Great article. I have a question though. The data that was used to track users at the capitol appears to primarily be from the Parler hack initiated by "Donk", where he grabbed posts of users, and farmed the EXIF data from their posts. But, I also heard but cannot confirm, that this occurred at the same time Maetz (?) the CEO at the time turned over the data to the FBI. So not sure on if that was a government request, or Donk was the one that published the data, and that is how we ended up with the activity (in one form) of Parler users at the capitol. So I guess I am wondering how much of the anonymous tracking animations we see of the Capitol insurrection are from government inquires or the Donk hack?

I work as a security guy at a manufacturing firm (I use that term loosely) and since we are global we both NA and EU privacy policies to contend with. The EU policies are arguably tougher, and it is easier for people to opt out, also, EU users can anonymize their user ID. Since I am that guy that can see every mouse click, web url visited, email (if legally asked to do so) etc. etc. having an anonymized ID is nice perk for the end user . . . but, as an administrator if HR gets involved, we can always tie that ID to the actual user ID. I guess my point being, I think the corporate entities you are discussing are more in the retail and social media arena? Here in the glamorous manufacturing sector we are striving to take user privacy pretty seriously, albeit it is driven by legal developments and requirements.

Expand full comment