Author here. Wrote this after watching Lapsus$ post the Mercor archive on their leak site earlier this month. The thing that struck me is the combination: voice samples paired with ID document scans. Most breaches leak one or the other. This one ships a deepfake-ready kit. Tried to keep the writeup practical: what an attacker can actually do with this combo (banking voiceprint bypass, Arup-style video calls, insurance fraud), and a 5-step checklist for the contractors who were in the dump.
Happy to discuss the forensic detection side. AudioSeal
watermarks, AASIST anti-spoofing, and how the detection landscape changes
once voice biometrics start leaking at scale.
davsti4 · 2026-04-27 14:30:26 UTC
Interesting - thanks for the rabbit hole today. ;)
Mercer hasn't released many public statements over the incident. Social media posts aren't necessarily public; but I did find this breach notification sample filed with CA - https://oag.ca.gov/ecrime/databreach/reports/sb24-621099 . I guess we'll see if our legislators finally take data privacy seriously.
caminante · 2026-04-27 16:06:01 UTC
Didn't this happen three weeks ago?
Mercor has definitely released statements with boilerplate "investigations are underway."
noir_lord · 2026-04-27 20:36:33 UTC
HSBC offered voice verification years ago and I just laughed and said nope.
I don’t even use biometrics on apple devices, I use a 6 digit pin.
It was always a stupid idea.
The thing about been willing to trade convenience for security is you get called paranoid and then when the other shoe does drop and you are still doing that you still get called paranoid for the current thing you are not doing that “everyone does”.
pavelstoev · 2026-04-28 04:06:13 UTC
Paraphrasing Franklin and Churchill, those who trade some security for some convenience may soon find themselves possessed of neither at all.
latexr · 2026-04-28 09:12:37 UTC
> I don’t even use biometrics on apple devices
Assuming Apple is truthful on this matter (so far it seems so), Apple devices store a mathematical representation of the data, not the data itself (i.e. not a picture of your finger) and keep it only on device on a special hardware section designed for extra security. When apps ask for authentication, they can never inspect the data, they can only ask “does this match?”.
Even if you were somehow able to exfiltrate the data and find some way to transform it for something nefarious, you’d still need to first attack and bypass a specific hardware feature of the target’s device.
So sure, not having any representation of the data anywhere is technically more secure (maybe, as typing your code could be intercepted by a shoulder surfer or a camera), but biometrics on Apple devices are fundamentally not the same as having your raw data available on a random server somewhere.
gf000 · 2026-04-28 09:47:13 UTC
Also, given how many times you enter a 6-digit number over a day, it's absolutely trivial to steal it. Let alone basic patterns people use, smudges etc.
In the use case of a mobile phone, apple's face id absolutely improves security several-fold.
noir_lord · 2026-04-28 14:13:43 UTC
I broadly trust apples stance on all of that.
I can however revoke a 6 digit pin at any time, my fingerprints and/or face not so much.
So entirely for me, the balance is use a pin, I understand that different people feel differently and that is entirely their choice as it should be.
Zetaphor · 2026-04-28 04:41:44 UTC
> Self-audit your public audio footprint. Search YouTube, podcast directories, and old Zoom recording
This is suggestion #1 on your list of remediation steps for victims, but you didn't provide any information on how anyone would actually do that. How exactly would I search the internet for copies of my voice?
Please don't tell me the solution is giving an embedding of my voice to another third party.
Oravys · 2026-04-28 08:25:49 UTC
Great question. There's no "reverse voice search" yet the way there is for images — that's genuinely a tool the world needs. In the meantime, the most useful thing is searching your name across YouTube and podcast platforms to map out what's already public. And for Mercor contractors specifically, the California AG
breach notice gives you a solid legal basis to request full deletion. Worth doing today.
sillysaurusx · 2026-04-28 08:35:56 UTC
Note, this comment and your other one (https://news.ycombinator.com/item?id=47931838) were autokilled by HN, because it (rightly) detected that you're using AI to write your comments. I vouched this one to unkill it before I realized it was AI and supposed to be dead. I unvouched it, but your comment's still alive. So now I'm leaving a note saying mea culpa, and to suggest not using AI in your comments unless you want to be autokilled.
whatisthiseven · 2026-04-28 11:18:41 UTC
Thanks for saving me the tokens.
