@@Raivo_K You don't need to explain as I already knew. Opt-In would mean that the default is "not consented" as the standard for Opt-Out is "consented",
@@gelbphoenix By the OP's post he means companies by default making you opt-in (consenting to your data being sold) should be illegal meaning not allowed Opt-out means your telling them to not sell your data
@@MuzikBike I would gladly share my browsing history over 1/100th of what these data brokers have. Hell, the whole reason I used to be in the "nothing to hide" side was because I thought stuff like search history and other basic info was all they had.
Sometimes, we think dark web is the scariest place to lose our info. But in reality, in this video, Thio shows how much of a privacy-looting era we live in !
Problem is these laws are too weak. What needs to happen is we need a law that opts everyone out by default to all data collection and if they want to have their data collected they can fill out a form saying they consent to it but they know no one would willingly do that so yea.
then what happens is they include the opt-in with the terms of service that everyone agrees to without reading, and you're unable to use the service without opting in.
I see the danger in profiling in "personalized" content delivery i.e. filtering. I need privacy tools to have a blank slate when I'm occupationally searching for things that have absolutely nothing in common with what I would be doing recreationally, and since my job switches topics often, those would suffer. If my colleagues find in seconds what I couldn't find in two days using half a dozen languages, with a backing of 20+ years worth of IT expertise, then that's a red flag that I need to depersonalize my internet footprint and separate different facets of it as much as possible. Privacy is not just about keeping things to myself, it's about not being boxed in by assumptions. When algorithms profile me based on past behavior, they limit my access to diverse information and reinforce biases I may not even be aware of. This creates a feedback loop where I’m only exposed to what the system thinks I want or need, not what I might actually require in a given occupational context. Three weeks ago it was drug prevention. Last week it was archeology. But sure youtube, keep giving me Irwing Finkel video suggestions...
Hey Joe, long time watcher of the channel here. I work in the telecom industry and you are absolutely right about CPNI and the steps to prevent it from being sold or shared. One thing that I've found helpful is going to the government's national "Do not call" registry, and this will opt you out of all (legally operating) business sales/solicitation calls. Another thing that is super helpful to know is that most telecom companies will actually give you a "proxy" telephone number if you ask for it specifically. This number works just like a regular cellphone number, but it forwards all texts/calls to your actual number. When the spam accumulates, you can just change the proxy number and keep your personal number, well, personal.
@@stewil not to shill for potentially evil corps, but how does onr cite sources on yt? comments with links get either deleted or hidden because of bots
Why has ThioJoe failed to respond to this very serious allegation by @John-Smith02 about his sponsor, Aura, and its alleged links to Pango Group and shady VPNs?
One thing about the California law, is you can even use it even if you don't live in California. Just click the opt out link, "say" you live in California or whatever and ask to opt out. And it will go through.
The biggest problem is that some companies are sneaky; some of them update their Terms of Service agreements frequently. Hidden in the fine print is that when they do that, many of the choices you made before are reset to default values (which benefit the company, of course). I discovered this on my car's dash software. I limited data collection on it, but in the next software update, lo and behold, data collection was turned back on in full. I discovered that with every update, I have to limit data collection again. I've found similar behavior on my phone and on several websites I'm on. I'm not a lawyer so I don't know if they can legally use this loophole to circumvent data privacy choices, but it wouldn't surprise me at all if they did.
A lot of the suggestions only apply to the US. A lot of viewers such as myself are not Americans. Some suggestions available to international viewers would be useful.
While I know many people rely on AI for video title suggestions, yours have consistently been the best I've ever come across. You can't help but want to click on them!
The fact that these are all opt-out, instead of opt-in, should be DEEPLY concerning to people, and that is before taking into account (heh) all the hoops one must jump through to even get to the opt-out buttons. As many governments as possible need to be pressured into compelling data brokers to change this practice to opt-in exclusively, under threat of time in a maximum-security prison if possible. I do not care if this anything I have said here is a hot take.
