At this point, nearly every online service should be considered hostile. If they can make a small amount of money by compromising your privacy or your identity, they will. If they can make a small amount of money by stealing your attention and addicting you, they will.
Are there exceptions? I'm sure. Will I be erring sometimes by being cautious? Definitely. But, there is really not much of an alternative these days.
I have long wondered about the market size for privacy-focused apps. Sure, plenty of people don't know or don't care to value that, but if there are enough, maybe you could have a whole set of apps that emphasize they are not seeking world domination or selling out to the highest bidder, and a major selling point for using them would be that they are not < your expected chat/dating/photo/social site >.
Am I too idealistic? If such apps are not aggressively seeking hyper growth, it seems like these more trustworthy services could be deployed to cheap servers and let people use them for cheap without having to resort to selling user data.
Even if they were initially trustworthy, it's surely only a matter of time before they start wanting/needing to make (more) money and start abandoning their principles in pursuit of profit.
On one spectrum, you have privacy -- at one extreme, the most private of people don't even use social apps, they are traditionally private people. At the other extreme, you have the highest consumers of apps -- the people who demand sharing the most.
On the other spectrum, you have technical acuity -- at one extreme you have people who can audit software they use and verify that it actually does what it says -- at the other extreme, you have people who have no clue and will believe whatever is convincing.
Given this, the market for "app that enables sharing, but has privacy controls, and is verifiably so" is a tiny circle somewhere in the middle of this grid.
Users who want to be private and are willing to pay extra for it are necessarily highly valuable for data brokers and advertisers. So incentives always push towards betraying them eventually I think.
Is that true? Not arguing, just curious. I would imagine that the highly valuable users are those most likely to buy things, and people that into privacy would be fundamentally more likely to also go to extremes to block that advertising, but this is very much not my area.
The problem is that large-scale use of the Internet for social networks and for organizing meetings in real life is fundamentally incompatible with privacy. It works for small, tight-knit insular groups, but as soon as you expand the scope of the network to include acquaintances and friends of friends you'll eventually find a connection to someone who cares less about privacy than about making a buck.
If we had a sort of "federated" system we'd still have this problem because you might always find yourself federated with someone who just wants to sell the information.
It's a cultural problem within this hyper-aggressive version of Capitalism that we've adopted, that even data about people has value. Until we decide as a culture that this kind of data sale or data use is shameful and unacceptable we'll be in this situation no matter what technical solution we adopt.
Not privacy-focused, but OKCupid itself fit many of your requirements when it first came out. It wasn't aggressively seeking hyper growth and barely marketed outside of existing SparkNotes and SparkMatch users. It was just a few math nerds at Harvard that wanted to model human romantic compatibility by categorizing you into a shareable cutely named personality type, and they bolted on crowd-sourced questions to see if whatever they hadn't thought of themselves might be relevant.
Ten years later, the social media revolution is in full swing, the relatively small service they built that had catered mostly to nerds was suddenly lucrative, and they sell to Match Group and this happens.
To be entirely fair to these guys, I don't think they came into it intending to sell out as their long-term goal. But four guys who got into data analytics in college also didn't find themselves as their mid-30s approached particularly wanting to run a dating service for the rest of their lives, either.
Whatever happened to FetLife? If any dating service had to be privacy-focused, that was it.
Open source developers are wildly idealistic. In the rest of the world, I have finally internalized...
1. Most people say they care about privacy... but won't spend even $1 for it. They care about their privacy about as much as an open source developer cares about user experience. Just extract the tarball, it's not that hard.
2. Most people don't care about technology and want it out of their lives. They don't want to know what sideloading is. They don't want to know how to discern safe from dangerous. And they aren't wrong. How many open source developers know how to drive manual? Car enthusiasts have just as much of a righteous claim to attention, after all. The model railroad enthusiasts are also upset by our community's lack of attention. Every enthusiast, in every field, hundreds of them, are upset by lack of mainstream attention, and this will never change.
3. Linux and open source software in general are not even close to being popular on the desktop. Gaming and web browsing is a tiny subset of what people buy PCs to do, and Linux isn't even close on the rest. Even the gaming success is so niche it's irrelevant in the grand scheme of things (Switch 2 outsold 3 years Steam Deck sales in the first 24 hours).
