Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Maybe you don't need a technical solution. Maybe opt-outs with HIPAA-style fines for noncompliance would work.


I feel this will become an exercise in box checking "compliance" just like HIPAA.

Sure, your medical records are encrypted on disk (but I have the key in plaintext right next them).

Sure, there's an opt-out on our site. Good luck remembering to click the opt-out button in the corner every time you visit.


Trusted execution environments enable the kind of automation that addresses these complaints.

A government opt-out defaults database would partly address the 2nd objection. (Only partly)


Anything with potentially negative consequences should be opt-in, not opt-out.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: