eBay is updating its privacy policy, effective next month (2025-04-27). The major change is a new section about AI processing, accompanied by a new user setting with an opt-out checkbox for having your personal data feed their models.

While that page specifically references European areas, the privacy selection appears to be active and remembered between visits for non-Europe customers. It may not do anything for us at all. On the other hand, it seems nearly impossible to find that page from within account settings, so I thought I'd post a direct link.

I'm well aware that I'm anomalous for having read this to begin with, much less diffed it against the previous version. But since I already know that I'm weird, and this wouldn't be much of a discussion post without questions:

• How do you stay up to date with contract changes that might affect you, outside of widespread Internet outrage (such as recent Firefox news)?
• What's your threshold -- if any -- for deciding whether to quit a company over contract changes? Alternatively, have you ever walked away from a purchase, service, or other acquisition over the terms of the contracts?

This is a topic I keep revisiting. It's constantly evolving, with new laws in different parts of the world happening pretty often. And also there's a lot of grey area with vague or incomprehensive language that hasn't yet been tested in courts.

I recognize that it's a bit of a niche topic, but I think there are a lot of us at Tildes who have to think about it. After all it potentially impacts anyone maintaining or building a non-platform web presence. It also applies to less obvious things like running an advertising campaign that involves media requested from a server you control (which can therefore potentially log requests).

For my part, I've needed to research laws relating to PII in order to come up with policies and practices in various contexts. In broad strokes it's pretty simple but as you get into details what I continue to find is that there are a lot of conflicting opinions both from professionals and lawyers. A lot of it is still open to interpretation.

I'm wondering what kinds of experience other tildenauts have around data protection and PII? Have you implemented solutions? Do you wonder about it for your own websites? Have you been involved with it at companies where you've worked? Do you have questions about it?

Hi all,

I have been tasked with the gargantuan task of understanding and eventually implementing what is effectively turning our database into an all-knowing human.

What they want at the base level is to be able to open up a chat bot or similar and ask "where can I put an ice cream shop in <x region of our portfolio>?" And the result should be able to reason against things like demographics in the area, how many competing ice cream shops are in the area, etc.

They also want it to be able to read into trends in things like rents, business types, etc., among many other "we have the data, we just don't know how to use it" questions.

You may be sitting there saying "hire a data analyst" and I agree with you but the ai bug has bitten c-level and they are convinced our competition has advanced systems that can give this insight into their data with a snap of a finger.

I don't know if this is true but regardless, here I am knee deep in the shit trying to find some kind of solution. My boss thinks we can throw everything into a datalake and connect it to chatgpt and it will just work, but I have my reservations.

We have one large database that is "relational" (it has keys that other tables reference but they rarely have proper foreign keys, this is a corporate accounting software specifically for commercial real estate and was not our design and is 30 years old at this point) and we have a couple of smaller databases for things like brokerage and some other unrelated things.

I'm currently of the opinion that a datalake won't do much for us. Maybe I'm wrong but I think cultivating several views that combine our various tables in a sensible way with sensible naming will help to give AI a somewhat decent chance at being successful.

My first entry point was onelake + powerbi + copilot, but that isn't what they're looking for and it's ridiculously expensive. I then looked at powerbi "q&a" which was closer but still not there. You can do charts and sums and totals etc but you can't ask it introspective questions, it just falls on its face. I don't think it was designed for the type of things my company wants.

I have since pivoted to retrieval augmented generation (rag-ai) with azure openai and I feel like I'm on the right path but I can't get it to work. I'm falling face first through azure and the tutorials that exist are out of date even though they're 3 months old. It's really frustrating to try to navigate azure and fabric and foundry with no prior understanding. Every time I try something I have to create 6 resource group items, permissions left right and center, blob stores, etc, and in the end it just...doesn't work.

