Sponsored: Don't leave you and your family vulnerable to data breaches! Go to aura.com/thiojoe to get a 14-day free trial to Aura.

Opt-In by default should be ILLEGAL

I don't understand why data brokers are even legal. The whole practice should be banned.

It should be opt out of data selling by default with the law. You should have to opt into anyone selling your data by default

There's still gonna be that one dude that says, "I got nothing to hide.."

All this data sharing and collecting should be illegal outright.

Sometimes, we think dark web is the scariest place to lose our info. But in reality, in this video, Thio shows how much of a privacy-looting era we live in !

When it comes to cyber security, the tinfoil hat can never be big enough. More and more often, the "tinfoil hat" proves to be justified though.

Problem is these laws are too weak. What needs to happen is we need a law that opts everyone out by default to all data collection and if they want to have their data collected they can fill out a form saying they consent to it but they know no one would willingly do that so yea.

I see the danger in profiling in "personalized" content delivery i.e. filtering. I need privacy tools to have a blank slate when I'm occupationally searching for things that have absolutely nothing in common with what I would be doing recreationally, and since my job switches topics often, those would suffer. If my colleagues find in seconds what I couldn't find in two days using half a dozen languages, with a backing of 20+ years worth of IT expertise, then that's a red flag that I need to depersonalize my internet footprint and separate different facets of it as much as possible. Privacy is not just about keeping things to myself, it's about not being boxed in by assumptions. When algorithms profile me based on past behavior, they limit my access to diverse information and reinforce biases I may not even be aware of. This creates a feedback loop where I’m only exposed to what the system thinks I want or need, not what I might actually require in a given occupational context. Three weeks ago it was drug prevention. Last week it was archeology. But sure youtube, keep giving me Irwing Finkel video suggestions...

Hey Joe, long time watcher of the channel here. I work in the telecom industry and you are absolutely right about CPNI and the steps to prevent it from being sold or shared. One thing that I've found helpful is going to the government's national "Do not call" registry, and this will opt you out of all (legally operating) business sales/solicitation calls. Another thing that is super helpful to know is that most telecom companies will actually give you a "proxy" telephone number if you ask for it specifically. This number works just like a regular cellphone number, but it forwards all texts/calls to your actual number. When the spam accumulates, you can just change the proxy number and keep your personal number, well, personal.

One thing about the California law, is you can even use it even if you don't live in California. Just click the opt out link, "say" you live in California or whatever and ask to opt out. And it will go through.

12:06 I work in shipping. That number is in case something goes wrong. If we can't reach you, that package is just gone.

ThioJoe, Aura owns Pango Group which owns shady VPNs. I don't think I'd use Aura because of that reason.

The biggest problem is that some companies are sneaky; some of them update their Terms of Service agreements frequently. Hidden in the fine print is that when they do that, many of the choices you made before are reset to default values (which benefit the company, of course). I discovered this on my car's dash software. I limited data collection on it, but in the next software update, lo and behold, data collection was turned back on in full. I discovered that with every update, I have to limit data collection again. I've found similar behavior on my phone and on several websites I'm on. I'm not a lawyer so I don't know if they can legally use this loophole to circumvent data privacy choices, but it wouldn't surprise me at all if they did.

3:44 Don't give up on the tracking

I'm already at the point of tin foil hatting my tin foil hat, so I can protect myself while protecting myself. Meta tin foil hat mode activated.

Really great video. Super impressed with how well researched this and how thorough it is.

A lot of the suggestions only apply to the US. A lot of viewers such as myself are not Americans. Some suggestions available to international viewers would be useful.

Never knew about a LOT of your security/privacy points. Very informative!

While I know many people rely on AI for video title suggestions, yours have consistently been the best I've ever come across. You can't help but want to click on them!

I didn't know about many of the things you talked about in this video. Now I know! Knowledge is power

Great info. This will help protect consumers. Thank you

It's interesting that I can buy my and my coworkers personal information from my employer to use as I wish, but if I ask my employer to see my employee file it's sensitive and proprietary information accessible only by senior management.