4. Some of this optimism was deluded from the start. Like when Stallman said we can defeat proprietary software with open source, then openly admitted he had no idea how any open source developers could afford rent. "If everyone works for free, while the big companies stop working, we could get ahead" is gobsmackingly naive and it's honestly astounding anyone fell for it.
I suspect that instead of them "giving" the photos to the facial recognition firm they sold them. Those photos and the PII data associated with them are the only things of value that a site like OKCupid controls.
Considering how long OKCupid has been around, there's a good chance a significant majority of internet-using millennials have had an account at some point in their lives.
Google GCP updates me with a list of third party subprocessors which potentially interact with my data. All end users of any service should be informed of direct and transitive subprocessors.
The vast majority of users have not idea what exif metadata are. It's probably time to look it up. You know that automatic geographic location data that shows up in your favourite photo app ... There you go.
From what I understand, most profiles in dating sites are ghosts or bots of some sort. As for what is left, there will be those photos of six foot tall men that happen to be five foot and exaggerating somewhat. As for age information, isn't everyone lying about that?
All considered, I can't think of a worse database to train facial recognition on.
At this point, nearly every online service should be considered hostile. If they can make a small amount of money by compromising your privacy or your identity, they will. If they can make a small amount of money by stealing your attention and addicting you, they will.
Are there exceptions? I'm sure. Will I be erring sometimes by being cautious? Definitely. But, there is really not much of an alternative these days.
I have long wondered about the market size for privacy-focused apps. Sure, plenty of people don't know or don't care to value that, but if there are enough, maybe you could have a whole set of apps that emphasize they are not seeking world domination or selling out to the highest bidder, and a major selling point for using them would be that they are not < your expected chat/dating/photo/social site >.
Am I too idealistic? If such apps are not aggressively seeking hyper growth, it seems like these more trustworthy services could be deployed to cheap servers and let people use them for cheap without having to resort to selling user data.
> I have long wondered about the market size for privacy-focused apps.
The real problem is how to trust that a "privacy-focused" app is actually privacy-focused. You certainly can't take the publisher's word for it.
The only safe stance is to withhold as much personal information from as much software and services as possible.
Even if they were initially trustworthy, it's surely only a matter of time before they start wanting/needing to make (more) money and start abandoning their principles in pursuit of profit.
This is a multi-axis problem.
On one spectrum, you have privacy -- at one extreme, the most private of people don't even use social apps, they are traditionally private people. At the other extreme, you have the highest consumers of apps -- the people who demand sharing the most.
On the other spectrum, you have technical acuity -- at one extreme you have people who can audit software they use and verify that it actually does what it says -- at the other extreme, you have people who have no clue and will believe whatever is convincing.
Given this, the market for "app that enables sharing, but has privacy controls, and is verifiably so" is a tiny circle somewhere in the middle of this grid.
> at one extreme you have people who can audit software they use and verify that it actually does what it says
Unless the software sends data off to the cloud or a sever somewhere. You can't audit what happens there.
Users who want to be private and are willing to pay extra for it are necessarily highly valuable for data brokers and advertisers. So incentives always push towards betraying them eventually I think.
Is that true? Not arguing, just curious. I would imagine that the highly valuable users are those most likely to buy things, and people that into privacy would be fundamentally more likely to also go to extremes to block that advertising, but this is very much not my area.
The problem is that large-scale use of the Internet for social networks and for organizing meetings in real life is fundamentally incompatible with privacy. It works for small, tight-knit insular groups, but as soon as you expand the scope of the network to include acquaintances and friends of friends you'll eventually find a connection to someone who cares less about privacy than about making a buck.
If we had a sort of "federated" system we'd still have this problem because you might always find yourself federated with someone who just wants to sell the information.
It's a cultural problem within this hyper-aggressive version of Capitalism that we've adopted, that even data about people has value. Until we decide as a culture that this kind of data sale or data use is shameful and unacceptable we'll be in this situation no matter what technical solution we adopt.