BiteCode_dev · 2026-04-28 08:28:33 UTC
One more data point for why sueing companies should lead to CEO getting prison time as well. And ideally invent some kind a of equivalent of pruson for non human persons like organisations.
Because right now the incentive to do what's right are so low. Taking a risk with other's people lives is becomming the norm for companies.
eqvinox · 2026-04-27 13:22:36 UTC
The only data that cannot be stolen or leaked is data that doesn't exist. Hard lesson for both users and companies.
Germans (because of course) have a word for this: "Datensparsamkeit". Being frugal with your data.
wlesieutre · 2026-04-27 13:36:27 UTC
I miss the pre-LLM days when you could make a decent argument that having any unnecessary data was just a liability. Now all anybody thinks is “more data for the AI!”
CincinnatiMan · 2026-04-27 13:44:12 UTC
Were you not around for the Big Data heyday a decade ago?
varispeed · 2026-04-27 13:52:58 UTC
Until thumb drives became large enough to fit most datasets it stopped becoming Big Data. Just normal data.
ffsm8 · 2026-04-27 14:46:58 UTC
We have thumb drives that can store petabytes of data?
Or did you mean the "big data" crowd which thought 500GB was noteworthy? I don't think anyone took those serious, neither in 2010s nor now. That was always "small" data
varispeed · 2026-04-27 14:50:46 UTC
Most companies using term "big data" had datasets in TB region. One company I had a gig at had full Hadoop cluster setup and their whole dataset was 40GB. Their marketing had all the big data adjacent keywords over the brochures for clients.
gf000 · 2026-04-28 09:53:01 UTC
That's a decent quality 3 hours movie :D
butlike · 2026-04-27 14:59:54 UTC
> We have thumb drives that can store petabytes of data
We do?
ffsm8 · 2026-04-27 15:06:20 UTC
Please provide a link.
BizarroLand · 2026-04-27 16:26:07 UTC
You would need 4 and change of these 245tb Kioxias to hold 1 petabyte, and an entire server grade computer to run them.
It was a question that you've edited out the punctuation. You're asking the exact same thing as the person you've replied
0x457 · 2026-04-27 17:27:10 UTC
My rule of thumb was "can it fit in RAM on a server?" If it can, then it's not big data.
500GB is in the "fits" category.
gf000 · 2026-04-28 09:52:13 UTC
You can quadruple that and could still fit in server RAM
0x457 · 2026-04-28 20:55:32 UTC
Correct, and until then it won't be "big data"
jmalicki · 2026-04-27 15:14:38 UTC
To some degree IMO big data is still a mindset when it might take a day to process your data in a normal SQL query. Some tech doesn't scale to the data size for all use cases, and you need different solutions.
ToucanLoucan · 2026-04-27 14:46:43 UTC
Hell you mean a decade ago? I still see businesses running losses left right and center saying that they're gonna monetize user data, any day now.
Related "monetizing user data" seems to just mean ads. Ads on everything, forever, until the userbase gets fed up and moves to a new service that definitely won't do that, and the cycle repeats about every 3 years.
citrin_ru · 2026-04-27 13:56:06 UTC
Data hoarding predates LLMs. There where other machine learning methods which also needed data for training.
Forgeties79 · 2026-04-27 14:09:10 UTC
“Before LLM’s there was_____”
I see this whenever an LLM’s impact is assessed. We know. The issue is scale and the ability for smaller and smaller groups (down to individuals) to execute at scale.
