"Another issue with AI scraping that’s overlooked is that it completely fucking hammers the people’s compute resources."
Yes.
Even those of us with a lot of experience in performance tuning -- at the network level, at the web server level, at the OS level, etc. -- are finding that we can't maintain previous service levels without large investments of time and money. Because of the thugs at AI companies.
And even when we do that -- as I did last year when I replaced a server that was working perfectly fine pre-AI-crawlers with one that cost three times as much -- the respite is only temporary. The crawlers effective negated all that money and all the accompanying work in just a few months. Because of the thugs at AI companies.
Other people that I work with, collaborate with, or just correspond with have gone through similar things. A lot of them aren't trying to expand their sites or improve them because they can't -- all of their resources are going into just trying to survive. And just as I discovered, they know that anything they add will just make their sites a bigger target. Because of the thugs at AI companies.
Libraries, museums, archives, and other resources that are perpetually starved for money, places where people work out of dedication to the concept, not because they're going to get rich, are being decimated. Long-standing resources in science and technology are asking for help that they never needed before. Because of the thugs at AI companies.
We don't need new business models, we don't need to nerd harder, we don't need any of that crap. What we need is for the thugs at these AI companies to behave like (at least) minimally decent human beings. There's no tech fix if they don't...
...although there may be a legal one. There are ongoing discussions of a massive class-action lawsuit. It's unclear that'll go anywhere, but I certainly would applaud it, provided it was for at least $1T -- and that, by the way, is likely a serious underestimate of the aggregate cost of all this.
This. Although I'll point out that it's not equivalent to a DDoS attack, it is a DOoS attack.
I've spent decades studying attacks and abuse, and this is one of the worst I've ever seen. It's massive, it's relentless, and the people behind it simply don't care what they destroy. They're using every creative/duplicitous trick in the book to avoid being held accountable and to evade countermeasures. That's why there are all kinds of public and private anti-AI-crawler projects, large and small, that should never have been necessary -- but ARE necessary, because these attacks are knocking sites off the air and costing a lot of people a lot of time, money, effort, lost sleep, and everything else.
Don't blame the victims of the sociopathic greedy thugs at AI companies for this mess. They could have chosen to play in nice in the sandbox, in the spirit of collaboration that we used to build the Internet. But no. They decided to be complete assholes, so they -- and you, and everyone else -- should not be surprised that we've decided not to put up with this nonsense.
Thanks, I'm fairly sure I know how Internet protocols such as SMTP and HTTP work (at least some of the time). But go back to this part of the sentence that I quoted: "[...] it just works.”
That isn't true any more, and I only enumerated some of the ways in which it's not working -- there are a lot more, unfortunately. To give you a few scattered examples: a lot of web sites are under siege from AI crawlers, so they don't "just work" any more; some web sites are hosted by Cloudflare, which has apparently found it expedient to block some less popular browsers outright, so those sites don't "just work" anymore; the combination of SPF/DKIM/DMARC has made forwarding email a gymnastic trick even for people for who know what they're doing, so that doesn't "just work" any more. And so on. A lot of things that were working pretty darn well 5 or 10 or 20 years ago are now being broken at an increasing pace due to [a long list of contributing factors].
"When you use email or browse the web, you don’t worry about which email provider or browser your
friends use – it just works."
That was true. It's not true any more, and yes, you should worry about these things because at an ever-increasing pace, email providers, web browsers, and even operating systems are vacuuming up every piece of data and metadata that they possibly can. Example 1: Gmail now -- by default -- feeds everything to their AI project. Example 2: Firefox collects data and sends it to Mozilla. Example 3: Windows 11 Recall.
It might be tempting to think that this is innocuous -- but it's not. And it might be tempting to believe the posturing by Google, Mozilla, Microsoft, et.al., but that's all it is: posturing. If they at all serious about privacy and security they wouldn't even consider doing these things.
So while I would like to agree with this statement, and many years ago I would have agreed with this statement: that was then. This is now. And now, sadly, it's completely wrong.