Not privacy-focused, but OKCupid itself fit many of your requirements when it first came out. It wasn't aggressively seeking hyper growth and barely marketed outside of existing SparkNotes and SparkMatch users. It was just a few math nerds at Harvard that wanted to model human romantic compatibility by categorizing you into a shareable cutely named personality type, and they bolted on crowd-sourced questions to see if whatever they hadn't thought of themselves might be relevant.
Ten years later, the social media revolution is in full swing, the relatively small service they built that had catered mostly to nerds was suddenly lucrative, and they sell to Match Group and this happens.
To be entirely fair to these guys, I don't think they came into it intending to sell out as their long-term goal. But four guys who got into data analytics in college also didn't find themselves as their mid-30s approached particularly wanting to run a dating service for the rest of their lives, either.
Whatever happened to FetLife? If any dating service had to be privacy-focused, that was it.
> Am I too idealistic?
Open source developers are wildly idealistic. In the rest of the world, I have finally internalized...
1. Most people say they care about privacy... but won't spend even $1 for it. They care about their privacy about as much as an open source developer cares about user experience. Just extract the tarball, it's not that hard.
2. Most people don't care about technology and want it out of their lives. They don't want to know what sideloading is. They don't want to know how to discern safe from dangerous. And they aren't wrong. How many open source developers know how to drive manual? Car enthusiasts have just as much of a righteous claim to attention, after all. The model railroad enthusiasts are also upset by our community's lack of attention. Every enthusiast, in every field, hundreds of them, are upset by lack of mainstream attention, and this will never change.
3. Linux and open source software in general are not even close to being popular on the desktop. Gaming and web browsing is a tiny subset of what people buy PCs to do, and Linux isn't even close on the rest. Even the gaming success is so niche it's irrelevant in the grand scheme of things (Switch 2 outsold 3 years Steam Deck sales in the first 24 hours).
4. Some of this optimism was deluded from the start. Like when Stallman said we can defeat proprietary software with open source, then openly admitted he had no idea how any open source developers could afford rent. "If everyone works for free, while the big companies stop working, we could get ahead" is gobsmackingly naive and it's honestly astounding anyone fell for it.
I’ve never posted information anywhere off a machine that I control unless I’m comfortable with it being sold or made public.
Reduces anxiety.
That's great if you live like it's still the 90s.
The persistence of data means that if you expect a firm to eventually become hostile, you should treat them as hostile today.
Reminds me of another story when 23andme sold dna data https://www.npr.org/2025/06/30/nx-s1-5451398/23andme-sale-ap...
I suspect that instead of them "giving" the photos to the facial recognition firm they sold them. Those photos and the PII data associated with them are the only things of value that a site like OKCupid controls.
Counting the number of comments in this thread 50 minutes later (2 including mine), I can just extrapolate most of HNers have an OKCupid account
Considering how long OKCupid has been around, there's a good chance a significant majority of internet-using millennials have had an account at some point in their lives.
no comment
At least back then it was just 2D Tinder for verified you have to do the side to side maybe photogrammetry
I don't participate in this stuff anymore the dating app algos have put me in the ugly stack, sad but true
Also nowadays hard to tell if people are real
Google GCP updates me with a list of third party subprocessors which potentially interact with my data. All end users of any service should be informed of direct and transitive subprocessors.
In these cases can we use 3.0M to disambiguate from the company name?
The vast majority of users have not idea what exif metadata are. It's probably time to look it up. You know that automatic geographic location data that shows up in your favourite photo app ... There you go.
> The alleged conduct at issue does not reflect how OkCupid operates today.
I mean, come on. This bullshit is what you said before.
You haven’t changed, you’re just pissed off you caught but a bit smug you got away with it scott free.
From what I understand, most profiles in dating sites are ghosts or bots of some sort. As for what is left, there will be those photos of six foot tall men that happen to be five foot and exaggerating somewhat. As for age information, isn't everyone lying about that?
All considered, I can't think of a worse database to train facial recognition on.
Does this still leave them open to liabi9lity in a class action lawsuit? The criminality is staggering.
Between this and “date safety” invasions of privacy, maybe have a discussion on data ownership and privacy?
[dupe] Discussion on source: https://news.ycombinator.com/item?id=47575616