Fake news always existed. Now one dude in India can flood multiple sock puppet media accounts with right wing content/images (actual example) at a scale previously unimaginable.
dpoloncsak · 2026-04-27 14:29:44 UTC
Do LLMs require that much more data than the tradional ML approaches we've seen over the years?
sigmoid10 · 2026-04-27 14:39:43 UTC
Yes. This is pretty well established. Neural networks in general are considerably less sample-efficient than traditional ML methods. The reason they became so successful is that they scale better as you increase training data and model size. But only with modern compute power they became useful outside of academic toy model applications.
Forgeties79 · 2026-04-27 16:27:54 UTC
That’s not the issue I’m hitting here primarily but yes.
My concern is that I can open up chatGPT and even with a free, “anonymous” account run an assembly line generating tens of thousands of words a day to pump to Twitter that are good enough to prop up multiple fake accounts and cause mayhem.
Now make it thousands of people like me doing it. Now add funding and political orgs. Add company leadership that turns a blind eye so long as it drives engagement. This scale and pipeline wasn’t possible 5 years ago, even if we clearly see the throughline.
I’m not even getting into fake images either. That used to require some know how. There are basically no hurdles and even if most people learn it’s fake, millions likely won’t. If you’re a little lucky, less scrupulous “news” outlets will amplify it for you as well for free.
b00ty4breakfast · 2026-04-27 14:38:32 UTC
I really hate this when it's something negative that humans also do. It's like, yeah, people do do that, but why are we automating {negativeTrait}?
Forgeties79 · 2026-04-27 21:39:26 UTC
Unfortunately the answer is usually people just want to hand wave away the critique for one reason or another. “People already do that” is an easy truism for stifling discussion.
ToucanLoucan · 2026-04-27 14:50:06 UTC
> Now one dude in India can flood multiple sock puppet media accounts with right wing content/images (actual example) at a scale previously unimaginable.
I have the faintest possible hope that such things are going to be the death knell of social media. Yeah a lot of credulous idiots are happily giving AI thirst traps their money for stroking their confirmation bias, but that's just who's left at this point. It feels like every social media app I use is gradually bleeding users who aren't hopelessly addicted to the dopamine treadmill, because what's left is just plain unappealing to them, which selects for the people who are most vulnerable to AI shit, which is far from ideal, but also means those platforms are comprised ever more of that vulnerable population and nobody else. And the problem with all these businesses going through that is without a diverse, growing audience, you just become InfoWars, slinging the same slop to the same people every day, and every ounce of said slop is great for what's left of your audience, but absolute garbage for getting anyone new in it. And it just goes on that way until you sputter out and die (or harass the wrong group of parents I guess).
I wish all social media sites a very haha die in a fire.
dpoloncsak · 2026-04-27 15:44:49 UTC
Mate you're on a social media site right now that often has AI-generated content displayed at the top of whats "trending". Sure the general user-base does a better job here flagging that sort of stuff, as AI seems to be a shared interest in much of the community, but it still sneaks it's way by
Forgeties79 · 2026-04-27 19:48:37 UTC
You’re technically right but I think we can all agree HN is significantly different from the major players. The vast majority of us see the same posts and comments, for starters. The churn of posts is also much slower. You log on 2-3 times spread out in a day and you see 90% of the main posts. Top posts linger for 24-48hrs regularly.
No media uploading, memes are few and far between (usually punished), etc.
hdndjsbbs · 2026-04-27 15:34:42 UTC
10+ years ago companies were hoovering up data for ML - trying to find correlations in high-dimensionality data. Mostly the results were garbage but occasionally you hit on a real, unexpected phenomenon.
Nowadays you just throw all the data into a black box and believe whatever it says blindly.
hiccuphippo · 2026-04-27 14:45:12 UTC
Data that is publicly available also can't be stolen or leaked. Nobody can steal Mozilla's common voice dataset.
littlecranky67 · 2026-04-27 14:46:53 UTC
Data can never be stolen, because it is not a physical thing. Data can be copied, and it can be erased - sometimes both happens at the same time. Data can be lost, that is when its last existing copy was erased.
altruios · 2026-04-27 14:52:59 UTC
pedantic and true. What was stolen was not data, but future revenue based on exclusive access to that data.
gblargg · 2026-04-28 08:34:26 UTC
Pedantic and relevant. If they lost the voice samples, they wouldn't have it for training new models. If they were copied, then they have lost nothing in terms of training.
