I’m thinking something along the lines of the GDPR where companies must get consent to track you, and must delete your data upon request.

I see a few arguments here:

  • yes, websites are like stores and have the obligations of a store to protect user data (IP address, HTTP headers, etc)
  • no because the internet is “the commons,” so no expectation of privacy (no expectation that the website follows your local laws)
  • no because you’re voluntarily providing the data, but you’re well within your rights to block tracking attempts

So, some questions to spark discussion:

  • does data collection violate the NAP?
  • does sale of personal data (without a TOS in place) violate the NAP?
  • if no to each of the above, is it worth violating the NAP to enforce a right to digital privacy?
  • librecat@lemmy.basedcount.comEnglish
    2·
    3 months ago

    I want to include more than just for-profit entities for example any of the government agencies.

    Also I think it makes sense to limit the amount of power an entity can acquire through “online contracts” (EULA, cookie preferences, click to agree to terms of service, etc) especially since those are often ignored or blindly accepted by many people.