Something like the Massachusetts MDPA that’s going thru their legislature now seems pretty robust especially for U.S. standards. Would be great to have a federal law, tho obviously since the US congress is 100% compromised this is basically the best we can hope for.

Federal law that bans the gov from skirting 4th amendment rights by buying data from third parties or data sharing agreements with foreign nations.

Yo I just wish you could opt out of government ownership

Enforcing GDPR fines would be a great start, only adding more if need be.

I feel like we could are more laws but if they are not enforced it’s pointless, maybe even worst but it gives the illusion of privacy while in reality nothing changes.

Simple, we treat “corporate crimes” the same we would if a 30+ year old man committed them to a 18 year old girl, because that’s what’s happening. Once you’re 18 the “child data protections” go away.

They essentially planted bugs in every 18 year old girl’s life and if your phrase it that way, the masses will realize how horrifying it is.

Google shouldn’t have our entire location history, that’s called stalking.

Google shouldn’t have an entire log of our private messages, that’s called eavesdropping.

Microsoft shouldn’t be taking screen shots of our screen, that’s called spying.

Amazon shouldn’t be using security cams to scan us for “AI” purposes.

Apple shouldn’t be using our phone microphones for “data collection”.

Facebook shouldn’t be compiling, scanning and indexing our photos.

I want a law banning political parties from collecting data on citizens. In Canada, the parties gave themselves a way to get around our privacy laws.

DNA is one that concerns me quite a lot. I can see some arguments in favour or retaining DNA on file for a longer term in certain cases - persistent sex criminals comes to mind - but I really think there should be tighter controls about just indiscriminately gathering DNA, and if you’re not found guilty of anything that info should be expunged and this should be independently audited IMO.

Also facial recognition for similar reasons. This feels like it should be the sort of thing to me that needs a warrant to be used, like searching a person’s home. Governments shouldn’t be allowed to just endlessly trawl through the faces of everybody who’s out in public for whatever reason they like. And using it to just sweep protests to (presumably) make a database of protestors should be a big no-no.

All trackers etc on websites to be off by default, with a single request to turn them on permitted, with “No!” as a big green button and “yes” as a small grey one.

Mandatory phone number collection at signup ban. Phone number as a primary ID or 2fa banned under cybersecurity law (sim swaps etc)

For financial and government services, the website should have all the functionality of the mobile app. Could be added to accessibility law.

No more ID required for SIM registration.

AI scan of CSAM in every means of communication. /s

All 3rd party data collection of identifiable information on users, IPs, domains, and devices (anything that can tie back to a consumer) requires line item affirmative consent from the user with a disclosure of what is being collected and all known current and future uses. That should put an end to websites with 4,000 trackers.

Sale of identifiable consumer data (including device information, etc…) to a 3rd party requires the affirmative consent of the consumer.

Targeted advertisements must include a link to information about why this advertisement targeted the user, and the source of the data that informed that decision.

Government agencies, political parties, PACs, and religious organizations are barred from collecting consumer data from 3rd parties. They are barred from commissioning others to collect 3rd party consumer data on their behalf for opposition research purposes. The single exception being narrowly targeted data for criminal investigations with a warrant.

A user’s microphone may not be engaged without affirmative user consent or a warrant. A ban on transmitting data for the purposes of mapping a residence or the movement of parties within a residence without user consent or a warrant.

Absolute consumer freedom to install whatever software and firmware they so choose on any consumer grade computer hardware they have paid for and are in physical possession of. So you may be prohibited from dumping malware on a server you rented, but you can hack your car, video game console, exercise bike, PC, etc… to your heart’s content.

A codified “right to be forgotten” upon request for all concluded commercial transactions, disused online profiles, and online media not pertaining to public figures, ongoing litigation, criminal matters, or matters of otherwise significant public concern after X length of time.

A government registry to be formed for the purpose of identifying which companies are storing personally identifiable information about you (not actually containing any of that info itself). Simply requiring companies to register who’s data they’re storing and what type of data, and providing a means of demanding that information be removed.