Peritract · 2026-04-27 14:53:52 UTC
The use of "steal" for non-physical things pre-dates the use of "data" in the modern sense [1]. Policing language incorrectly is not reasonable.
I don't know if it's the reason you imply. In the 70s, there were big debates in Germany about privacy and data storage. They spoke of one's data shadow (Datenschatten). I suspect this word comes from that tradition. The reason the word exists would then be the reflection (Verwaltigung) on WW2.
mrsvanwinkle · 2026-04-27 14:53:03 UTC
Love it, also love how Datenschatten can also imply that it disappears when someone shines light on it
reactordev · 2026-04-27 14:56:39 UTC
If only our past 20 year old self data could be so ephemeral…
Who doesn’t want that old post going extinct forever when they were shit faced outside of a bar in Nashville but now they are in their mid-life and are “respectable” members of society.
theptip · 2026-04-27 14:55:57 UTC
The Stasi would be the obvious cultural context.
In the US of course the government buys this sort of information legally from corporations.
Swizec · 2026-04-27 15:07:16 UTC
> The Stasi would be the obvious cultural context.
There is also the rather famous example of how earlier census data was used in the 40’s.
Once the government has your data, they have it. The next generation of representatives may not follow all the same rules and norms
RobotToaster · 2026-04-27 15:31:29 UTC
The stasi could only dream of the kind of surveillance the NSA et al has today.
throwaway173738 · 2026-04-28 04:25:52 UTC
Or Facebook or Equifax.
tgv · 2026-04-27 18:22:11 UTC
The West-German debate in the 70s came from the realization that the sheer size of the Holocaust/Shoah was in no small degree due to bureaucratic record keeping. Storing someone's ethnicity is potentially dangerous for that person.
xenocratus · 2026-04-27 14:58:27 UTC
I took the "because of course" to be about having a word for everything - a stereotypical idea about the German language.
dragontamer · 2026-04-27 15:01:25 UTC
There's also the other implication that the (East) Germans were Soviet just 35 years ago.
But yes. We Americans know Germans more for their silly big words. But statements like that can be misinterpreted as the German perspective of themselves doesn't quite match the American stereotypes.
microtonal · 2026-04-27 16:53:58 UTC
East Germany was not Soviet. Under influence/control of the Soviets, yes, but not part of the Soviet Union.
eqvinox · 2026-04-27 17:36:07 UTC
I was implying all 3 of the above:
- we learned the hard way that data will be used to kill people, during the Nazi regime
- we learned it again in the GDR with the Stasi being a little less obvious but still ruining people's livelihoods
- and German comes up with compound words for such things
yreg · 2026-04-27 20:56:41 UTC
That's like saying that English (because of course) is able to describe the concept by a combination of words.
greycol · 2026-04-27 21:24:19 UTC
My understanding was that it was more that words can be concatenated into new words in German which is not so much a stereotype as more a misunderstanding of fact. I.e. You wouldn't think much about something like enjoyable-comuppence but schadenfreude looks more impressive without the hyphen.
gf000 · 2026-04-28 09:50:54 UTC
I would argue it's not the exact same thing. Sure, when overdone then you would get the same. But the way it is, commonly used concatenated words are words, not just hyphenated words. They are used as words and without an extra though people don't parse them into separate parts, unlike they do with a list of words with hyphens.
E.g. you don't think of firefighter as fire-fighter in ordinary usage.
Centigonal · 2026-04-27 16:29:27 UTC
Germany resisted Google Street View until 2023, which was something I thought was very impressive.
cyanydeez · 2026-04-27 17:17:04 UTC
Yeah, so Germany had a ton of secret police files and of course learned very well what happens when a bunch of people start collecting dossiers.