It's interesting that I can buy my and my coworkers personal information from my employer to use as I wish, but if I ask my employer to see my employee file it's sensitive and proprietary information accessible only by senior management.
good info ! ...some of the fault also rests with businesses we deal with -- they ask for a whole lot of information of us when we purchase something. I have started to not buy things if the business requires all my personal info, especially for online purchases....
yes same for me, even with established, big-name companies. i just cant trust any of them with my info, between cybersecurity issues and wreckless data brokers its just not worth the risk :-(
This wasn't helpful. In The EU the governments (cities) don't sell your info and other companies aren't allowed to share/sell it if it isn't their main purpose (e. g. your internet provider in contrast to visiting a random website that hosts ads to be free)
I use DNS blocking to stop tracking sometimes it breaks links but it's better than having data tracked by everyone. also that GBLA is actually normally given with the terms and conditions of a credit card, debit card or loan.
Love your content dude. Especially when you cover the more obscure things that others don't. Hoping to one day see you go down the AHCI/Intel RST (RAID)/NVMe storage controller rabbit hole that's plagued the space for over a decade (especially system builders & users getting BSODs) with long-standing & unfixed AHCI bugs and mobo firmware.
it's funny that it is illegal in Australia - Privacy Act 1988 Cth, California - CPPA (majority of us population), Europe - GDPR , UK - GDPR to sell to undisclosed entities
Could you do a video on the following related topic: with what privacy and other rules do you need to take into account when you have a globally accessible website. There are so many rules I can't keep track anymore for every country, state and continent.
The thing is that all this advices are great, but a lot of them if are not enforced by supervising the companies and corporations, you can "opt-out" all you want to stuff companies do, but they may do the stuff anyway in the background, if there is not enough punishment for not respecting the privacy options selected.
Those financial opt-out forms usually get sent to you in the regular mail. I don't know why your bank and credit card companies haven't sent you those over this time. Getting sent to those online is unheard of though.
As intimidating as these institutions are, they do still have physical locations, and hdds where that info is stored. If those locations were to conspicuously and mysteriously explode due to inexplicable causes, then that stolen data would go poof. I'm not encouraging anything at all, just pointing out an obvious physical vulnerability all institutions have to recognize, acknowledge, and mitigate, if possible, in their risk assessments. Just doing my part to enhance security like a good security professional😊
My dad got a scam call, they pretended to be me and on vacation. The weird thing is, a few months earlier, I used a well know website to check out to go on a trip. Right at yhe time they called. Is this just just a coincidence? I don't think so.
"+" in an email is not a good idea. Many companies, for example M$, have broken email address filters that will reject any email address with a "+". But "-" should work too, I think.
Selling PII of current government officials, including those serving in the military is a huge no-no.. I'm pretty sure that could be considered treason if selling it to the wrong entity(ies) if you're based in the U.S.
@@mategamer20 you are not disabling the ads themselves. You are just disabling _personalized_ ads so you will still see ads. They just are not served on what information the site has on you
@ninthjake fun fact if I turn off personalized are on yt I can't see block this ad button it needs to be on also I'm using dns so I don't have ads in game
Please watch out for Microsoft Recall in Windows 11, switch to Linux instead if you think MS taking screenshots of everything on your PC every few seconds is a bad idea
What would you do if someone you used to date was hacking you and controlling you phone to such a figure it stopped you from living a normal life it the x bf. And his FEMALE FRIENDS DO IT WITH HIM ...VE HAVE A HICK TOWN SSOOOO THEY DICARD ME WHEN I SAY SOME TO POLICE ANYTHING ANY PIECE OF ADVICE THAT YOU COULD HELP ME WITH WOULD BE APPRECIATED IT'S BEEN 6 YRS FOR THIS HAPPENING. SINCERELY DIANE ROCK
I have a much better idea that benefits everyone that’s important. Why don’t we have a law that makes it illegal for companies to sell or share your data, period? You want my data? Get a warrant. Not the police? Then you don’t need access to my data.
Political influence & lobbying. The companies that make bank off of personal data put a good chunk of it into politics to ensure they keep making bank. That's why there aren't even the most rudimentary consumer protection acts in place like one similar to the GDPR, let alone a full on ban.