As we've seen before, and are seeing now, and will see again, it's quite often the case that the people who claim to have found the keys to saving humanity are some of least humane among us.
Google just painted a target on all of these devices, because now attackers know that any/all vulnerabilities in them won't be fixed. Ever.
Attackers have six months to do reconnaissance and stockpile any exploits they devise...because on 10/26/2025, it's open season.
I'm sure that Google knows this -- well, the engineers certainly do. But apparently management doesn't care that they're turning long-time customers/early adopters into potential victims. "Don't be evil" is a long way in the rear-view mirror at this point.
Back in 1983, when I was writing "junkmail" (subsequently published on Usenet) we had not yet coined the slang term "spam" -- the need hadn't arisen yet. We used terms like "junk mail" and "mass mail abuse" and so on to describe what was then a tiny and isolated problem. (And it was that way because people who engaged in it tended to lose their accounts.)
A little time's gone by, and yet most people, including litigants in these proceedings, do not understand what spam is and isn't. As I've written many times, spam is no more speech than a brick with a note wrapped around it and thrown through a window is publication. Spam is vandalism; it's abuse; it's an attack. The content (if any), the sender, the purpose -- none of things matter.
Unfortunately, many politicians, political parties, and political groups are spammers; and having chosen to be so -- instead of choosing to be responsible and use COI -- they sometimes find themselves blocked or otherwise impacted by mail system defenses. They have only themselves to blame; it would have been trivially easy for them to avoid all of this if only they'd learned and followed decades of best practices.
At no point did I recommend playing whack-a-mole with apps or divestment as possible strategies for dealing with this problem set. In fact, I didn't recommend any strategy for dealing with this problem set, because that's a much longer and far more nuanced discussion. I did note the lack of federal privacy legislation in the US, and I do support such legislation, but that's on general grounds, not because of the specific threat posed by TikTok et.al.
As a general rule, fashioning countermeasures to threats requires understanding them, and of course the more accurate and detailed that understanding, the higher the likelihood that countermeasures derived from it will be appropriate and effective. My point in writing what I did was to note that -- in my opinion -- there is a distinct lack of understanding in play here, because this is a threat qualitatively and quantitatively quite different from the others that are so often discussed here.
First, I'm as baffled and disappointed by all this flip-flopping as any of you. Even allowing for political expediency, it still doesn't make any sense.
Second, you may safely presume that I'm fully aware of the entire data broker ecosystem, the social media ecosystem, and the IoT ecosystem, and the resulting cascade of security and privacy issues. But, and this brings me to:
Third, I think there are some unique aspects to the threat(s) posed by TikTok et.al. that distinguish them from the ones posed by the three groups I enumerated above. For starters, this was carefully engineered by Chinese intelligence -- and they're very, very good at what they do. Also, their design and implementation goals differ markedly from those of the groups I listed above: they're not trying to make a profit in the next six months, they're trying to gain a competitive advantage over the US (and others) by 2050. Third, they have analytical skills are good as anyone else on the planet, and they have truly enormous storage and processing resources at their disposal. The implication of that last sentence is that they can do more with the data they acquire than others -- and that should surprise nobody. Fourth, I think it's more than reasonable to presume that they not only have all the data/metadata they're gathering, but whatever else they want from the three groups I listed above, either because they bought it, hacked it, or scooped it up when it was left wide open in somebody's cloud. A data collection like that is almost certainly unmatched by anyone other than other national intelligence agencies.
There's more, but my point is: this a very different threat model than Facebook or smart fridges or exercise gear or any of the other things we see a constant stream of reports/analysis about. Of course, in a better world, we'd see something meaningful done about those too (like a national privacy law in the US) but if I were making a to-do list and trying to prioritize it, TikTok et.al. would be near the top.
This is not only THE most important and articulate piece I've ever read here (and this site has a long history of terrific writing), but it's the bravest. Your courage is well beyond merely admirable; it's outstanding.
