I spent many years as a Police Officer and came to know well the challenges around identity theft and the havoc it can wreak. I also came to believe, you need to know what your actions on the internet mean and accept them clearly or have options to reduce risk. I’m going to cover (in-depth) behaviors you may want to adopt, tools you may want to use, and things you really should avoid. This is the first in a muti-part story.
The scope of mass surveillance in the modern technological society is difficult to underestimate. Regular law-abiding citizens are being monitored not only by the spy agencies but also by private corporations. It is the latter that engage in unprecedented, unaccountable user tracking, profiling, reselling and disclosing of the data to third parties.
The avalanche of revelations that followed Edward Snowden’s first publications has brought up an important public discussion on privacy.
The advocates of unaccountable, covert surveillance on everyone everywhere use arguments like, “I have nothing to hide” and “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.” (Eric Schmidt, Google CEO). The hypocrisy of such statements becomes obvious the moment you look at how the people who advocate them protect their own privacy.
Schmidt, for example, has been using his authority at Google to blacklist CNET in Google search results after the news outlet published a piece about Schmidt’s hobbies, political donations, salary, and neighborhood. Notably, the information the CNET reporters listed in their article was obtained solely from Google searches.
Facebook CEO Mark Zuckerberg who proclaimed “privacy is dead” due to a changed “social norm” purchased 4 adjacent houses that were neighboring his Palo Alto mansion, ironically, to have more privacy.
On the other end of the spectrum are cybersecurity experts, human rights advocates, and investigative journalists. A security expert Bruce Schneier has been a long-term privacy advocate, and here is what he says about the recent FBI vs Apple case on backdoors:
“The FBI paints this as a trade-off between security and privacy. It’s not. It’s a trade-off between more security and less security. Our national security needs strong encryption. I wish I could give the good guys the access they want without also giving the bad guys access, but I can’t. If the FBI gets its way and forces companies to weaken encryption, all of us – our data, our networks, our infrastructure, our society – will be at risk.”
The very notion of privacy is being continuously washed away from the public consciousness. The value of private data is being actively diminished by the trade off of private information in exchange for a free service or product.
We are either used to the fact of (or unaware of it) that Google reads our emails, that Facebook deploys sophisticated facial recognition system to identify users across its services, that WhatsApp and Facebook share user data, that Twitter stores your unpublished tweets. The majority of average users may not have heard about audio beacons in the TV and YouTube commercials deployed by marketers.
These beacons trigger certain apps and games on your mobile devices to ping back to their servers to identify a user. So, for example, if you have an account in one name for your computer and an account with a different name for your smartphone, an ad you just watched in your desktop browser activates a trigger in an Angry Birds game on your smartphone, and the marketer then knows that John Doe (your Win 10 account) and Cory Sommers (your Apple ID) are one identity, or at least live in the same house.
Many Internet users don’t understand why the tech giants even need that private information. And here is the deal – why is Facebook thriving? What does Mark sell that costs so much? Advertising, right, but you have got to show the ads to the right people for the people to act upon the advertisement. Thus, the network needs to know what makes you tick. And oh, surprise, you just told it yourself by posting an update to your timeline or uploading a picture. Marketing agencies pay well for the bulk user data, and Facebook and other social networks trade religiously. It’s a whole new industry of marketing agencies that build algorithms to analyze big data. And your life is a part of that big data that is sold and re-sold and stored indefinitely.
Besides the lack of accountability of tech giants, or state agencies alike, there is one more problem – malicious third parties. We call them hackers. Irrespective of their origins and intentions, they can and, in many cases do, breach the protections of the tech giants or their partners holding your data, and get a hold of your sensitive information.
If you think you are of no interest to international hacker groups, think about identity theft and its devastating effects on your credit score, and all the hassle you have to go through to restore your good name. Think about ransomware that targets large corporations and individual users alike. Think about a jealous ex hacking your email or Facebook account. Think about a troubled teen geek living next door who has a crush on your wife, or daughter. Think about some distant pedophile in Norway who can spy on your children in Dallas by hacking into your very own web cam. Without going into the extremes, would you like a Walmart manager to be the first to know your teenage daughter is pregnant, ahead of you?
You may argue the service and software providers have nothing to do with the malicious hackers stealing your private information. But the simple truth is if a provider or developer has put a backdoor for itself, if the provider or developer tracks you, then so can anyone else.
Question: Where and when did you give your informed and explicit consent for the tech companies, marketers and spy agencies to read your emails, text messages, collect your Internet searches, analyze which websites you visit, keep a record of your contacts and estimate which ones are close, track your location, spending, medical history and financial situation? (The Guardian: Gmail does scan all emails, new Google terms clarify.)
Question: Who is ultimately responsible?
Answer: I’m all about self-sufficiency, so, I am and you are.
If you want to turn tables on the unprecedented mass surveillance both from state agencies and private corporations, or the hackers, start with yourself. Your online behavior, habits, and routines need revision if you wish to protect at least a tiny fraction of your privacy, and human dignity along with it. In the following weeks, I’ll layout a guide on how to professionals protect their privacy and how you should protect your own.
This is by no means an alert that should make you think the government, big business, or others are necessarily after you in some way. The reality is with most wolves, they will pick a softer target than you if you put roadblocks in their way. Throw a few in their way, make it hard for them to deteriorate your quality of life.
Next week, I’ll go into specifics of Encryption. What it really means, what should be encrypted, how to best accomplish it and most importantly, the tools (by name) you should use.