One of the best ways to deal with those agonising cookie pop ups, is to use an extension called I Don't Care About Cookies. Edit: I just realised this only hides the prompts, it won't reject them entirerly
the issue's not the pop ups, that extension isnt doing anything to actually protect you. soinds like its just hiding the notice websites give you about cookies and the selling of your data, not actually opting-out for you. thats to say, these sites are still probably selling your personal data, hiding the notice won't stop them. you still have to manually opt out as far as im aware i could wrong though, never used that extension
every databroker knows they can just drop the + and everything behind it to have your real mailbox if it's a gmail-address. as for gmail it's just a builtin filter. did you know that mail-addressed should be allowed to have ; and such in them as per the rfc? guess how many databases break on that ;)
Another bad thing about the + method is some websites will accept it on the sign up page but declare it as an invalid character on the unsubscribe page making it impossible to opt out.
In a "perfect world" things would be simple, and everything would simply be "opt-in". (Of course, this would never fly, since nobody would opt-in, and these mofos wouldn't make money)
Far too many sites that ask for your address will try to verify that it's a valid address before accepting it. So it's a good idea to work out one or more valid addresses for your area (for ones that will reject even valid addresses if they don't match your geoip, though those seem to be rare) and use those whenever you can. It has the added bonus of looking entirely legitimate too, so they can't simply automate filtering it out to save them time/money.
Sponsored: Don't leave you and your family vulnerable to data breaches! Go to aura.com/thiojoe to get a 14-day free trial to Aura.
Opt-In by default should be ILLEGAL
How much aura do you have?
aura wont let me on there site with add blocker on not going there
@@tigerrat8 It works with ublock origin, what adblocker are you using?
it says it requires cookies to be enabled but i have them enabled
Opt-In by default should be ILLEGAL
You mean Opt-Out. Opt-In would mean that you must explicitly consent to have your data be shared.
@@gelbphoenix He means you are already illegally opt-in by default. You're not given a choice.
@@Raivo_K You don't need to explain as I already knew. Opt-In would mean that the default is "not consented" as the standard for Opt-Out is "consented",
@Raivo_K Yes, that is called opt-out
@@gelbphoenix By the OP's post he means companies by default making you opt-in (consenting to your data being sold) should be illegal meaning not allowed Opt-out means your telling them to not sell your data
I don't understand why data brokers are even legal. The whole practice should be banned.
It probably will if they pi$$ someone with power. But you cannot control entire internet, so some will find their ways. Money talk.
Bribing the government, that’s how they are legal
Thank lobbyists of Social Media Companies. This is how they have become big business. :(
There's still gonna be that one dude that says, "I got nothing to hide.."
@@God_0f_Death and proves it by doing the most disgusting self care on camera and over shares.
They go oddly silent when I ask them for their browser history.
Hah. The only one with literally nothing to hide is the Ken doll. And that is a fact worth hiding.
@@MuzikBike I would gladly share my browsing history over 1/100th of what these data brokers have. Hell, the whole reason I used to be in the "nothing to hide" side was because I thought stuff like search history and other basic info was all they had.
@@Avruthlelbh totally agree.
It should be opt out of data selling by default with the law. You should have to opt into anyone selling your data by default
All this data sharing and collecting should be illegal outright.
Probably, but then companies won't offer email for free anymore, which means a subscription would be required.
Sometimes, we think dark web is the scariest place to lose our info. But in reality, in this video, Thio shows how much of a privacy-looting era we live in !
Agreed. The Clear Net is scarier.
if you think that, you shouldn't be on the dark web anyway.
Essentially companies have made the user a loot box for themselves. Using game analogies, perhaps they should be required to pay us for the data use.
@@Always.SmarterThe dark web is actually somehow safer because it's anonymous (assuming you don't do anything illegal)
When it comes to cyber security, the tinfoil hat can never be big enough. More and more often, the "tinfoil hat" proves to be justified though.
Problem is these laws are too weak. What needs to happen is we need a law that opts everyone out by default to all data collection and if they want to have their data collected they can fill out a form saying they consent to it but they know no one would willingly do that so yea.
then what happens is they include the opt-in with the terms of service that everyone agrees to without reading, and you're unable to use the service without opting in.
I see the danger in profiling in "personalized" content delivery i.e. filtering.
I need privacy tools to have a blank slate when I'm occupationally searching for things that have absolutely nothing in common with what I would be doing recreationally, and since my job switches topics often, those would suffer. If my colleagues find in seconds what I couldn't find in two days using half a dozen languages, with a backing of 20+ years worth of IT expertise, then that's a red flag that I need to depersonalize my internet footprint and separate different facets of it as much as possible.