I think I'm headed in the right direction. I think I need to make some well formatted views/data warehouses, then transform those into vector matrices which azure's openai foundry can take and reason against in addition to the normal LLM that 4o or o1 mini uses

I tried to do a proof of concept with an exported set of data that I had in a big excel sheet but uploading files as part of your dataset is painful as they get truncated and even if they don't, the vectorizing doesn't seem to work if it's not a PDF or image etc.

I need to understand whether I'm in the right universe and I need to figure out how to get this implemented without spending 10 grand a month on powerbi and datalakes that don't even work the way they want.

Anyone got any advice/condolences for me? I've been beating my head against this for days and I'm just overwhelmed by all the buzz words and over promises and terrible "demos" of someone making a pie chart out of 15 records out of the contoso database and calling it revolutionary introspective conversational AI

I'm just tired 😩

I think most people would agree that the internet and technology in general have absolutely gone to shit over the past decade or so. There is no corner of the internet nor of the software world that hasn't been affected by enshittification. Everything exists to serve you ads. Everyone wants to extract as much money from you as possible. Every website is in a race for the bottom as they try to find the lowest effort content that makes them the most money. Every piece of software is pushed out half-baked and/or stripped down to the bare minimum with the rest paywalled or with the devs pinky promising to fix it 5 updates down the road.

Every social medium is just bots. The front page of Reddit is easily 35% easily detectable bots at least and who knows what the rest is comprised of. And it's probably the one that's doing the best at the moment, Facebook, Twitter, Instagram, Tiktok, all of them are just bots and propaganda and engagement farming the whole way down. And the worst thing is, they're complicit. Hell, they're actively encouraging it and trying to find ways to make it worse. And I have no doubt Reddit will bend the knee soon enough too (they just banned /r/whitepeopletwitter because Musk made a tweet critical of the sub).

There's probably some element of rose-tinted glasses here, but the old internet was just so much better looking back. Like, early 2000's to maybe 2012, 2013 or so, that was the peak. No colossal data harvesting schemes feeding into algorithms designed to keep you engaged on their site 24/7 for the purpose of shilling you advertisements and selling your data, no mass propaganda, no Dead Internet Theory (which can hardly be considered a theory anymore). Yeah there was shit content, there was tons of it, but I can deal with shit content and petty forum drama and whatnot; what I can't deal with is all the multi-billion dollar corporations trying to shape the entire landscape of the Web into the perfectly minmaxxed cash-generating machine that does as little as possible for as much data and advertising as possible.

Modern software isn't much better. Windows and MacOS are filled with anti-user features, telemetry you just can't turn off, Windows will often just install shit on your computer without telling you. They turn your computer into a walled garden, where you can do what you want as long as you play by their rules, but without giving you any real control over what your computer does. Yeah you can delete system files and brick your laptop if you feel like it, but anyone who's ever tried to permanently disable Windows updates will know that in the end you're not the one calling the shots: Microsoft are. And... Like, that's insane, right? It's running on my fucking computer, it's my CPU doing the work, I want to know what the hell it's doing and not just the parts it lets me see, and if I want it to do something different then I should be able to make it so.

I hate it all. I'm tired. I want out.

These are my problems. Here's what I've done about it so far.

• Obsessive privacy on the web. No Google services. Firefox with as much telemetry turned off as possible. Protonmail and ProtonVPN for everything (and I'm considering getting out of those too with the pro-Trump stances they've been taking recently). As minimal an online footprint as I can get, I make as few accounts as possible and I don't use shared or even slightly related usernames (my username here is an exception as it's my Reddit username, and no, it's not my real name), I delete accounts whenever I can and I GDPR request the services afterward. Virtual cards for online payments as much as possible. Will probably make a Javascript whitelist at some point too. Is all of this overkill? Yes. Why do I bother? Because fuck them.

