this post was submitted on 05 Aug 2023
51 points (93.2% liked)

Privacy

32120 readers
1042 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
all 27 comments
sorted by: hot top controversial new old
[–] what_is_a_name@lemmy.world 43 points 1 year ago (1 children)

I only know western countries but from those I’d say Germany and Switzerland.

It’s highly respected in Germany to have a low online profile - pay in cash, stay off online systems.

I feel it’s similar in Switzerland - just with military training, more guns, mined bridges and nazi gold.

[–] nottheengineer@feddit.de 32 points 1 year ago (2 children)

The current german government is trying to build a surveillance state and force chat apps into adding backdoors to their encryption and the culture is shifting for the worse with stuff like tiktok still growing.

Right now I'd say switzerland is better in the privacy department (and a few other ones, but that's beside the point).

[–] what_is_a_name@lemmy.world 12 points 1 year ago (1 children)

To be honest. If you’re online you should expect to be compromised. If you want to be privacy obsessed- focus on countries that allow you to be offline. That is an aspect Germany and Switzerland are a bit unique.

By comparison Scandinavia has a high degree of trust in government and everything is online and connected. It’s convenient but also - if you do not trust your data on the government’s hands - you’re not gonna like it here.

Germany allows you to be more … disconnected.

[–] nottheengineer@feddit.de 3 points 1 year ago (1 children)

If the past two decades have shown me anything, it's that I definitely don't want my data in any government's hands.

How is scandinavia more connected? I know cash is dying out everywhere but here and that everyone's earnings are public, but those aren't too important to me. Private communication and browsing (and generally not being spied on) are what I mostly care about.

[–] dojan@lemmy.world 13 points 1 year ago (2 children)

In Germany you need to do most things in person, by fax, and fill out paper forms.

In Sweden for example, you do everything online. Booking appointments, renewing subscriptions, insurance claims, getting test driving permits, renting homes.

You pretty much need this software called BankID, owned by the banks, which is used to verify your identity. It’s used literally everywhere.

If I need to pick up a parcel at the local post office, I’ll use the PostNord app to pull up a QR code and validate myself via BankID, then I scan the code at the robot which then fetches the parcel for me.

Cash isn’t really dying out here, it’s pretty much dead. Grocery stores still take cash but plenty of businesses don’t. Buses in my town stopped taking cash all over a decade ago. Even the bakery refuses cash. It’s viewed as a safety thing; if the bakery gets robbed what are they going to take? The massive appliances? Flour?

[–] nottheengineer@feddit.de 3 points 1 year ago (2 children)

Doing bureaucracy online versus in person is just a convenience thing, German government agencies still enter your data into computer systems, they just have a massively convoluted process for it. I expect no privacy in those cases anyways.

But bankID does seem scary. A single point of failure for basically everything and centralized tracking of every transaction.

[–] dojan@lemmy.world 3 points 1 year ago

I'd say there's more to it than just convenience though. It's not just bureaucracy but literally everything makes use of BankID. If I need to log on to my landlord's portal to report a problem or check some info, I need to use BankID to access it. Of course I can report the problem elsewhere, and obtain that info by calling or mailing them, but it's not the default. Everything here is defaulting to a digital way of doing it.

Say I need to pick up a parcel at the local post office. I just open the app, verify with BankID, scan a QR code, and wait for the robot to fetch my parcel. I'm in and out in the span of 30 seconds or so. If someone without a way of identifying themselves digitally need to pick up a parcel, they'll need to get in the queue, give the clerk the shipment ID (usually just the 4 last digits), show the clerk identification, just for them to print a QR label to scan at the robot. Our local post office, like most post offices nowadays really, is inside a grocery store. In the case of this particular one it's a separate checkout, shared with gambling and the café, it's not busy all the time so it might not take much longer, but sometimes you have to wait 10-15 minutes because of people buying baked goods, hotdogs, and scratch cards. In lots of other stores the post shares a queue with the regular grocery checkout, so even if you're just after a parcel you'll have to line up with people there for their regular groceries.

When I visited the U.S. back in 2019, one of the things I noticed was how everything was very much designed with the idea that you'd be in a car, pretty much all the time. Sure things were walkable, but everything was spaced great distances apart, and everything had massive parking lots. It was very obvious that cars were the default mode of transport, even if you were just going to the nearby grocery store.

That's what being a non-digital-denizen is like here. You can get things done, but it'll take lots more time, and you'll often have to explain why you can't do something the "normal" way, because here the digital way very much is the default way.