Privacy is not just about keeping things to myself, it's about not being boxed in by assumptions. When algorithms profile me based on past behavior, they limit my access to diverse information and reinforce biases I may not even be aware of. This creates a feedback loop where I’m only exposed to what the system thinks I want or need, not what I might actually require in a given occupational context. Three weeks ago it was drug prevention. Last week it was archeology. But sure youtube, keep giving me Irwing Finkel video suggestions...
Hey Joe, long time watcher of the channel here. I work in the telecom industry and you are absolutely right about CPNI and the steps to prevent it from being sold or shared. One thing that I've found helpful is going to the government's national "Do not call" registry, and this will opt you out of all (legally operating) business sales/solicitation calls. Another thing that is super helpful to know is that most telecom companies will actually give you a "proxy" telephone number if you ask for it specifically. This number works just like a regular cellphone number, but it forwards all texts/calls to your actual number. When the spam accumulates, you can just change the proxy number and keep your personal number, well, personal.
12:06
I work in shipping. That number is in case something goes wrong. If we can't reach you, that package is just gone.
ThioJoe, Aura owns Pango Group which owns shady VPNs. I don't think I'd use Aura because of that reason.
can you cite any references? thanks
@@stewil not to shill for potentially evil corps, but how does onr cite sources on yt? comments with links get either deleted or hidden because of bots
Why has ThioJoe failed to respond to this very serious allegation by @John-Smith02 about his sponsor, Aura, and its alleged links to Pango Group and shady VPNs?
One thing about the California law, is you can even use it even if you don't live in California. Just click the opt out link, "say" you live in California or whatever and ask to opt out. And it will go through.
The biggest problem is that some companies are sneaky; some of them update their Terms of Service agreements frequently. Hidden in the fine print is that when they do that, many of the choices you made before are reset to default values (which benefit the company, of course). I discovered this on my car's dash software. I limited data collection on it, but in the next software update, lo and behold, data collection was turned back on in full. I discovered that with every update, I have to limit data collection again. I've found similar behavior on my phone and on several websites I'm on. I'm not a lawyer so I don't know if they can legally use this loophole to circumvent data privacy choices, but it wouldn't surprise me at all if they did.
3:44 Don't give up on the tracking
Rip ultra key
A lot of the suggestions only apply to the US. A lot of viewers such as myself are not Americans. Some suggestions available to international viewers would be useful.
While I know many people rely on AI for video title suggestions, yours have consistently been the best I've ever come across. You can't help but want to click on them!
Great info. This will help protect consumers. Thank you
Really great video. Super impressed with how well researched this and how thorough it is.
Is there a chance you could a similar video but for Europe? A lot of those tips don't really work outside of America.
I didn't know about many of the things you talked about in this video. Now I know! Knowledge is power
I'm already at the point of tin foil hatting my tin foil hat, so I can protect myself while protecting myself. Meta tin foil hat mode activated.
The fact that these are all opt-out, instead of opt-in, should be DEEPLY concerning to people, and that is before taking into account (heh) all the hoops one must jump through to even get to the opt-out buttons. As many governments as possible need to be pressured into compelling data brokers to change this practice to opt-in exclusively, under threat of time in a maximum-security prison if possible. I do not care if this anything I have said here is a hot take.
Never knew about a LOT of your security/privacy points. Very informative!
It's interesting that I can buy my and my coworkers personal information from my employer to use as I wish, but if I ask my employer to see my employee file it's sensitive and proprietary information accessible only by senior management.
Ad break was super relevant :D
In INDIA there are No "opt-out" phrases used in websites, They use Cookies Instead
good info ! ...some of the fault also rests with businesses we deal with -- they ask for a whole lot of information of us when we purchase something. I have started to not buy things if the business requires all my personal info, especially for online purchases....
yes same for me, even with established, big-name companies. i just cant trust any of them with my info, between cybersecurity issues and wreckless data brokers its just not worth the risk :-(
Wreckless would imply nothing has been broken, ruined, etc.
Reckless is behaviour that endangers oneself or others by way of negligence.
Awesome video! Much appreciated 💜
This wasn't helpful. In The EU the governments (cities) don't sell your info and other companies aren't allowed to share/sell it if it isn't their main purpose (e. g. your internet provider in contrast to visiting a random website that hosts ads to be free)
i love you thio joe
I use DNS blocking to stop tracking sometimes it breaks links but it's better than having data tracked by everyone. also that GBLA is actually normally given with the terms and conditions of a credit card, debit card or loan.
