Working on a more thought-out post on this but I thought I'd get some feedback before diving too deep.
How about an Identity #coop ? A simple but solid #oauth identity provider that also advocates for it's inclusion as an idp to the services used by its members.
Convenience of single sign-on with the smallest possible security risk surface area and, being a co-op, members (users) decide what data is collected, shared, etc.
I have more but I'll stop here for now :)
@jjg I love the part where users would get to decide what kinds of data Is to be collected for analysis and for what purposes would the data be used, to facilitate service improvement.
For example, I am not against bug reports collecting by Mozilla in an effort to make Firefox better, but I am hoping that those crash reports are anonymous and only strictly relevant to Firefox.
From a privacy standpoint bulk data collection without choice and transparency is biggest issue.
@mareklach @alanz @jjg in theory this is what EU data protection law is supposed to be, right?
I wonder if the GDPR will change things much?
@ebel @mareklach @alanz Could be, I'm no expert on the subject though.
Being an American, it never occurs to me that government might protect someone's privacy 😂
@jjg @mareklach @alanz Lots of big US tech companies with a presence in EU will just implement EU data protection rules for everyone. It'd be too hard to separate out EU & non-EU data. Lots of Facebook features which allow you to export data are due to that being a current EU legal requirement.
@ebel @jjg @alanz Oh, that's a good point. I mean EU privacy laws are lawfully much more protective then US laws, so if they force a few good things onto companies globally, then that's definitely useful.