It's a lesson people haven't learned in 80 years. https://en.wikipedia.org/wiki/1943_Amsterdam_civil_registry_...
For any dataset you collect, think about how it can be miss-used. Because in all likelihood it will. Maybe not by you. But maybe by your successor. Or the hacker.
Although it is interesting how inconsistently this principle of is applied to other areas. For example, if you come to HN and advocate against encryption or AI because they can amplify the dangers of bad actors, you are going to be met by fierce opposition. So why do these hypothetical bad actors only become valid concerns in certain conversations?
When it comes to encryption, it helps save actual lives. If you mandate getting rid of encryption, bad actors will still break the law and use encryption to carry on business as normal. Regular citizens lose, oppressive governments & criminals win.
>When it comes to encryption, it helps save actual lives.
So does the license plate data. It is used to find and bring justice to criminals. Does that not make us all safer?
> If you mandate getting rid of encryption, bad actors will still break the law and use encryption to carry on business as normal.
Laws are pointless because the criminals will just break them is a silly argument that can be used against most laws. Why should we have any laws about gun control, money laundering, or drugs if the criminals will just do whatever they want anyway.
And the flip side of this argument should also be considered. Do we think the Nazis would have given up on their genocide if they didn't find this data?
> Does that not make us all safer?
Is there evidence in that direction?
Thank you, this is a perfect example of the type of inconsistencies I’m talking about when discussing these issues. The prior comment says encryption saves lives and that is accepted without question, but the idea that empowering law enforcement saves lives is met with a request for evidence. Why did you not reply to both claims the same way?
And if you truly believe that finding and arresting criminals does not make us safer, that is an indictment of our entire justice system. It would also make license plate cameras a rather silly place to draw the line.
I think it's because you don't have to look too hard to find examples of authoritarian regimes leveraging information technologies for surveillance, censorship, and propaganda. Or how US government agencies use loopholes to get around the 4th amendment and buy sensitive civilian data from private data brokers. Or how data breaches are becoming larger and more frequent each year.
Encryption seems highly likely to have saved many people from, say, losing their life savings by having their banking credentials hijacked.
I am less certain about license plate cameras. Hence, the ask. I will leave the questioning of encryption up to someone who actually questions its utility.
Can you genuinely not think of situations in which law enforcement being able to pin a specific vehicle to a time and place might help them catch dangerous criminals or be used as evidence in a trial to help get them convicted?
In any significant capacity? No. Because we'd see it in crime stats; the widespread successful use of license plate scanners should show up in a chart. The world before and the world after their introduction appears very similar from a crime rate standpoint; it stands to reason getting rid of them would be similarly low-impact.
I really don't think that'd be the same if we got rid of encryption tomorrow.
>In any significant capacity?
Notice the subtle shifting of the goalposts. Who said anything about "significant capacity"? The original argument was "it helps save actual lives". Now we need to see "widespread successful use" in the "crime stats"? How would that even be possible? These systems can't be implemented in a vacuum and crime stats are constantly fluctuating for countless reasons, so how could the specific cause ever be isolated? Yet crime has generally been on a downward trend for decades, can we be sure these type of systems aren't responsible for some piece of that?
>I really don't think that'd be the same if we got rid of encryption tomorrow.
Once again, why aren't you asking "Is there evidence in that direction?" You are demanding evidence for one and the other is just a hypothetical based of what you "think" might happen. But what is that thought based on? Do crime stats show that identity theft has gone done since the popularization of online banking
You are not treating these issues with the same rigor. Can't you recognize that?
Something that seems inherently different between GP's comment and encryption is that encryption is an algorithm / tool, not a dataset. Not creating literal tools because they might have bad use cases is clearly a bad idea (e.g., fire, knives, hammers, etc.).
I'd say that one thing inherently different about datasets is that they are continually used badly, including by well-meaning actors. Data is frequently misinterpreted, with good intent, to draw bad conclusions.
You might hit your thumb with a hammer. That hurts! People would be a lot more careful if misinterpreting data had such clear, immediate effects on them.