Ad break was super relevant :D

Is there a chance you could a similar video but for Europe? A lot of those tips don't really work outside of America.

In INDIA there are No "opt-out" phrases used in websites, They use Cookies Instead

Awesome video! Much appreciated 💜

good info ! ...some of the fault also rests with businesses we deal with -- they ask for a whole lot of information of us when we purchase something. I have started to not buy things if the business requires all my personal info, especially for online purchases....

Excellent information!! Thank you!!👍

Love your content dude. Especially when you cover the more obscure things that others don't. Hoping to one day see you go down the AHCI/Intel RST (RAID)/NVMe storage controller rabbit hole that's plagued the space for over a decade (especially system builders & users getting BSODs) with long-standing & unfixed AHCI bugs and mobo firmware.

i love you thio joe

Thank you for this video! This was very helpful. Do you have a written version for some of these tips?

The fact that these are all opt-out, instead of opt-in, should be DEEPLY concerning to people, and that is before taking into account (heh) all the hoops one must jump through to even get to the opt-out buttons. As many governments as possible need to be pressured into compelling data brokers to change this practice to opt-in exclusively, under threat of time in a maximum-security prison if possible. I do not care if this anything I have said here is a hot take.

THANKS 👍

it's funny that it is illegal in Australia - Privacy Act 1988 Cth, California - CPPA (majority of us population), Europe - GDPR , UK - GDPR to sell to undisclosed entities

Could you do a video on the following related topic: with what privacy and other rules do you need to take into account when you have a globally accessible website. There are so many rules I can't keep track anymore for every country, state and continent.

This wasn't helpful. In The EU the governments (cities) don't sell your info and other companies aren't allowed to share/sell it if it isn't their main purpose (e. g. your internet provider in contrast to visiting a random website that hosts ads to be free)

Indeed has this issue as well. I can no longer submit applications and they refuse to tell me why.

Those financial opt-out forms usually get sent to you in the regular mail. I don't know why your bank and credit card companies haven't sent you those over this time. Getting sent to those online is unheard of though.

I use DNS blocking to stop tracking sometimes it breaks links but it's better than having data tracked by everyone. also that GBLA is actually normally given with the terms and conditions of a credit card, debit card or loan.

Excellent video; thanks!

As intimidating as these institutions are, they do still have physical locations, and hdds where that info is stored. If those locations were to conspicuously and mysteriously explode due to inexplicable causes, then that stolen data would go poof. I'm not encouraging anything at all, just pointing out an obvious physical vulnerability all institutions have to recognize, acknowledge, and mitigate, if possible, in their risk assessments. Just doing my part to enhance security like a good security professional😊

The thing is that all this advices are great, but a lot of them if are not enforced by supervising the companies and corporations, you can "opt-out" all you want to stuff companies do, but they may do the stuff anyway in the background, if there is not enough punishment for not respecting the privacy options selected.

Would you *please* do a segment on password managers?!

My dad got a scam call, they pretended to be me and on vacation. The weird thing is, a few months earlier, I used a well know website to check out to go on a trip. Right at yhe time they called. Is this just just a coincidence? I don't think so.

You should have put those magic phrases in the show notes. Thanks.

Great info Thanks

Is this not the entire point of a data broker? Did people expect privacy from a company who exists to collect and sell your data?

Privacy laws in the USA are a mess because so much is set by States & not at the federal level. The EU has got it better because of GDPR.

"+" in an email is not a good idea. Many companies, for example M$, have broken email address filters that will reject any email address with a "+". But "-" should work too, I think.

I can just feel the soul of Linux brushing ThioJoe

Is it my imagination, or do websites forget my privacy settings faster when I opt out of everything than if I accept defaults?

And when the factory reset they got the apps programmed to pop back up so I can't even clear off my phone

0:54 "Let's make data sets to make easier for adversaries to find possible targets."

3:49 Insurance companies like to publicize that stuff.

Mines beef frozen for years now & I don’t have that number no more. 😭 😂

this suddenly makes me want to buy data on politicians

Selling PII of current government officials, including those serving in the military is a huge no-no.. I'm pretty sure that could be considered treason if selling it to the wrong entity(ies) if you're based in the U.S.

