com/righttoprivacyact/bill/blob/main/bill/rig...
I’m too cynical because at this point I can only believe this is to help billionaires and ICE hide their identities/money, or it’s to strip away all privacy (as bills are often named the opposite of their purpose).
>Update CAN-SPAM for one-click deletion of email addresses from databases.
Then how can I know not to send you another email if I don't have your email flagged in my database to do-not-send?
You delete the rest of your spam database and replace it with `fn can_send_spam(_: Email) -> bool { false }`. You delete the "can we spam you" checkbox from your checkout page and replace it with "return false".
For legitimate newsletters and similar: you delete any and all forms that allow signing up to receive emails without affirmative consent from that email address that they want to receive mail, and you offer a one-click effective-immediately "unsubscribe" to retract that consent at any time. Then, you can tell if you can send someone mail based on whether they're in your database of people who have explicitly consented to send you mail, and you don't ever send email to anyone else other than one-time consent requests and order-confirmation-style transactional mail.
The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
>The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
That's not actually how HIPAA compliance works. You're required to keep 7 years of communications, and part of those communications is who you sent it to. Amazon SES sends complaint notifications and you're not allowed more than 1 complaint per 1000 emails or they shut you down too. People who are repulsively anti-spam have ruined email as a medium.
I'm merely pointing out the technical aspect of this bill is ridiculous and everyone sending transactional emails will fight you, killing any bill you might have.
Wouldn't a hash work great for this purpose? I.e.
1. User requests for email alice@example.com to be removed from database
2. Company removes "alice@example.com" from 'emails' table
3. Company adds 00b7d3...eff98f to 'do_not_send' table
Later on, the company buys emails from some other third-party, and Alice's email is on that list. The company can hash all the email addresses they received, and remove the emails with hashes that appear in their 'do_not_send' table.
You'd have to normalize the emails (and salt the hashes), but seems doable?
No need to salt individual hashes, just one hard coded salt for all.
So in the end, they have a list of emails that match the hashes in their blacklist? What's the point?
Any entry that matches a hash needs to be deleted. The point is presumably to minimize the retention of PII.
The oligarchs would roll on the ground laughing at this cute desire from the plebs for a few crumbs. The system is so corrupt and bought, it doesn't matter if this passes or not because it will be diluted, unenforced, and/or overturned by a largely corrupt legislature, executive, and judiciary. All hopeful this time™ feel-good efforts will turn to shit until the corruption is sufficiently removed and prevented. No amount of idealist wishing, "trying", protesting, or campaigning for a single issue can materially change the reality of extremely corrupt, criminal elites having captured the important levers of power. That's reality. Therefore, the first order of business is fixing the corruption before all other single issue advocacy can be addressed.
How do you propose fixing the corruption?
[dead]
[dead]
Haha. This will accomplish nothing, because the surveillance dragnet is built and used by the people themselves, who deliberately (ab)use the very technologies that enable this breach of privacy at scale. Can't have your cake and eat it too.
It will probably accomplish nothing for other reasons. There are secret laws in this country which violate the constitution. I don't think the average person appreciates privacy as much as they should. But saying they are complicit in the making of this mess is going way too far. There are not so many choices in tech as you think. The most private ones require high technical expertise, and involve risks other than those presented by corporate tech. For example, you may have to trust a small number of unpaid individuals (who may even be anonymous) to deliver software.
Bold idea but too much money on the other side to let this gain traction
You are saying exactly, and I mean exactly, what they would want.
Dismissing an avenue of progress outright is to be defeatist or to sow defeat.
AI is going to use all this information against us. Because AI alignment can’t be better than people and corporations deploying the AI.
Lack of privacy is now a gaping security hole, being continually exploited on all our devices, across most sites on the internet.
[EDIT: And the leverage that information enables is being auctioned off to manipulators who we are exposed to continuously. This is just the beginning.]
We need to plug this security hole now, before power centralizes further and we can’t.
Google, TTD, Applovin, Magnite, Roku, Freewheel, + 100 more adtech and martech companies.
Lets add Facebook, twitter, openai, claude + all the others.
then lets add Flock, Palantir.
Do you honestly think the lobbying from them would be more or less if this bill gained any traction?
Of course they are going to resist. That is the terrain.
That doesn’t change the critical need to make progress.
Surrendering power, even when apparently outgunned, is a far more insidious enemy than opposition.
Amen! And, in fact, the harder they fight, the harder our resolve.
[dead]
> Do you honestly think the lobbying from them would be more or less if this bill gained any traction?
Small communities are thwarting these companies’ datacenter buildouts. The difference is they show up. Defeating privacy in tech is easy because there is no functional opposition.
> too much money on the other side to let this gain traction
This view is unfortunately common among regular privacy advocates. That makes them politically useless.
To have a hope, this bill needs to target support outside tech, where civic laziness and nihilism are normalized. I’m not seeing any indication of that strategy here.