Also, there are many different groups with different passionate opinions in any community as large as this one.
What is the distinction you are making between a "dataset" and a "tool"?
To use this specific example of the license plate dataset, this is a tool used to find and bring justice to criminals. How is it any different from any other tool at the disposal of law enforcement? Isn't this system just a scaled up version of a cop with a camera?
This might be too pedantic, but a dataset is not a tool in and of itself. It's something that can be processed by a tool. And it's not simple for anyone to reproduce without significant access, either to the original observational opportunities or to the dataset itself. Information about individuals is often in datasets and those people too seldom have a say in the security practices used to safeguard it.
Tools (or pick another word that illustrates this distinction) like encryption, hammers, etc. do not contain our information. They are fairly straightforward to reproduce. And therefore nearly impossible to contain. Bad actors will have encryption and hammers, whether we want them to or not. The only question is whether good actors will also have them, or if they will be restricted by laws. This, for example, can make it easier for datasets to fall into the wrong hands, because they are less likely to be encrypted.
It seems very strange to define these terms based off the difficulty in reproducing them.
Let's look at the sibling comment's example of a nuclear bomb. That's "not simple for anyone to reproduce without significant access" and as citizens we don't "have a say in the security practices used to safeguard it." And international laws have done a relatively good job keeping them out of the hands of bad actors. Does that make them a dataset?
Contrast that with data that is easy to reproduce, like say the name of the 45 different Presidents of the US. That is obviously a dataset. Yet there is no private information involved, it is all public data. Many people can even produce that list entirely from memory. But having that list on a piece of paper in front of me could still be a helpful tool if I was taking a US history test.
Isn't an atomic bomb just a scaled up version of a firecracker?
Nobody denies that collection of datasets can have upsides. But the downsides are often not seen/evaluated accurately. And negative effects don't necessarily scale with the same power as positive effects.
>Isn't an atomic bomb just a scaled up version of a firecracker?
Yes and no. I think radiation is a big differentiator, but absent that, I don't think it is better morally or ethically to level a city with conventual bombs than it would be to do it with a nuclear bomb.
>Nobody denies that collection of datasets can have upsides. But the downsides are often not seen/evaluated accurately. And negative effects don't necessarily scale with the same power as positive effects.
I'm not disagreeing with this. I'm asking why this same logic is not applied elsewhere.
The point with the firecracker/bomb is this: Not just because it's the same type of tool means that it has the same cost/benefit analysis. The dangers of, say, firecrackers in the had of the general public, scale dramatically faster than the benefit, going from kid-safe firework to bunker busters. The same goes for "a cop with a camera" to "tag readers at every corner".
I think with encryption, the underestimate is on the other side. Everyone understand that bad guys using encryption is bad. But people do not see the upsides of encryption for the good guys, pretty much for the same reason as they do not see the downsides of data collection: I have nothing to hide. [or the common related variant: Advertisement doesn't affect me]
> I think with encryption, the underestimate is on the other side. Everyone understand that bad guys using encryption is bad. But people do not see the upsides of encryption for the good guys
And why are you confident that this doesn’t exist for the license plate dataset? You’re confidentially making two opposing arguments with no justification beyond it getting you to your desired conclusion on that specific issue.
That what doesn't exist for the license plate dataset? I am sure there are good reasons for having that dataset. For most data collection, there are good reasons.
My argument is that just because we decided that "police with camera" is a worthy trade-off, you cannot use this as an argument for "license plate scanning is a worthy trade-off". It could be that it is, but it doesn't follow from "it's a scaled up version of police with camera".
I think you are going too deep down individual tangents here. My “cop with a camera” comment was challenging the idea that datasets aren’t tools.
If the issue is purely about amplifying the danger of bad actors and therefore forcing us to reevaluate the tradeoffs, encryption and AI do that too.
>advocate against encryption
This is a good point. If people are willing to push back against giving law enforcement everybody’s data why would they also oppose giving law enforcement everybody’s data? It is inconsistent because if you think about it “giving law enforcement everybody’s data” and “not giving law enforcement everybody’s data” are basically the same th
Encryption is this same exact topic, and the prevailing technical viewpoint is the direct application of the principle of minimizing collected datasets.