Love your content dude. Especially when you cover the more obscure things that others don't.
Hoping to one day see you go down the AHCI/Intel RST (RAID)/NVMe storage controller rabbit hole that's plagued the space for over a decade (especially system builders & users getting BSODs) with long-standing & unfixed AHCI bugs and mobo firmware.
Excellent information!!
Thank you!!👍
it's funny that it is illegal in Australia - Privacy Act 1988 Cth, California - CPPA (majority of us population), Europe - GDPR , UK - GDPR to sell to undisclosed entities
seriously why does usa have terrible laws?
Indeed has this issue as well. I can no longer submit applications and they refuse to tell me why.
Could you do a video on the following related topic: with what privacy and other rules do you need to take into account when you have a globally accessible website. There are so many rules I can't keep track anymore for every country, state and continent.
The thing is that all this advices are great, but a lot of them if are not enforced by supervising the companies and corporations, you can "opt-out" all you want to stuff companies do, but they may do the stuff anyway in the background, if there is not enough punishment for not respecting the privacy options selected.
Those financial opt-out forms usually get sent to you in the regular mail. I don't know why your bank and credit card companies haven't sent you those over this time. Getting sent to those online is unheard of though.
As intimidating as these institutions are, they do still have physical locations, and hdds where that info is stored. If those locations were to conspicuously and mysteriously explode due to inexplicable causes, then that stolen data would go poof. I'm not encouraging anything at all, just pointing out an obvious physical vulnerability all institutions have to recognize, acknowledge, and mitigate, if possible, in their risk assessments. Just doing my part to enhance security like a good security professional😊
Privacy laws in the USA are a mess because so much is set by States & not at the federal level.
The EU has got it better because of GDPR.
Not only the EU has the GDPR the United Kingdom has it too. But the "UK-GDPR" could be loosened over time.
@@gelbphoenix UK GDPR is practically weaker than in the EU already, because the ICO is far more hesitant to actually enforce anything
@@PullTL Sadly. But a person has the right that it will be enforced. Even if the ICO doesn't enforce things.
Anyone outthere in AUS have paths we can take to optout from our shady banks, telcos etc im interested. Thank you
Excellent video; thanks!
Would you *please* do a segment on password managers?!
My dad got a scam call, they pretended to be me and on vacation. The weird thing is, a few months earlier, I used a well know website to check out to go on a trip. Right at yhe time they called. Is this just just a coincidence? I don't think so.
Is this not the entire point of a data broker? Did people expect privacy from a company who exists to collect and sell your data?
this suddenly makes me want to buy data on politicians
THANKS 👍
Great info Thanks
You should have put those magic phrases in the show notes. Thanks.
Is it my imagination, or do websites forget my privacy settings faster when I opt out of everything than if I accept defaults?
Mines beef frozen for years now & I don’t have that number no more. 😭 😂
Thank you for this video! This was very helpful. Do you have a written version for some of these tips?
I can just feel the soul of Linux brushing ThioJoe
0:54 "Let's make data sets to make easier for adversaries to find possible targets."
I knew data brokers would someday become a national security threat. Time to shut them down for good.
"+" in an email is not a good idea. Many companies, for example M$, have broken email address filters that will reject any email address with a "+". But "-" should work too, I think.
Or worse, sometimes it'll be accepted when you sign up but declared invalid when you go to unsubscribe.
And when the factory reset they got the apps programmed to pop back up so I can't even clear off my phone
Dean Winchester quit hunting and now works for techsupport
I kept forgetting that the gmail+thing exist. My email is full with spam
I think its cool that you can buy data about other people.
3:49 Insurance companies like to publicize that stuff.
The magic phrase to use if you're an EU/EEA citizen is "GDPR's right to be forgotten or face a fine".
Should be you have to "opt in" vs "opt out" but that would do damage to Congress's honey pot of election contributions for favors... IMHO
as long as us military personnel has nothing to hide it doesn't matter
"If you have nothing to hide you have nothing to fear."
Selling PII of current government officials, including those serving in the military is a huge no-no.. I'm pretty sure that could be considered treason if selling it to the wrong entity(ies) if you're based in the U.S.