I doubt our paths will ever cross, but if they do, it would be my pleasure -- and my privilege -- to shake your hand.
And regardless of that, I hope your cancer is gone for good, and that your recovery (in all senses) progresses in the best possible ways.
“Mazda used to offer the first option on the fob. Now, it only offers the second kind, where one starts the car via phone through its connected services [...]"
Which means that if you don't have cellular connectivity, or the cellular network is down, or Mazda's "connect services" are down, this doesn't work.
It also means that if there are security compromises at any point in that chain (and as we've seen this week, the entire US telecom infrastructure may be compromised, thank you very much Salt Typhoon) then the attackers can access the data-in-transit. If it's unencrypted, then of course it's game over. But even if it's encrypted, rudimentary traffic analysis combined with geolocation of the cell phone will tell them who has one of the cars, where they are, when they are, and that they're using this feature.
Quite a few people who actually built the Internet warned that this day was inevitable, but those warnings were dismissed as "naive" or "uninformed" or "anti-law enforcement". Turns out, though, that the people who pulled the cables and wrote the code and built the systems were right.
Whenever something like CALEA is proposed, it's always good to remember: "It's a poor atom blaster that won't point both ways." (Isaac Asimov, "Foundation")
Some of Techdirt's best reporting and writing was done on this topic, and I'm grateful for that. And I'm sure they could do it again. But I would really rather that they didn't have to.
(Let me predict that if this awful legislation becomes law, some of the first people to take advantage of it will be AI/LLM companies -- in an attempt to lock out their competition, real or perceived.)
"The first step is to measure whatever can be easily measured. That is okay as far as it goes. The second step is to disregard that which can't be measured or give it an arbitrary quantitative value. This is artificial and misleading. The third step is to presume that what can't be measured easily really isn't very important. This is blindness. The fourth step is to say that what can't be easily measured doesn't exist. This is suicide."
--- social scientist Daniel Yankelovich describes the "McNamara fallacy".
He wrote: Dort, wo man Bucher verbrennt, verbrennt man am Ende auch Menschen.
"Where they burn books, they will in the end also burn people."
There is a sad, awful, tragic, maddening progression -- repeated throughout history -- from banning books to banning people, from burning books to burning people. It always begins like this, and (unless it's stopped) it always ends the same way.
I'm horrified that it's happening here. But I understand why: Republicans have spent half a century preparing for it, and the last decade whipping their supporters into an armed, violent frenzy. We find ourselves at this place because rich and powerful people wanted it to be so, and took over one of two major political parties in order to make it happen.
I hope we can find a peaceful path out of this. I'd like to put my feet up, drink a glass of wine, and watch the sunset. But I don't think that's likely; I think terrible things are coming and we'll have to oppose them with force.
I hope I'm wrong.
You've already covered the legal issue thoroughly, and I've already long since weighed in on the folly of this entire case, so I'll just note that Oracle is now nothing more than a parasite -- like what remains of SCO -- leeching off people and companies that do real work.
"Last I checked in Statistics class a sampling of one is useless."
Two responses to that.
First, if we accept that statement, then it is useless in support of the claim "driverless cars are more safe" and equally useless in support of the claim "driverless cars are less safe".
Second, that's why I suggested approaches that (a) normalize and (b) use many more data points. If -- and I'm fabricating these numbers to illustrate -- driverless cars have been on the road for 4000 hours in Phoenix, then we have substantially more than one data point about them. Of course while that was happening, human-driven cars might have been on the road for 315,000 hours, so we still have the problem posed by the enormous disparity in the raw numbers. But at least we're past the problem of a singular data point.
What we need to better understand this are the real numbers for both human-driven and driverless cars. I'm working on the former at the moment.
"Again, I'd rather get some valid data rather than try to randomly generate figures that will by nature be both fictional and skewed toward whatever the person guessing wants to prove."
Do note by using the theoretical maximum that I suggested that this stacks the deck against my point. I did so deliberately to avoid skewing the numbers of favor of my argument.
