Get the top HN stories in your inbox every day.
tolerance
ddtaylor
I think this kind of argument is a modified version of an ad-hominem attack.
When you disagree with an argument, you are supposed to address the argument itself, not the thing making the argument.
watwut
That went out of window and provably failed even before LLM. The strategy of flooding everything with cheap false claims and arguments while demanding that the opponent spends increasing amount of effort and time was a success even before. It became worst with LLM.
So, no, you are making the claim, first prove it is worth any of that effort.
ddtaylor
This seems like a chicken and egg problem.
hananova
Ad-hominem (literally: "to the person") requires a person on the other side of the argument. This wasn't made or written by a person, thus ad-hominem does not apply.
samrus
Thats a bit pedantic. Youre still arguing against an entity rather than addressing the argument.
If you prompted an LLM to make a PSA that people should brush their teeth, is it a fair to argue that brushing your teeth is bad because an LLM made the argument?
grumpymuppet
Presumably why the person you are responding to called it a modified ad hominem.
tmaly
Maybe we need a phrase like ad-machinam to attack LLMs.
api
Made me coin a term.
Ad hominllm: the dismissal of a work or an argument because an LLM was, or may have been, used in its construction or editing.
Ylpertnodi
Pronounced: ad homin-ellem?
stackedinserter
It all makes sense, I don't care if it's LLM-generated or not. I'm fine with 100% LLM-written bill if it protects me from Flock et al.
normalaccess
I agree, and it wont... We will all be tracked at all times as the new global economy is created.
Biblical times.
lich_king
Yeah, most charitably, it seems to be some sort of an LLM art project. And it's another day when we engage with slop because it happens to say something we like.
duskdozer
Who has ever written like this:
(a) In general.—There are authorizedgaryfirestorm
As opposed to bills sponsored by real people that completely decimated privacy? Patriot Act? I’ll take slop that has some semblance of reasonable privacy protection any day.
ramon156
There's some obvious issues that come with LLM generated bills. LLMs tend to stay very generic, to have a lower chance of being "wrong".
I could also ask my 5 year old to draw a bill for me, that's as successful as giving a generic bill.
int_19h
> LLMs tend to stay very generic, to have a lower chance of being "wrong".
It depends entirely on how you prompt them.
samename
Of course, I’m absolutely for this. It is way overdue. But, what’s the group behind this? Who’s pushing it?
I haven’t read through the bill and text yet, but credibility is important in this fight. Plus, this can change at anytime, so knowing who’s behind it amplifies the trust.
We need to be having these conversations yesterday. Our fundamental freedoms are under attack, and a bill like this would go a long way to protecting future generations
dotancohen
Just because a bill has a name - and pretence - that you like, does not mean that it contains regulations, requirements, or restrictions that you would like.
maxrmk
The bill bans making access to a service contingent on consent. This would kill Gmail, Google Maps, Facebook, Instagram and basically every other ad supported service. Making subscriptions the only consumer business model would be bad imo.
fc417fc802
The impacts of the model that BigTech currently follows closely resemble those of product dumping. Effectively banning that model would mean alternative subscription based platforms would stand a much better chance of succeeding than they currently do.
edoceo
a) It wouldn't kill them. They would have to change their business model though.
b) Shouldn't our laws prioritize natural-persons over corporate desires?
Companies don't have a right to a specific revenue model. Humans should have a right to their own identity.
maxrmk
My desire is to be able to use those products without paying for them. And to use them with friends and family members that can't pay for them.
palmotea
> My desire is to be able to use those products without paying for them.
You can't actually do that. None of those companies are charities.
You pay one way or another.
samrus
If you desired to inject heroin into your veins, that wouldnt mean we should decriminalize it
dotancohen
Sure, and while we're at it how about busses that you don't have to pay for? And food? And housing, why not?
ArchieScrivener
How is paying for a product instead of being the product a bad thing?
normalaccess
I'm ok with that. for too long the parasites have hidden behind "advertising" as a way to collect data.
Say it loud so the kids in the back can here:
- IF IT IS FREE YOU ARE THE PRODUCT -
m463
nonsense.
You could have a mail client with a static banner ad at the top.
maxrmk
Those exist! People choose to use gmail because of the scale, stability, and feature set paid for by targeted advertising.
samrus
[dead]
Spivak
Defining a picture of your government id not being a sufficient credential for… well anything would probably be enough to kill all these age verification laws and might get some traction legislatively if you frame it right.
It has the benefit of being literally true, whoever thought the was necessary to have a bunch of hard to forge security measures on IDs which require physical inspection probably wouldn't be okay with easily faked scans being accepted.
kg
Does anyone know what this part means?
> Require Social Security Numbers to authenticate preventing fraud.
There's a ton of stuff piled into the agenda on this page but that one in particular stumped me. Is it proposing that people (who?) are required to use their SSN to authenticate (for what?) or that the SSN agency is supposed to authenticate... something before doing something?
buzer
The bill text is at https://github.com/righttoprivacyact/bill/blob/main/bill/rig...