This is a national security threat and should be treated as such.
Seems like when i try to improve my privacy,more privacy oriented youtube videos show up on my feed.Interesting...😅
Phone companies sell your data to anyone who asks. With no consent required.
You should specify this video is only for USA.
Google voice only works in USA
I noticed in games I can disable advertising ads but they don't work
@@mategamer20 you are not disabling the ads themselves. You are just disabling _personalized_ ads so you will still see ads. They just are not served on what information the site has on you
@ninthjake fun fact if I turn off personalized are on yt I can't see block this ad button it needs to be on also I'm using dns so I don't have ads in game
I use permission slip for privacy - it's free
Use email aliases in signing up for a service.
Fat chance they'll be legislation. They do the bidding of those who provide the cash.
Meanwhile in the EU, we also have a magical phrase: GDPR.
So happy to live in the EU.
I bet we are doomed whatever we do.
1:50 thats insultingly low for someones pii
Please watch out for Microsoft Recall in Windows 11, switch to Linux instead if you think MS taking screenshots of everything on your PC every few seconds is a bad idea
What would you do if someone you used to date was hacking you and controlling you phone to such a figure it stopped you from living a normal life it the x bf. And his FEMALE FRIENDS DO IT WITH HIM ...VE HAVE A HICK TOWN SSOOOO THEY DICARD ME WHEN I SAY SOME TO POLICE ANYTHING ANY PIECE OF ADVICE THAT YOU COULD HELP ME WITH WOULD BE APPRECIATED IT'S BEEN 6 YRS FOR THIS HAPPENING. SINCERELY DIANE ROCK
You're becoming like CChuck McGill from Better Call Saul.
I have a much better idea that benefits everyone that’s important.
Why don’t we have a law that makes it illegal for companies to sell or share your data, period?
You want my data? Get a warrant. Not the police? Then you don’t need access to my data.
Political influence & lobbying. The companies that make bank off of personal data put a good chunk of it into politics to ensure they keep making bank. That's why there aren't even the most rudimentary consumer protection acts in place like one similar to the GDPR, let alone a full on ban.
@ Yeah. That’s the unfortunate reason as to why we don’t have strong enough protections.
"Cyber security and privacy nut" uses windows 11
One of the best ways to deal with those agonising cookie pop ups, is to use an extension called I Don't Care About Cookies.
Edit: I just realised this only hides the prompts, it won't reject them entirerly
the issue's not the pop ups, that extension isnt doing anything to actually protect you. soinds like its just hiding the notice websites give you about cookies and the selling of your data, not actually opting-out for you.
thats to say, these sites are still probably selling your personal data, hiding the notice won't stop them. you still have to manually opt out as far as im aware
i could wrong though, never used that extension
@@nothanks6662 Didn't realise that, thanks for the info
Consent-o-Matic does what you're looking for
very slimy, making my own internet, and doesn't have any ads
Hey thiojoe you should make a video tutorial about how to root Android phone using magisk
I second this
every databroker knows they can just drop the + and everything behind it to have your real mailbox if it's a gmail-address. as for gmail it's just a builtin filter.
did you know that mail-addressed should be allowed to have ; and such in them as per the rfc?
guess how many databases break on that ;)
Another bad thing about the + method is some websites will accept it on the sign up page but declare it as an invalid character on the unsubscribe page making it impossible to opt out.
In a "perfect world" things would be simple, and everything would simply be "opt-in". (Of course, this would never fly, since nobody would opt-in, and these mofos wouldn't make money)
Wouldn't it be easier to change your name than to do 1 million deletion requests?
Just think of these companies as a concerned ex and enjoy how popular you are 😌
This has to be a video about Nintendo right?
I just use firefox and it does the same stuff as aura
How much do sponsors pay you for one UA-cam video?
Far too many sites that ask for your address will try to verify that it's a valid address before accepting it. So it's a good idea to work out one or more valid addresses for your area (for ones that will reject even valid addresses if they don't match your geoip, though those seem to be rare) and use those whenever you can. It has the added bonus of looking entirely legitimate too, so they can't simply automate filtering it out to save them time/money.
I got nothing to hide
Luigi pewpew data brokers
not working in Czechia. Dislike
Fun.