"I'm yet to hear a valid reason, apart from "I don't trust them""
I've provided some in previous commentary here, and I've referenced others. I'm overdue to write a long-form piece laying out some of them -- and there are plenty. One of my principle concerns is that driverless vehicles aren't special -- they're just another thing in the IoT, and the entire IoT is an enormous, raging dumpster fire of security and privacy failures. There are ZERO reasons to think that cars will be any better than toasters, and a lot of reasons to think that they'll be worse.
I'll publish it when I have the time so that the arguments are laid out more clearly for analysis/critique. If you want to see a draft version, drop me an email and I'll send you what I have so far.
"That's a reasonable metric, but the problem is [...]"
Agreed. It would probably be better to use statistics at the national level in order to better represent all driverless vehicles, but that still leaves the problem of the massive difference in scale between the two sets of statistics.
"I'd rather see some real figures [...]"
I'm working on getting those. I'm curious to see what they are as well. Of course, for a fair comparison, we'd also need figures on operator-hour and vehicle-miles for the driverless vehicles too. However, because there aren't many, we could deliberately overestimate those (e.g. 168 hours/week/vehicle, which is the theoretical maximum) and then see what those calculations tell us.
"I also somehow doubt you'd have been so concerned about the death rate before this one happened, since that would have argued the opposite point for you."
I've been arguing against driverless vehicles for a long time. I commented here on this specific point because the citation of the death rate is being used to suggest that driverless vehicles are safer. Personally, I think it would be better to compare all accidents (that is, fatal and non-fatal, pedestrian and non-pedestrian) in order to use larger data sets and perhaps gain better insight. But it should be clear to everyone that using raw numbers without normalization is just wrong.
"Another issue with AI scraping that’s overlooked is that it completely fucking hammers the people’s compute resources." Yes. Even those of us with a lot of experience in performance tuning -- at the network level, at the web server level, at the OS level, etc. -- are finding that we can't maintain previous service levels without large investments of time and money. Because of the thugs at AI companies. And even when we do that -- as I did last year when I replaced a server that was working perfectly fine pre-AI-crawlers with one that cost three times as much -- the respite is only temporary. The crawlers effective negated all that money and all the accompanying work in just a few months. Because of the thugs at AI companies. Other people that I work with, collaborate with, or just correspond with have gone through similar things. A lot of them aren't trying to expand their sites or improve them because they can't -- all of their resources are going into just trying to survive. And just as I discovered, they know that anything they add will just make their sites a bigger target. Because of the thugs at AI companies. Libraries, museums, archives, and other resources that are perpetually starved for money, places where people work out of dedication to the concept, not because they're going to get rich, are being decimated. Long-standing resources in science and technology are asking for help that they never needed before. Because of the thugs at AI companies. We don't need new business models, we don't need to nerd harder, we don't need any of that crap. What we need is for the thugs at these AI companies to behave like (at least) minimally decent human beings. There's no tech fix if they don't... ...although there may be a legal one. There are ongoing discussions of a massive class-action lawsuit. It's unclear that'll go anywhere, but I certainly would applaud it, provided it was for at least $1T -- and that, by the way, is likely a serious underestimate of the aggregate cost of all this.
This. Although I'll point out that it's not equivalent to a DDoS attack, it is a DOoS attack. I've spent decades studying attacks and abuse, and this is one of the worst I've ever seen. It's massive, it's relentless, and the people behind it simply don't care what they destroy. They're using every creative/duplicitous trick in the book to avoid being held accountable and to evade countermeasures. That's why there are all kinds of public and private anti-AI-crawler projects, large and small, that should never have been necessary -- but ARE necessary, because these attacks are knocking sites off the air and costing a lot of people a lot of time, money, effort, lost sleep, and everything else. Don't blame the victims of the sociopathic greedy thugs at AI companies for this mess. They could have chosen to play in nice in the sandbox, in the spirit of collaboration that we used to build the Internet. But no. They decided to be complete assholes, so they -- and you, and everyone else -- should not be surprised that we've decided not to put up with this nonsense.