• As little social media presence as possible. Real life necessitates some amount of social media interaction of course, I have Facebook and Instagram but use them exclusively for messaging. I often see people excluding Reddit from social media but I don't fully agree, even if it's not exactly in the category it still targets a lot of the same psychological weak points in us, encouraging doom scrolling and shaping our opinions through echo chambers and propaganda (it's always important to remember that echo chambers and propaganda you agree with are still echo chambers and propaganda). I still use Reddit admittedly, but I've tried to minimise my usage as much as possible and I'm shopping for alternatives.

• Free and Open Source software as much as possible. I'm all in on GNU these days. Yes, it's a massive pain in the ass. My job unfortunately requires some Windows-only software so I'm running a dual partition but I'm trying to get as much of my computer usage onto Linux as possible (I use Arch btw). Like I said above, it's my computer, if I can't control what it's computing then it stops being my computer, it's at best shared between me and all the developers of the proprietary software I have installed on it.

That's my rant. It's been a long time coming.

There are still things I'm looking to change, especially with how I use the internet. Getting rid of Reddit is the next big step for me, I think. I just can't be bothered with it anymore, but there is still something about it that I love, every time I look through a small niche topic community, or an interesting new hobby sub I've never seen before with years of cool posts for me to go through. And yeah, I do still enjoy browsing through /r/all even when it's 80% shit and objectively bad for my mental health. But at this point the overwhelming mass of utter shit is just not worth digging through anymore. I'm tired.

Tildes is really cool. It reminds me of the old internet, the ideal usage of the Web. I open the site, I see a link to an interesting article, I read it, I give it a like, I read and/or contribute to the discussion in a comments section. I want more of this.

If anyone has any links to cool sites that I should check out I'd greatly appreciate it.

I was contacted by a recruiter regarding a job in my field but they wanted someone with data analytics skills. I'm taking this as a sign that I should improve my skill set. Does anyone have advice for where or how to start with a very small budget?

Thanks for your help.

I bought an M2 Macbook Air at the start of this year for uni. I only planned to use it for uni work as I have another 'more powerful' laptop that I use for everything else, but I kinda love the M2 and want to make it my daily driver laptop. Battery lasts for ages, screen is great, it's thin and light, etc. The problem is - as you might guess - I only got the 512GB model and if there's one thing Apple hates, it's people having control over their hardware, so no expandable storage. I can't afford to upgrade the entire laptop, so I need to work with what I have. Here's what I want to use it for:

• Graphic design: Adobe software, high-res images, typefaces, etc.
• Music production: Ableton Live 11 Suite, sample packs, plug-ins, project folders, etc.
• Music library: uncompressed .m4a files because iTunes hates Vorbis 😢, ~80% of my library (I don't have everything downloaded yet) is 25GB.
• Web-browsing: Firefox... this one isn't really relevant but I feel like I should include it for completeness.

Does anyone have any tips to stretch this 512GB as faaaaaar as it can go? I have a 2TB external SSD, but I'm wary of keeping anything important on it because it's small and I don't want to accidentally lose a bunch of stuff. I can spend a bit of money (maybe 30usd) if anyone has a good idea that requires buying something, but I can't spend any ludicrous amounts, I already did that to get the laptop!

Hi Tilderinos,

I head up a small startup and we're looking to get some support for our data security. Up until now we've worked with small mom and pops that didn't have any requirements, but a few of our new clients have full data security teams and our infrastructure and policies/protocols aren't up to snuff. We reached out to a few consulting firms and they quotes us between $80-100k to get things set up and run us through a full SOC2 review. As a small company we don't really have that type of budget, more like $40-50k. I stumbled upon Vanta and Drata as alternatives and had meetings with their sales folks last week. Both of their offerings from setting up our protocols to monitoring and getting us through a SOC2 were only $16k.

Are platform based companies like Vanta or Drata enough to get us off the ground while we're still getting set up? Has anyone worked with them before and have any feelings one way or the other? Should we be signing on with a security consulting company - be it at a lower rate if we can negotiate it?
This is all quite new to me and any insight folks here can provide would be incredible useful.