So yeah, of course they've developed that type of distrust. Americans should have also after the 50-60s paranoia of red scare, black people etc. Instead they just spend a few decades building a anti-social state.
maxweylandt · 2026-04-28 15:00:49 UTC
> Verwaltigung
is not a word -- I think you mean Vergangenheitsbewältigung?
> The only data that cannot be stolen or leaked is data that doesn't exist. Hard lesson for both users and companies.
Except no company is learning this lesson.
The enterprise threat model includes "our own users", and the modus operandi is to maintain as much information on that threat as possible.
coolkewlcuil · 2026-04-27 15:58:22 UTC
The only winning move is not to play.
__alexs · 2026-04-27 15:59:23 UTC
Seems a bit like blaming the victim? Your voice (like DNA) is kind of ambient data that's hard to hide.
dhosek · 2026-04-28 02:43:17 UTC
Or you could put it in a box with no connection to the internet.
Introducing… The Hooli Box!
dnnddidiej · 2026-04-28 08:26:32 UTC
Do Germans have lots of words or just a lack of spaces?
jacquesm · 2026-04-27 13:31:58 UTC
You could have seen this coming a mile away. So far I have gotten away with never uploading my ID and/or interacting with one of those companies (though one idiot working for some VC thought it was ok to sign a document on my behalf by uploading my signature!!, never mind a bit of fraud) but it is getting harder and harder. Banks and in some cases even governments forcing you to send data to these operators is a very bad idea. But hey, who ever got hurt by some security theater?
I've had to open a bank account for a company here a few years ago and that was right on the bubble of this happening and they still had an option to come by in person with the proper documentation, which I did, now it is all outsourced.
These companies are the fattest targets and they're run by incompetents. You should assume that anything you give them will eventually be part of some hack.
Schlagbohrer · 2026-04-27 14:38:18 UTC
Tell us more about that fraud story! Was the person your attorney or accountant? Or just some "smart" person who decided to wisely save time by doing fraud?
jacquesm · 2026-04-27 15:50:17 UTC
It was a fund administrator. I still find it unbelievable that they would so casually do this. And yes, they thought they were very smart... and helpful too...
hiccuphippo · 2026-04-27 14:53:08 UTC
Why is the ID a hidden secret that can be used for anything regarding security in the first place?
jacquesm · 2026-04-27 15:52:39 UTC
Because historically that's how it worked, but officials just looked at the document and verified that it was the real thing. Then photocopiers came along and it became normalized to take copies of the documents. Then digital copies happened and that changed things completely when coupled with networking technology. What the officials in charge don't seem to understand is that by making digital copies in networked environments the IDs themselves lost their value completely, after all if the digital copy serves any purpose at all as a stand-in for the original then they have become that original.
josefritzishere · 2026-04-27 13:32:00 UTC
This kind of event is the best argument against needless data hoarding. But it would help if the law better provided for some kind of consequences for negligence.
VladVladikoff · 2026-04-27 13:37:33 UTC
Man that’s pretty shitty that Mercor tricked 40k contractors, and then did a poor job of securing their data. There should be stronger consequences for stuff like this.
throwa356262 · 2026-04-27 14:45:32 UTC
What happens now is that a lot of clueless CTO that didn't know about this company now know it's name. So the outcome of this mess is probably more business for Mercor
I mean, just look at what happened to Crowdstrike....
yunyu · 2026-04-27 17:11:02 UTC
Mercor has around 5 customers that make up 95% of its revenue. Anybody who needs to know about them already does.
interludead · 2026-04-27 20:22:34 UTC
At minimum, collecting voiceprints should come with much stricter consent, retention and security requirements than ordinary "training data"
Havoc · 2026-04-27 13:43:02 UTC
I love how the check if your affected involves giving a voice sample to whatever the fuck that website is
2ndorderthought · 2026-04-27 14:57:04 UTC
It's like those have been owned websites. Where you type in your name email and they grab your IP location and anything else to sell it off.
throw0101c · 2026-04-27 13:43:11 UTC
"My voice is my passport. Verify Me."
