I assume you mean the battery would have to be replaced free of charge. But what if I don't want to hand over a computer full of my personal data to a corporation with no oversight of how it will be handled? What if I can't afford to part with that computer?
I would be stuck with having to replace that battery on my own since I don't want to risk giving physical access to my computer to untrusted parties.
There needs to be a different way to handle this. For example, send me a new battery and the tools needed to replace it, with monetary compensation if certain features would be lost, like waterproofing. Or something else - not sure. But I don't believe in the honor of the people who would service my computer.
> hand over a computer full of my personal data to a corporation
I'm equally paranoid, so I back up and wipe any device I hand in for repair.
> What if I can't afford to part with that computer?
No perfect answer for this, but I've always kept my last phone in a drawer in case my current phone breaks. It's saved me a couple of times. Maybe not everything works, but basic calls and texts always have, and I can use a browser for banking and other "complicated" stuff for a few days.
I'm OK if the perfect doesn't get in the way of the good - both personally, and in this sort of legislation.
Without sufficient technical information on how the computer works and without root access, we can't be certain a "wipe" will actually wipe everything.
For malware that could be inserted in a targeted manner, even with desktop computers we don't have access the every firmware of every part.
When we're talking about mobile "phones", we usually have an interface that tells us "sure, it's wiped", but is it? Without full root to every part of it, can you be certain that it is? When you press "wipe" on an iPhone or a closed Android flagship (or whatever the UI is), what happens exactly on the filesystem that you can't even access fully?
Telling people to hand over their devices willy-nilly is far from "good". We shouldn't settle for this. The hardware companies can ship us the tools to replace the battery ourselves. Maybe not "ourselves" - my aunt can ask me to do it for her if she can't do it on her own. But she trusts me more than she does people she's never seen ever. If the tools are expensive, we can ship them back. There are many options so we should discuss them.
Fair points. I've never owned anything but (rooted) Androids, or (now) GrapheneOS. I don't know if that makes me more paranoid than you are or not; I am, however, much less afraid of a wipe that's not a wipe!
Not everyone has someone with technical skills in their family, so making policy that fits only that minority doesn't make sense to me. The majority will, as you say, "hand over their devices willy-nilly".
I'd rather pursue this as a two-part problem: get the best accommodation we can for hardware, and also impose (very, very) strict data-privacy rules. Trying to do too much at once risks accomplishing too little.
> I am, however, much less afraid of a wipe that's not a wipe!
I don't remember, but there was a story about deleted photos on iPhones resurfacing by mistake. Or deleting a file on Windows or Linux most likely removes the entry for that file, not the contents of the file itself. Or the "quick" format or whatever it was called in Linux. Or not being able to delete everything from an SSD because it moves things around and deallocates some regions. But even if a wipe is a wipe, a random employee is more likely to insert a hardware or firmware malware targeted to someone than the company is likely to insert just malware to every computer sold. Using "paranoid" in this case implies that there aren't many people with actual secrets to keep who could be targeted.
> Not everyone has someone with technical skills in their family, so making policy that fits only that minority doesn't make sense to me. The majority will, as you say, "hand over their devices willy-nilly".
Sure, offer both options then. Also, notwithstanding the fact that
I agree with offering both options, not having technical skills should be frowned upon. Everything is computers. Not knowing (someone who knows) how to use a screwdriver or a heat gun is inexcusable.
> I'd rather pursue this as a two-part problem: get the best accommodation we can for hardware, and also impose (very, very) strict data-privacy rules.
Data privacy rules don't accomplish much when the adversary doesn't care about rules. Reminds me of the "We don't have any criminals in Sweden because it's a crime to break the law" meme.
> Trying to do too much at once risks accomplishing too little.
I assume you mean the battery would have to be replaced free of charge. But what if I don't want to hand over a computer full of my personal data to a corporation with no oversight of how it will be handled? What if I can't afford to part with that computer?
I would be stuck with having to replace that battery on my own since I don't want to risk giving physical access to my computer to untrusted parties.
There needs to be a different way to handle this. For example, send me a new battery and the tools needed to replace it, with monetary compensation if certain features would be lost, like waterproofing. Or something else - not sure. But I don't believe in the honor of the people who would service my computer.