I mean, if too many personal data are collected, how can it be used? What is within the realm of smartest people? Will it really be in a con man's hands closed to me?
Also, GDPR and laws' flaws? Behavioral flaws? What can greatest hackers really do?
Finally, what will take time to mature and which regulations will never be launched, yet concerning?
Top comments (3)
Well, this is a really broad question with multiple valid answers.
First, unrestricted data collection and the hacks leading to the exposure of this data is mostly a security issue. Many sites collect personal details like the date of birth, addresses without a serious need for them, but "just to have the data". In case of a breach, this data can be misused. If you have the name, date of birth, address and other contact details of a person, you can impersonate this person to get access to their bank account, for example. That's why those huge data packages from hacks are regularly sold in the darker edges of the internet.
Additionally, exposure of your personal data harms your personal rights. Nobody wants anybody to know details about him.
Talking about privacy laws: they exist to protect people from a) misuse of this data if it's exposed and b) misuse of this data to harm their personal rights and manipulate them.
This is far more concerning than those hacks you mentioned, because the more a company like Facebook knows about you, the more it can manipulate you to use their service more and more. It's all about psychology: if you know every little detail about your neighbor, you could even blackmail him. I don't want to go into all the details here, but if you have access to Netflix, I highly recommend watching "The Social Dilemma", which explains the problems with data collection by big social networks.
To close this: privacy laws like the GDPR in the EU are extremely important to regulate the gathering, saving and misuse of personal data.
Why should I think I am a worthy target? Who might be targets? Who can really see / buy my personal data?
From the ethical and rulers' perspective, I can see that it matters, because it shifts objectivity away from truth, and subsequently, does not maximize public benefit. Therefore, there should be a law.
Well, anybody who has at least a few dollars in his pockets is a worthy target. And almost all data is usable in some shady way, even if it's just your email address for spam.
People buying your personal data probably do this in bulk with thousands or millions of other datasets. They try to some automated credit card fraud or whatever they can do with your data. If it's working, they got something you paid for, if not they try the next dataset. And if there's no valuable data in there, they probably bought your email address which can be used to send spam.