Thanks, I'm fairly sure I know how Internet protocols such as SMTP and HTTP work (at least some of the time). But go back to this part of the sentence that I quoted: "[...] it just works.” That isn't true any more, and I only enumerated some of the ways in which it's not working -- there are a lot more, unfortunately. To give you a few scattered examples: a lot of web sites are under siege from AI crawlers, so they don't "just work" any more; some web sites are hosted by Cloudflare, which has apparently found it expedient to block some less popular browsers outright, so those sites don't "just work" anymore; the combination of SPF/DKIM/DMARC has made forwarding email a gymnastic trick even for people for who know what they're doing, so that doesn't "just work" any more. And so on. A lot of things that were working pretty darn well 5 or 10 or 20 years ago are now being broken at an increasing pace due to [a long list of contributing factors].
"When you use email or browse the web, you don’t worry about which email provider or browser your friends use – it just works." That was true. It's not true any more, and yes, you should worry about these things because at an ever-increasing pace, email providers, web browsers, and even operating systems are vacuuming up every piece of data and metadata that they possibly can. Example 1: Gmail now -- by default -- feeds everything to their AI project. Example 2: Firefox collects data and sends it to Mozilla. Example 3: Windows 11 Recall. It might be tempting to think that this is innocuous -- but it's not. And it might be tempting to believe the posturing by Google, Mozilla, Microsoft, et.al., but that's all it is: posturing. If they at all serious about privacy and security they wouldn't even consider doing these things. So while I would like to agree with this statement, and many years ago I would have agreed with this statement: that was then. This is now. And now, sadly, it's completely wrong.
As we've seen before, and are seeing now, and will see again, it's quite often the case that the people who claim to have found the keys to saving humanity are some of least humane among us.
Here's what happens next
Google just painted a target on all of these devices, because now attackers know that any/all vulnerabilities in them won't be fixed. Ever. Attackers have six months to do reconnaissance and stockpile any exploits they devise...because on 10/26/2025, it's open season. I'm sure that Google knows this -- well, the engineers certainly do. But apparently management doesn't care that they're turning long-time customers/early adopters into potential victims. "Don't be evil" is a long way in the rear-view mirror at this point.
A little historical perspective
Back in 1983, when I was writing "junkmail" (subsequently published on Usenet) we had not yet coined the slang term "spam" -- the need hadn't arisen yet. We used terms like "junk mail" and "mass mail abuse" and so on to describe what was then a tiny and isolated problem. (And it was that way because people who engaged in it tended to lose their accounts.) A little time's gone by, and yet most people, including litigants in these proceedings, do not understand what spam is and isn't. As I've written many times, spam is no more speech than a brick with a note wrapped around it and thrown through a window is publication. Spam is vandalism; it's abuse; it's an attack. The content (if any), the sender, the purpose -- none of things matter. Unfortunately, many politicians, political parties, and political groups are spammers; and having chosen to be so -- instead of choosing to be responsible and use COI -- they sometimes find themselves blocked or otherwise impacted by mail system defenses. They have only themselves to blame; it would have been trivially easy for them to avoid all of this if only they'd learned and followed decades of best practices.
At no point did I recommend playing whack-a-mole with apps or divestment as possible strategies for dealing with this problem set. In fact, I didn't recommend any strategy for dealing with this problem set, because that's a much longer and far more nuanced discussion. I did note the lack of federal privacy legislation in the US, and I do support such legislation, but that's on general grounds, not because of the specific threat posed by TikTok et.al. As a general rule, fashioning countermeasures to threats requires understanding them, and of course the more accurate and detailed that understanding, the higher the likelihood that countermeasures derived from it will be appropriate and effective. My point in writing what I did was to note that -- in my opinion -- there is a distinct lack of understanding in play here, because this is a threat qualitatively and quantitatively quite different from the others that are so often discussed here.