Interestingly, as a direct outcome of the Nazis misusing this data Germany did not have a census for the longest time.
Here is an article from 1987 on the German protests against the new census, that was also the last Germany-led census: https://www.nytimes.com/1987/05/10/world/germans-stand-up-no... (BUT Germany has fairly strict rules on registration of your place of living, so perhaps a census is now unnecessary)
That was the last _national_ census. Two more were held in 2011 and 2022 as part of the European union: https://www.destatis.de/DE/Themen/Gesellschaft-Umwelt/Bevoel...
Before the Nazi's invaded the main guy who advocated for the civil registry which allowed the Nazi's to easily find jewish people went to his grave believing he did nothing wrong in advocating for such a database.
Clearly we all need to be thinking much more deeply on these issues.
I think the hard counterpoint is - some ways that American government function are patently insane compared to other industrialized countries. Having moved from US to Nl just having one single source of truth about where I live and who I am for all sources of government is much less of a headache in day-to-day life. Mail forwarding, authentication for municipal governments, health insurance, etc, just takes 0% of my life (compared to the pain of authenticating myself separately to every part of the government, sometimes by answering questions about my life trawled from _private_ data aggregation companies - the lack of a central civil register does not seem to be particularly effective right now in stopping the Us government from terrorizing its citizens. Gathering this data for everyone is certainly more tedious but i think avoiding the dragnet completely for the average member of society is functionally impossible.
> the lack of a central civil register does not seem to be particularly effective right now in stopping the Us government from terrorizing its citizens.
What do you base this on? How can you be sure that it's not a major impediment to the ambitions of certain political actors, and that their impact wouldn't be far worse if they had access to centralized sources of data?
Because they DO have whatever data they want: From Palintir.
Preventing the government from accumulating a database is meaningless. But it doesn't matter anyway. Even if they didn't have any data, that's not an impediment, because there is zero pushback to literally blackbagging people off the street and sending them to another country. They just want to harass brown people and you don't need a damn database for that. Bootlickers have eyes.
This bullshit about government databases has always been a meaningless distraction. Oppression doesn't want to be precise or efficient, it's counterproductive to the goal of scaring people into compliance.
Tell me, how do you believe they are stymied at all? They've arrested anyone they want.
So I'm in general agreement, especially as things stand. But there is one hell of a counterargument that says if the US govt had an authoritative database of all citizens+residents, and effectively enforced that database, then there wouldn't be so much energy based around demands to remove "the illegals" in the first place.
Once again I do generally agree with the desire to limit the abilities of the government, especially pragmatically in the context of the current situation. And politically I'd say that the general topic is being used in bad faith to drive support for fascism rather than earnest policy fixes (eg killing bipartisan immigration bill, in favor of this).
But in general there is an American blindspot of fallaciously seeing system layers as something like a gradient of less-to-more control rather than a yin-yang where diminished control in one area makes it pop up in another.
> But in general there is an American blindspot of fallaciously seeing system layers as something like a gradient of less-to-more control rather than a yin-yang where diminished control in one area makes it pop up in another.
Can you provide some examples of this phenomenon?
One of the big ones is the calling to naively eliminate government regulation, imagining that will always make things "more free", while ignoring that corpos are perfectly willing to create private regulations on their own. This often ends up amounting to facilitating de facto government, despite some epsilon of choice.
There are many more-specific examples of this, but maybe a straightforward and less-partisan one is how the (incumbent) electronic payment networks ban a whole host of types of uses, and do so basically in lock step, despite those uses not actually being illegal. That is private regulation, not even accountable to the democratic process by default. And it avoids becoming accountable by fooling people with narratives of "avoiding regulation".
These kind of systems work perfectly and smoothly as long as the human in question lives his life within the box decided by the government. If not, these systems are hell.
Where "the box decided by the government" means having a mail address?
Most advanced countries also view that as a basic human right...
In some hyper-bureaucratic nations, everything is tied to your individual tax number. In other hyper-bureaucratic nations, everything is tied to your bank account.