There are other services apart from BankID, like Freja e-ID, and I think one or two more, but not all services support them. Exceedingly few do, I'd say. BankID kind of has a monopoly by virtue of being the first out the door with it back in 2003. I personally think the government should take control over BankID, because it's become such an integral part to our societal infrastructure that it makes no sense for private entities to have full control over it.

[–] ErwinLottemann@feddit.de 1 points 1 year ago (1 children)

It's not a convenience thing, it's because the government fucked up the whole online thing. They started too late, they constantly miss the goals they set themselves, nobody seems to want to push things forward. It's a bit frustrating. On the other hand, yeah privacy. If you ignore that the Finanzamt can check your bank account whenever they want without you being notified about it (yes, they need a reason, still...) and Krankenkassen knowing almost everything about your health because they get the bills from your doctor.

[–] nottheengineer@feddit.de 1 points 1 year ago

I don't quite get what you're trying to say. Those issues exist both in Germany and Sweden, so they are similar in that regard. I'd even be more comfortable with everyone knowing my income instead of just the state.

Doing it online instead of on paper doesn't compromise privacy any further.

[–] EngineerGaming@feddit.nl 1 points 1 year ago (1 children)

Just curious: you mentioned an app is necessary. What do people that don't own smartphones do? Are they forced to?

[–] dojan@lemmy.world 7 points 1 year ago

You don't necessarily need a smartphone. This system has been around since like 2003 I believe, back then you needed a Windows PC.

Everything becomes much more roundabout and trickier to navigate. You actually need two, technically three things:

  1. A Swedish social security ID, they are shaped like YYYYMMDD-XXXX, or just YYMMDD-XXXX.
  2. An account with a Swedish bank.
  3. A BankID certificate issued by said bank.

My roomie is German, and he doesn't have his Swedish social security ID yet, but rather a "coordination ID", it's basically an interim ID that looks almost identical only the date of birth has had 60 (I think) added to it. So say he's born 15th of August 1996 it'd be 19967515-2345. The last 4 digits are semi-random. Used to be based on gender and area you were born, but they scrapped the area bit, so now the first digit is an even number if it belongs to a man, or an uneven if it belongs to a woman. This applies to trans people too, provided they ask to have their number changed. Genderfluidity is not taken into account though, it's a binary system.

You cannot use BankID with a coordination ID, and very few people know what a coordination ID actually is, so often people assume that it's been misspelled or systems that have a built in validator don't work with it properly.

This has translated to him having to jump through lots of hoops to get things working. I think we visited his bank five times before he was even allowed to open an account, even though the law states that anyone is allowed to open one unless the bank has a good reason to suspect illegal activity. Any time he's had to do any sort of governmental thing it's taken weeks to be processed, usually a lot of phone calls and mailing is involved too.

He studied to become a truck driver, and everything about that was incredibly roundabout for him. For any other person with a BankID, it basically looked like this

  1. Go to trafikverket
  2. Register for a test by logging in via BankID (no sign-up necessary)
  3. Do test in-person
  4. Receive results digitally, and certificate by post

For him it was basically

  1. Instructor calls Trafikverket
  2. Get a form posted to fill in
  3. Get form processed (takes a couple of weeks)
  4. Do test
  5. Explain that yes, his coordination ID is infact not misspelled
  6. Wait for results
  7. Pester instructor for results
  8. Instructor pesters Trafikverket
  9. Back and forth for weeks and even months before certificate is given out

Now repeat that for like half a dozen certificates. For a few months into his actual time working he wasn't allowed to drive forklifts, because after nine months they still hadn't issued his card. Things didn't really kick into gear until his boss called and yelled at his school.

Elderly people, and people without access to smartphones likely use autogiro to pay their bills, this basically means that they register a bill as a recurring payment, and then that's automatically pulled from your account on the payment date. I just have bills dumped into my bank and then I can pick and choose as I wish. On the odd occasion I'm sent a bill on the post, I just use my bank's app to scan it and pay.

There are still "analogue" ways of doing things, but 99% of the time when you make contact with a governmental institution they'll first ask you to just do it via their website, and if you ask for forms, they'll let you know that you can print them on their website. My first trip to the employment office I was basically greeted with "why are you even here? Just use our website."