First, I'm as baffled and disappointed by all this flip-flopping as any of you. Even allowing for political expediency, it still doesn't make any sense. Second, you may safely presume that I'm fully aware of the entire data broker ecosystem, the social media ecosystem, and the IoT ecosystem, and the resulting cascade of security and privacy issues. But, and this brings me to: Third, I think there are some unique aspects to the threat(s) posed by TikTok et.al. that distinguish them from the ones posed by the three groups I enumerated above. For starters, this was carefully engineered by Chinese intelligence -- and they're very, very good at what they do. Also, their design and implementation goals differ markedly from those of the groups I listed above: they're not trying to make a profit in the next six months, they're trying to gain a competitive advantage over the US (and others) by 2050. Third, they have analytical skills are good as anyone else on the planet, and they have truly enormous storage and processing resources at their disposal. The implication of that last sentence is that they can do more with the data they acquire than others -- and that should surprise nobody. Fourth, I think it's more than reasonable to presume that they not only have all the data/metadata they're gathering, but whatever else they want from the three groups I listed above, either because they bought it, hacked it, or scooped it up when it was left wide open in somebody's cloud. A data collection like that is almost certainly unmatched by anyone other than other national intelligence agencies. There's more, but my point is: this a very different threat model than Facebook or smart fridges or exercise gear or any of the other things we see a constant stream of reports/analysis about. Of course, in a better world, we'd see something meaningful done about those too (like a national privacy law in the US) but if I were making a to-do list and trying to prioritize it, TikTok et.al. would be near the top.
What an amazing essay
This is not only THE most important and articulate piece I've ever read here (and this site has a long history of terrific writing), but it's the bravest. Your courage is well beyond merely admirable; it's outstanding. I doubt our paths will ever cross, but if they do, it would be my pleasure -- and my privilege -- to shake your hand. And regardless of that, I hope your cancer is gone for good, and that your recovery (in all senses) progresses in the best possible ways.
Katharine Graham and Ben Bradlee...
...both had a less money and power than Jeff Bezos does. And vastly more integrity and courage.
Network/security considerations
“Mazda used to offer the first option on the fob. Now, it only offers the second kind, where one starts the car via phone through its connected services [...]" Which means that if you don't have cellular connectivity, or the cellular network is down, or Mazda's "connect services" are down, this doesn't work. It also means that if there are security compromises at any point in that chain (and as we've seen this week, the entire US telecom infrastructure may be compromised, thank you very much Salt Typhoon) then the attackers can access the data-in-transit. If it's unencrypted, then of course it's game over. But even if it's encrypted, rudimentary traffic analysis combined with geolocation of the cell phone will tell them who has one of the cars, where they are, when they are, and that they're using this feature.
Pretty big "I told you so" moment
Quite a few people who actually built the Internet warned that this day was inevitable, but those warnings were dismissed as "naive" or "uninformed" or "anti-law enforcement". Turns out, though, that the people who pulled the cables and wrote the code and built the systems were right. Whenever something like CALEA is proposed, it's always good to remember: "It's a poor atom blaster that won't point both ways." (Isaac Asimov, "Foundation")
Do we have to do this again?!
Some of Techdirt's best reporting and writing was done on this topic, and I'm grateful for that. And I'm sure they could do it again. But I would really rather that they didn't have to. (Let me predict that if this awful legislation becomes law, some of the first people to take advantage of it will be AI/LLM companies -- in an attempt to lock out their competition, real or perceived.)
Another apropos quote for situations like this
"The first step is to measure whatever can be easily measured. That is okay as far as it goes. The second step is to disregard that which can't be measured or give it an arbitrary quantitative value. This is artificial and misleading. The third step is to presume that what can't be measured easily really isn't very important. This is blindness. The fourth step is to say that what can't be easily measured doesn't exist. This is suicide." --- social scientist Daniel Yankelovich describes the "McNamara fallacy".