It can also be tied to a postal adress in some nations, which makes it hell for people like sailors, seasonal workers, or other very mobile citizens. You're basically dependent on having to know somebody which you can completely trust to make sure they relay your mail to you. One of the "boxes" the government wants to put people in is that they reside at one adress, but many people do not live like that.
This administration went in and just flagged people on Social Security as deceased. They said 'those people can just get it fixed'. They also said people that complain are cheats.
There are many people on fixed social security that can't afford missing a payment, let alone the 3 it would take at a minimum if it all works out to get this fixed. By that point they could be homeless, their credit could be ruined. These aren't easy things to fix if you are 80+ and depend on Social Security and renting.
Concentrated power even for the best on intentions (in this case deciding in the 1930s 'old people shouldn't have to eat dog food') is extremely easy to abuse.
The Nazis didn't actually need the pre-occupation data from the civil registry to easily find Jewish people.
In January of 1941, the Nazis ordered all Jews in the Netherlands to register themselves and virtually all of them, some 160,000, provided their name, address and information on any Jewish grandparents to the government.
If the lesson one learns from the Holocaust is that one shouldn't collect data just in case some genocidal group comes to power, then I fear one has learned the wrong lesson.
Who was this guy?
I am having a very hard time finding his name, but there was a section on him in the dutch resistance museum.
I highly suggest visiting it! Sorry for the lack of an online source.
What can we even change? It's likely HN will also go to the grave demanding deregulation amidst a maelstrom of consumer protection malfunctions. We're already there in many respects; the DOJ's case against Google and Apple both seem to have stalled-out while the EU, Japan and South Korea all push forward with their investigations.
In many respects, the attitude of "we'll fix this one day" is exactly why we don't think deeply about these issues. Client-side scanning was proposed only a short while ago, and you can still read the insane amount of apologists on this site who think that unmitigated data collection can be a good thing if you trust the good Samaritan doing it: https://news.ycombinator.com/item?id=28068741
It will take an utter catastrophe before the deregulation bloc sees what's at stake. This is far from over, despite the unanimous desire to put security in the rearview mirror.
Go out, tell your non-techie friends how data can be misused.
"But I have nothing to hide"
And then tell them the story about the Jewish people in the Netherlands....
Alternatively, ask them how accurately an email need to describe their medical history before they believe it's real and fall for a scam.
That has never been convincing to them because they are fundamentally incapable of putting themselves in the shoe of an "other" like that. Look at all the people who voted for Trump literally to deport all the illegals and cry foul when he arrests their significant other or parent.
This phenomenon is well documented, from "the only moral abortion is my abortion" to suddenly accepting gay people when your child comes out to a huge quantity of Americans only being accepting of gay marriage rights after watching a damn sitcom, to "deregulate everything" types suddenly screaming for the government to do something after they get scammed/screwed/used as expected like most of the crypto community.
True, but there is a large fraction of people who are not like this, but haven't given the dangers of data collection enough thought. You can reach those. Are that enough people? Let's hope so.
I really fear for our older generations and those who are less tech-affine. What chance do they have to not be scammed by AI generated videos, fed by exfiltrated private data of them and their family. Grandparent scam on steroids.
The simple counterpoint is that lack of data didn't stop the nazis a single fucking bit, and ICE has no problem breaking down random doors and harassing legal establishments.
This absurd idea that all we have to do is "defang" the government and we can safely ignore it, as if the problems that these data sets are built to work towards fixing would magically go away, or magically mean that people who experience those problems wouldn't still try to get something done about them, except now outside of a legal framework of any sort.
Do you actually think people with broken governments are more free in their world of arbitrary penalties and non-existent solutions?
A blinded government isn't less dangerous when it gets hostile. It just makes it more random and less well targeted. But that won't STOP it.
The holocaust would have happened just the same even if we never made counting machines. The main difference with IBM helping the Nazis is that we have good data about who died in the camps and good documentation. Funny that doesn't seem to matter to morons who think it's a hoax though.
Or do you honestly believe Jews faced no oppression and extermination in the areas without good data on them?