:)
java-man · 2026-04-27 14:27:40 UTC
HSBC did that. I could never understand that - the exact phrase was in the movie!
NitpickLawyer · 2026-04-27 14:36:15 UTC
Someone probably did it for an internal demo, as a joke. Then people pushed it upwards, until someone clueless approved it.
deltoidmaximus · 2026-04-27 15:42:46 UTC
Fidelity seemed to sign you up for this when you called them on the phone almost automatically. Ridiculous since it was defeated easily in a hacker movie from the 1990s using a tape recorder.
brewdad · 2026-04-27 16:43:34 UTC
Much cleaner than keeping a finger on you to bypass the print reader.
amarcheschi · 2026-04-27 13:49:55 UTC
I've been doing similar things on a different platform because as a uni student the pay is kinda nice, but I limit myself to task without voice/video and just input from mouse/keyboard to do reinforcement learning/data tagging. No way I'm trusting these companies or the companies they contract the work with
embedding-shape · 2026-04-27 14:05:09 UTC
I wonder how many of the current text-to-speech ML models have large parts of leaked or "stolen" data in their training data? Almost none of the TTS releases seem to talk about exactly where they get their training data from, for some reason. I also wonder if we'll see an explosion in SOTA TTS in ~6 months from now.
Comments
Mercer hasn't released many public statements over the incident. Social media posts aren't necessarily public; but I did find this breach notification sample filed with CA - https://oag.ca.gov/ecrime/databreach/reports/sb24-621099 . I guess we'll see if our legislators finally take data privacy seriously.
Mercor has definitely released statements with boilerplate "investigations are underway."
I don’t even use biometrics on apple devices, I use a 6 digit pin.
It was always a stupid idea.
The thing about been willing to trade convenience for security is you get called paranoid and then when the other shoe does drop and you are still doing that you still get called paranoid for the current thing you are not doing that “everyone does”.
Assuming Apple is truthful on this matter (so far it seems so), Apple devices store a mathematical representation of the data, not the data itself (i.e. not a picture of your finger) and keep it only on device on a special hardware section designed for extra security. When apps ask for authentication, they can never inspect the data, they can only ask “does this match?”.
Even if you were somehow able to exfiltrate the data and find some way to transform it for something nefarious, you’d still need to first attack and bypass a specific hardware feature of the target’s device.
So sure, not having any representation of the data anywhere is technically more secure (maybe, as typing your code could be intercepted by a shoulder surfer or a camera), but biometrics on Apple devices are fundamentally not the same as having your raw data available on a random server somewhere.
In the use case of a mobile phone, apple's face id absolutely improves security several-fold.
I can however revoke a 6 digit pin at any time, my fingerprints and/or face not so much.
So entirely for me, the balance is use a pin, I understand that different people feel differently and that is entirely their choice as it should be.
This is suggestion #1 on your list of remediation steps for victims, but you didn't provide any information on how anyone would actually do that. How exactly would I search the internet for copies of my voice?
Please don't tell me the solution is giving an embedding of my voice to another third party.
Because right now the incentive to do what's right are so low. Taking a risk with other's people lives is becomming the norm for companies.
Germans (because of course) have a word for this: "Datensparsamkeit". Being frugal with your data.
Or did you mean the "big data" crowd which thought 500GB was noteworthy? I don't think anyone took those serious, neither in 2010s nor now. That was always "small" data
We do?
https://www.tomshardware.com/pc-components/ssds/kioxia-unvei...
Or 250 of these ~$400 4tb flash drives and an insane number of dongles to connect them all:
https://www.slashgear.com/1847725/largest-usb-thumb-drive-hi...
500GB is in the "fits" category.
Related "monetizing user data" seems to just mean ads. Ads on everything, forever, until the userbase gets fed up and moves to a new service that definitely won't do that, and the cycle repeats about every 3 years.