Everything here is incredibly digitalised, and it all started in the early 00s, before smartphones. Apart from grocery stores and bigger chains, plenty of places don't take cash anymore, deeming it a security risk. There are also certain boons with it. For example, the chain I usually buy my groceries from (when I shop in-person that is) has an app you can use to scan and pay. When scanning an item to put it into your "basket" you get nutritional info and allergens displayed on the screen. As a life-long vegetarian that's always scoured labels to ensure I don't accidentally poison myself; this is incredibly nice.

When going to the check-out you just scan a QR code, and then I can pay using Apple Pay, or Swish. Once I've paid I get a "check out" QR code I show to a scanner to let me out of the store. There are stores that operate entirely on this concept and only have staff for stocking. This is particularly nifty in smaller sattelite communities that otherwise wouldn't have any grocery stores.

Swish is another service owned by the banks that let you easily transfer money to businesses or private people without having to bother with banks and account numbers, you just need a business number, a phone number, or a QR code, or an app that makes use of their API.

The system works really well most of the time, I've never experienced any sort of outage or anything, but I've now seen what being outside of that system looks like and it's tough!

They try but always get fucked raw in the ass by courts... Sad that Achsel Voss wasn't found by some criminal until now. That sorry excuse of a human is driving this shit together with a hand full of other assholes.

[–] opt9@feddit.ch 26 points 1 year ago (1 children)

Privacy is diametrically opposed to the ability to control the people you rule over, so no state is privacy friendly. There are only degrees of extremism. The poorer countries are more privacy friendly in the world because they lack the resources to spy on everything. If they could they would spy more.

[–] spacedancer@lemmy.world 7 points 1 year ago (1 children)

I was gonna say this as well. You can go 2 opposite directions. You can go for a country like Switzerland which has a lot of privacy rules in place. It generally protects you from malicious non-state actors. But you can also go the other way with a developing country whose government does not have the means or capability to monitor you. The tradeoff is your data on government systems is probably already compromised, just not by the government itself.

[–] opt9@feddit.ch 0 points 1 year ago

Unfortunately Switzerland has no power. They were bullied out of the private banking they were famous for and they will get bullied whenever they have info that some other western state wants. Anyway, the privacy benefits they offer are mostly cosmetic. No ruler wants privacy. When we understand that, then we can stop looking for things that don't exist and start creating solutions.

[–] miss_brainfart@lemmy.ml 21 points 1 year ago

If the GDPR would actually be enforced every time a situation calls for it, if the EU Commission wasn't made of technologically inept idiots, and if Irelands DPC would stop protecting Meta, then anywhere in the EU.

That's a lot of ifs though

[–] ratz@chatsubo.hiteklolife.net 15 points 1 year ago* (last edited 1 year ago) (1 children)

How to quantify that?

Number of surveillance cameras per square km?

Being members of international intelligence sharing networks?

Data protection laws in place? Level of enforcement?

Not sure theres an easy answer to the question, I think you'd have to put together data based on a wide set of criteria, and even then you would only be able to work off publically accessible/known info

Why do you ask? Did your government put a camera in your bathroom?

[–] wtry@lemm.ee 7 points 1 year ago (2 children)

I'm looking to move from the US because of their increasing wish to mimic China's great firewall.

[–] senoro@lemmy.ml 10 points 1 year ago

Increasing? Brother if the US government wants to know what you are looking at its already over for you. They can know everything about you in like 5 minutes.

[–] ratz@chatsubo.hiteklolife.net 7 points 1 year ago* (last edited 1 year ago) (1 children)

I'm Aussie and I don't really closely follow the news, but that sounds more like a censorship problem than a privacy one? Even the Chinese find a way around the wall though. My governments been trying to protect its citizens from the horrors of the open internet for decades, they're... not good at it. I understand the desire for more freedom though.

[–] wtry@lemm.ee 2 points 1 year ago

While it is a censorship one now, the only way to enforce it would be pretty heavy surveillance.

[–] LemmyNameMyself@lemmy.world 4 points 1 year ago

One of the best is Iceland

[–] HughJanus@lemmy.ml -2 points 1 year ago (2 children)
[–] opt9@feddit.ch 3 points 1 year ago (2 children)

I'm gonna assume you're being funny

[–] HughJanus@lemmy.ml 3 points 1 year ago

No I'm just an ignorant American. I meant Switzerland. The other land.

[–] venoft@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Please, with all the dragnet laws and the sharing of that data with foreign agencies there is no privacy.

Not to mention all the cameras everywhere.