The actual answer is, as always, the hard one: Suck it up and pay attention to your government, participate in democracy, advocate for good politicians, understand how our system is somewhat broken and non-representative, and vote for people who will make it more representative.
There's no option to disregard politics and stay safe. If enough people in your country want you dead, no government can protect you of that if you stay disengaged. Ask the native americans how safe they ended up without a comprehensive database of their existence. We nearly exterminated the buffalo to solve that "problem". Because it was popular. No IBM needed.
Not having the data readily available slows it down. Having more random and less well targeted actions hit the supporters, so weakens the support. Is that enough? No. But I still lock my door, even if this will only slow down a determined thief.
Additionally, data collected by the government can also be misused by others. So it's still better to not collect unnecessary.
Its noteworthy to me that it took till 1943 for the reality of the threat to be taken seriously for this outcome
People making parallels I feel have been inaccurate, as the parallels right now are much closer to Europe's 1933 happenings, and people act like 1945's happenings is what will happen the very next day
Not sure what to make of that, just noticing that these particular "resistances" didn't have a prior allegory to watch, and made these choices eventually, and still how late into the story we know that these things occurred
What can I say, it's hard to give up data. So I guess the situation must escalate until the bad outcome was undeniable.
And I don't want to make a point here about current political affairs. My point is that data collection has serious dangers, independent how good you think the current collectors are, how good the intentions of the data collection are, and how good the benefits of the data collection are. We should not pretend that at least some data collection has benefits. But we should also not pretend that any given data collection doesn't have the risk of misuse.
It's up to politics (in the end, us), to make sure that these risks are valued correctly, for example by making sure that data collectors take over some of the risk in a serious way. "The data was protected according to industry standards" is not enough.
A lot of that is because of the advent of computer systems built by IBM to maintain records.
https://en.m.wikipedia.org/wiki/IBM_and_the_Holocaust
IBM also built a calculator for the IRS in the late 1800s. They have been working with the government before nearly anyone still alive.
Edit: it was for the 1890 US census, not the IRS. I apologize for my prior error.
https://en.wikipedia.org/wiki/Tabulating_machine
Friend, are you really conflating a calculator with a system of records knowingly used to enact the Holocaust? I recognize your point, but the valley between the two things is so large that I'm going to assume you're trolling.
Not at all. I’m saying that IBM has been getting government contracts for a while, and they worked with Nazis in Germany to tabulate undesirables.
Okay, but what's your point? The OP question was about what shifted.
If you believe that IBM carries water for fascists, the history seems to support that.
What’s your point?
Alternate take, since social consequences only arise after your client gets invaded by 2 superpowers at once, and you don't really know what a party or government is going to do, the downside is very improbable and its rational to continue contracting with them all
I’m not making a legal or moral argument, merely an observation. I think it’s silly to assume that corporations have values beyond line go up.
People have values. Deciding who you work with is a legitimate concern. No one alive today at IBM is likely to be a Nazi collaborator, but the company benefitted from Nazi money. I’m not sure if IBM ever paid any reparations or was ever asked to.
I think any company as old and as involved with government contracts as IBM is going to have some conflicts of interest, which says more about the world than it does about IBM.
My original point was that I believe the reason the math was so complicated for the Census and indirectly for the IRS regarding taxation in that period, was due to the Census Bureau also being responsible for tracking the frontier line. The release of the 1890 census marked the official closure of the frontier in the American West.
https://en.wikipedia.org/wiki/1890_United_States_census
I think the whole timeline of WWII is broadly misunderstood in the US. I imagine it’s related to the fact the US entered quite late, and that much of what’s taught in school is fairly US centric.
It’d be very interesting to survey people and see how people’s mental models reflect reality. I imagine very few Americans would identify what was going on in 1933 at all, never mind that Hitler’s first attempt at a coup took place nearly 20 years before the US entered the war.
To be fair, I never heard about the Canadian-US war before I moved to the States. But we went over the Nazi regime multiple times in school [I am German].
fwiw we do make a lot of jokes about getting rejected from art school