I see this whenever an LLM’s impact is assessed. We know. The issue is scale and the ability for smaller and smaller groups (down to individuals) to execute at scale.
Fake news always existed. Now one dude in India can flood multiple sock puppet media accounts with right wing content/images (actual example) at a scale previously unimaginable.
My concern is that I can open up chatGPT and even with a free, “anonymous” account run an assembly line generating tens of thousands of words a day to pump to Twitter that are good enough to prop up multiple fake accounts and cause mayhem.
Now make it thousands of people like me doing it. Now add funding and political orgs. Add company leadership that turns a blind eye so long as it drives engagement. This scale and pipeline wasn’t possible 5 years ago, even if we clearly see the throughline.
I’m not even getting into fake images either. That used to require some know how. There are basically no hurdles and even if most people learn it’s fake, millions likely won’t. If you’re a little lucky, less scrupulous “news” outlets will amplify it for you as well for free.
I have the faintest possible hope that such things are going to be the death knell of social media. Yeah a lot of credulous idiots are happily giving AI thirst traps their money for stroking their confirmation bias, but that's just who's left at this point. It feels like every social media app I use is gradually bleeding users who aren't hopelessly addicted to the dopamine treadmill, because what's left is just plain unappealing to them, which selects for the people who are most vulnerable to AI shit, which is far from ideal, but also means those platforms are comprised ever more of that vulnerable population and nobody else. And the problem with all these businesses going through that is without a diverse, growing audience, you just become InfoWars, slinging the same slop to the same people every day, and every ounce of said slop is great for what's left of your audience, but absolute garbage for getting anyone new in it. And it just goes on that way until you sputter out and die (or harass the wrong group of parents I guess).
I wish all social media sites a very haha die in a fire.
No media uploading, memes are few and far between (usually punished), etc.
Nowadays you just throw all the data into a black box and believe whatever it says blindly.
[0] https://www.opensourceshakespeare.org/views/plays/play_view....
[1] https://www.etymonline.com/word/data
I don't know if it's the reason you imply. In the 70s, there were big debates in Germany about privacy and data storage. They spoke of one's data shadow (Datenschatten). I suspect this word comes from that tradition. The reason the word exists would then be the reflection (Verwaltigung) on WW2.
Who doesn’t want that old post going extinct forever when they were shit faced outside of a bar in Nashville but now they are in their mid-life and are “respectable” members of society.
In the US of course the government buys this sort of information legally from corporations.
There is also the rather famous example of how earlier census data was used in the 40’s.
Once the government has your data, they have it. The next generation of representatives may not follow all the same rules and norms
But yes. We Americans know Germans more for their silly big words. But statements like that can be misinterpreted as the German perspective of themselves doesn't quite match the American stereotypes.
- we learned the hard way that data will be used to kill people, during the Nazi regime
- we learned it again in the GDR with the Stasi being a little less obvious but still ruining people's livelihoods
- and German comes up with compound words for such things
E.g. you don't think of firefighter as fire-fighter in ordinary usage.
So yeah, of course they've developed that type of distrust. Americans should have also after the 50-60s paranoia of red scare, black people etc. Instead they just spend a few decades building a anti-social state.
is not a word -- I think you mean Vergangenheitsbewältigung?
https://en.wikipedia.org/wiki/Vergangenheitsbew%C3%A4ltigung
Except no company is learning this lesson.
The enterprise threat model includes "our own users", and the modus operandi is to maintain as much information on that threat as possible.
Introducing… The Hooli Box!
I've had to open a bank account for a company here a few years ago and that was right on the bubble of this happening and they still had an option to come by in person with the proper documentation, which I did, now it is all outsourced.
These companies are the fattest targets and they're run by incompetents. You should assume that anything you give them will eventually be part of some hack.
I mean, just look at what happened to Crowdstrike....
:)
Even have a nice UI on top.
https://voicebox.sh/