Heinrich Heine nailed this 200 years ago
He wrote: Dort, wo man Bucher verbrennt, verbrennt man am Ende auch Menschen. "Where they burn books, they will in the end also burn people." There is a sad, awful, tragic, maddening progression -- repeated throughout history -- from banning books to banning people, from burning books to burning people. It always begins like this, and (unless it's stopped) it always ends the same way. I'm horrified that it's happening here. But I understand why: Republicans have spent half a century preparing for it, and the last decade whipping their supporters into an armed, violent frenzy. We find ourselves at this place because rich and powerful people wanted it to be so, and took over one of two major political parties in order to make it happen. I hope we can find a peaceful path out of this. I'd like to put my feet up, drink a glass of wine, and watch the sunset. But I don't think that's likely; I think terrible things are coming and we'll have to oppose them with force. I hope I'm wrong.
Everything Oracle touches dies
You've already covered the legal issue thoroughly, and I've already long since weighed in on the folly of this entire case, so I'll just note that Oracle is now nothing more than a parasite -- like what remains of SCO -- leeching off people and companies that do real work.
Re: Re: This is an apples-to-oranges comparison, and it's wrong
"Last I checked in Statistics class a sampling of one is useless."
Two responses to that.
First, if we accept that statement, then it is useless in support of the claim "driverless cars are more safe" and equally useless in support of the claim "driverless cars are less safe".
Second, that's why I suggested approaches that (a) normalize and (b) use many more data points. If -- and I'm fabricating these numbers to illustrate -- driverless cars have been on the road for 4000 hours in Phoenix, then we have substantially more than one data point about them. Of course while that was happening, human-driven cars might have been on the road for 315,000 hours, so we still have the problem posed by the enormous disparity in the raw numbers. But at least we're past the problem of a singular data point.
What we need to better understand this are the real numbers for both human-driven and driverless cars. I'm working on the former at the moment.
Re: Re: Re: Re: This is an apples-to-oranges comparison, and it's wrong
"Again, I'd rather get some valid data rather than try to randomly generate figures that will by nature be both fictional and skewed toward whatever the person guessing wants to prove."
Do note by using the theoretical maximum that I suggested that this stacks the deck against my point. I did so deliberately to avoid skewing the numbers of favor of my argument.
"I'm yet to hear a valid reason, apart from "I don't trust them""
I've provided some in previous commentary here, and I've referenced others. I'm overdue to write a long-form piece laying out some of them -- and there are plenty. One of my principle concerns is that driverless vehicles aren't special -- they're just another thing in the IoT, and the entire IoT is an enormous, raging dumpster fire of security and privacy failures. There are ZERO reasons to think that cars will be any better than toasters, and a lot of reasons to think that they'll be worse.
I'll publish it when I have the time so that the arguments are laid out more clearly for analysis/critique. If you want to see a draft version, drop me an email and I'll send you what I have so far.
Re: Re: This is an apples-to-oranges comparison, and it's wrong
"That's a reasonable metric, but the problem is [...]"
Agreed. It would probably be better to use statistics at the national level in order to better represent all driverless vehicles, but that still leaves the problem of the massive difference in scale between the two sets of statistics.
"I'd rather see some real figures [...]"
I'm working on getting those. I'm curious to see what they are as well. Of course, for a fair comparison, we'd also need figures on operator-hour and vehicle-miles for the driverless vehicles too. However, because there aren't many, we could deliberately overestimate those (e.g. 168 hours/week/vehicle, which is the theoretical maximum) and then see what those calculations tell us.
"I also somehow doubt you'd have been so concerned about the death rate before this one happened, since that would have argued the opposite point for you."
I've been arguing against driverless vehicles for a long time. I commented here on this specific point because the citation of the death rate is being used to suggest that driverless vehicles are safer. Personally, I think it would be better to compare all accidents (that is, fatal and non-fatal, pedestrian and non-pedestrian) in order to use larger data sets and perhaps gain better insight. But it should be clear to everyone that using raw numbers without normalization is just wrong.