It contains following:
> (i) Finance and high-risk identity proofing.—No person shall extend credit, originate a loan, open a high-risk financial account, or provide another high-risk financial service based solely on a Social Security number, static identity information, or an uploaded image or copy of a government-issued identity document. A person engaging in such activity shall use multi-factor identity verification reasonably designed to verify both record consistency and claimant control, using less intrusive reasonably reliable methods where available.
> (j) Social Security number not sufficient identity credential.—A Social Security number, taxpayer identifier, or similar identifier shall not by itself be treated as proof of identity for purposes of this Act.
So, to me at least, it sounds like they actually mean "Providers must not use SSN for authentication (including fraud)".
anonym29
Privacy advocates, UNITE!
Just leave your name and email on this contact form on github, so privacy can be solved once and for all!
(/s, but an interesting paradox for pro-privacy initiatives soliciting identifiable public support)
tangotaylor
Upvoted because I like the effort and I want more visibility on this subject.
But I also don’t want to step on the EFF’s toes. They’ve been doing good work on this area for decades and I’d prefer we work with them on policy details.
Here’s a whitepaper on their policy positions: https://www.eff.org/wp/privacy-first-better-way-address-onli...
1shooner
I appreciate the sentiment, but this doesn't really seem to put itself in the context of the state of play at the federal level. Namely, pro-privacy states have existing legislation they want to be the 'floor' of privacy protections, and anti-privacy states want to use a federal bill to preempt those laws, making the federal law the ceiling that they can lower in one fell swoop. There are real risks to a federal law that preempts state legislation.
Cider9986
We have to try.
panny
>Update CAN-SPAM for one-click deletion of email addresses from databases.
Then how can I know not to send you another email if I don't have your email flagged in my database to do-not-send?
JoshTriplett
You delete the rest of your spam database and replace it with `fn can_send_spam(_: Email) -> bool { false }`. You delete the "can we spam you" checkbox from your checkout page and replace it with "return false".
For legitimate newsletters and similar: you delete any and all forms that allow signing up to receive emails without affirmative consent from that email address that they want to receive mail, and you offer a one-click effective-immediately "unsubscribe" to retract that consent at any time. Then, you can tell if you can send someone mail based on whether they're in your database of people who have explicitly consented to send you mail, and you don't ever send email to anyone else other than one-time consent requests and order-confirmation-style transactional mail.
The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
panny
>The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
That's not actually how HIPAA compliance works. You're required to keep 7 years of communications, and part of those communications is who you sent it to. Amazon SES sends complaint notifications and you're not allowed more than 1 complaint per 1000 emails or they shut you down too. People who are repulsively anti-spam have ruined email as a medium.
I'm merely pointing out the technical aspect of this bill is ridiculous and everyone sending transactional emails will fight you, killing any bill you might have.
JoshTriplett
> People who are repulsively anti-spam have ruined email as a medium.
That is a ridiculous attitude. Spam has ruined email; anti-spam is the attempt to keep it usable. Anti-spam wouldn't be needed in the first place if not for spammers.
> Amazon SES sends complaint notifications and you're not allowed more than 1 complaint per 1000 emails or they shut you down too.
Good, that sounds like a reasonable step.
Now if only there were existential-level fines for sending spam, too.
Yes, I am aware of people who use the "report spam" button because they can't be bothered to hit "unsubscribe". Which wouldn't be as much of a problem if 1) they felt like they'd subscribed in the first place, rather than being tricked by a default-to-spamming "do you not not not want us to not spam you" checkbox, 2) spammers didn't act like having an "unsubscribe" link was all they need to do to make it okay to send unsolicited commercial email, and 3) unsubscribing reliably worked.
> transactional emails
Transactional emails have never been the problem. People buying lists of emails and sending email marketing spam and trying to defend that as in any way a legitimate practice have always been the problem, along with phishing, scams, etc.
abound
Wouldn't a hash work great for this purpose? I.e.
1. User requests for email alice@example.com to be removed from database
2. Company removes "alice@example.com" from 'emails' table
3. Company adds 00b7d3...eff98f to 'do_not_send' table
Later on, the company buys emails from some other third-party, and Alice's email is on that list. The company can hash all the email addresses they received, and remove the emails with hashes that appear in their 'do_not_send' table.
You'd have to normalize the emails (and salt the hashes), but seems doable?
dotancohen
No need to salt individual hashes, just one hard coded salt for all.
wildzzz
So in the end, they have a list of emails that match the hashes in their blacklist? What's the point?
fc417fc802
Any entry that matches a hash needs to be deleted. The point is presumably to minimize the retention of PII.
DougN7
I’m too cynical because at this point I can only believe this is to help billionaires and ICE hide their identities/money, or it’s to strip away all privacy (as bills are often named the opposite of their purpose).
Get the top HN stories in your inbox every day.
What percentage of this is lawslop?
https://github.com/righttoprivacyact/bill/tree/main/tests
There’s clearly a non-trivial level of LLM involvement.
I want to say 100% lawslop. I can’t figure out who’s behind this to ascertain their qualifications and acumen in the space.
100% seems like a safe place to start speculating from but I can be talked down.