I knew data brokers would someday become a national security threat. Time to shut them down for good.

Should be you have to "opt in" vs "opt out" but that would do damage to Congress's honey pot of election contributions for favors... IMHO

I kept forgetting that the gmail+thing exist. My email is full with spam

Anyone outthere in AUS have paths we can take to optout from our shady banks, telcos etc im interested. Thank you

I think its cool that you can buy data about other people.

The magic phrase to use if you're an EU/EEA citizen is "GDPR's right to be forgotten or face a fine".

as long as us military personnel has nothing to hide it doesn't matter "If you have nothing to hide you have nothing to fear."

Dean Winchester quit hunting and now works for techsupport

I noticed in games I can disable advertising ads but they don't work

This is a national security threat and should be treated as such.

Fat chance they'll be legislation. They do the bidding of those who provide the cash.

Use email aliases in signing up for a service.

I use permission slip for privacy - it's free

Seems like when i try to improve my privacy,more privacy oriented youtube videos show up on my feed.Interesting...😅

Phone companies sell your data to anyone who asks. With no consent required.

I bet we are doomed whatever we do.

Yeah, data brokers are pretty bad. But when people use Microsoft products, Facebook, Instagram, Google, etc... they have no one to blame but themselves.

So happy to live in the EU.

Please watch out for Microsoft Recall in Windows 11, switch to Linux instead if you think MS taking screenshots of everything on your PC every few seconds is a bad idea

You should specify this video is only for USA. Google voice only works in USA

You're becoming like CChuck McGill from Better Call Saul.

1:50 thats insultingly low for someones pii

every databroker knows they can just drop the + and everything behind it to have your real mailbox if it's a gmail-address. as for gmail it's just a builtin filter. did you know that mail-addressed should be allowed to have ; and such in them as per the rfc? guess how many databases break on that ;)

Meanwhile in the EU, we also have a magical phrase: GDPR.

I have a much better idea that benefits everyone that’s important. Why don’t we have a law that makes it illegal for companies to sell or share your data, period? You want my data? Get a warrant. Not the police? Then you don’t need access to my data.

One of the best ways to deal with those agonising cookie pop ups, is to use an extension called I Don't Care About Cookies. Edit: I just realised this only hides the prompts, it won't reject them entirerly

What would you do if someone you used to date was hacking you and controlling you phone to such a figure it stopped you from living a normal life it the x bf. And his FEMALE FRIENDS DO IT WITH HIM ...VE HAVE A HICK TOWN SSOOOO THEY DICARD ME WHEN I SAY SOME TO POLICE ANYTHING ANY PIECE OF ADVICE THAT YOU COULD HELP ME WITH WOULD BE APPRECIATED IT'S BEEN 6 YRS FOR THIS HAPPENING. SINCERELY DIANE ROCK

In a "perfect world" things would be simple, and everything would simply be "opt-in". (Of course, this would never fly, since nobody would opt-in, and these mofos wouldn't make money)

Hey thiojoe you should make a video tutorial about how to root Android phone using magisk

Just think of these companies as a concerned ex and enjoy how popular you are 😌

I just use firefox and it does the same stuff as aura

Expect, with Trump about to be reinstated, that all protection laws at the federal level will be reversed to favor the big business and not you. Already Christi Noem has said she will get rid of CPFB on day one. Hold on to your butts.

"Cyber security and privacy nut" uses windows 11

I got nothing to hide

Wouldn't it be easier to change your name than to do 1 million deletion requests?

very slimy, making my own internet, and doesn't have any ads

How much do sponsors pay you for one KZbin video?

This has to be a video about Nintendo right?

Damn!

Far too many sites that ask for your address will try to verify that it's a valid address before accepting it. So it's a good idea to work out one or more valid addresses for your area (for ones that will reject even valid addresses if they don't match your geoip, though those seem to be rare) and use those whenever you can. It has the added bonus of looking entirely legitimate too, so they can't simply automate filtering it out to save them time/money.