Why does information privacy matter, again?

It’s not just because you are a criminal and the coppers might catch you. Or because you really, really hate big corporations who just want to sell you stuff more easily. Or because you’re paranoid.

If that’s as far as your thinking goes, when people start talking about “privacy” on the Internet, you really need to bone up on the subject.

You probably already knew that you don’t have to be criminal, paranoid, or anti-capitalist to be very jealous of your Internet privacy rights. After all, plenty of law-abiding, merely sensibly cautious, capitalism-loving people are freaking out about the way FAANG (Facebook, Apple, Amazon, Netflix, Google) companies, and many more, are creepily tracking their every move. Then those same corporations are selling the information and making it available to governments (or, at least, not going out of their way to stop governments from getting it).

Are people right to freak out about these privacy violations?

Yes, they are, or so I will argue. The threats come under three heads: corporate, criminal, and government. And let’s not forget that in the worst-case scenario, the three heads merge into one.

The corporate threat

Left unchecked, in ten years, some of the biggest, most influential corporations will know (or have ready access to) not just your name, email address, phone number, age, sex/gender, credit card numbers, family relationships, friends, mother’s maiden name, first car, favorite food, various social media metrics, browsing history, purchase history, as well as a large collection of content authored and curated by you. That’s already bad enough (for reasons I’ll explain). But they might add to their dossiers on you such things as your social security number, credit score, criminal record, medical history, voting history, religion, political party, government benefits, and more.

But how? Well, you might have asked that about the first list twenty years ago. How indeed? They’ll create must-have devices and services that become very popular. Everybody has to have the device, or the service. Then they’ll talk a good game when it comes to your information privacy and security, but they’ll get their hands on your medical history, your credit score, your government benefits–and that will be it.

Imagine, too, the possibilities that highly motivated project managers will dream up when they can mash up your growing dossier with data from facial recognition, AI/big data text analysis, and other new technologies.

In such a situation, what information isn’t private?

“But I can make up my own mind about what to buy,” you say.

Well. Top-flight marketing and product people are, naturally, very good at what they do. It’s not an accident that, once everybody and his grandma got online, some of the wretched Mark Zuckerbergs of the world would stumble on some platform that would connect us by our personal relationships, not care one bit about privacy, and hire people who are and become very, very, very good at manipulating us in all sorts of ways. They’ll keep us online, give us more reasons to share more information, watch ads, and yes, buy stuff.

But corporate control of your private life is much more insidious than that.

Do you feel quite yourself when you’re reading and posting on Facebook and Twitter, shopping on Amazon, watching and commenting on YouTube and Netflix, etc.? I admit it: I don’t. We become more irrational when we get on these social networks. Sure, we retain our free will. We can stop ourselves (but often won’t). We are the authors of what we write (as influenced by our echo chambers), which reflects our real views (maybe). We could quit (fat chance).

We have become part of a machine, run by massively powerful corporations, with their clever executives at the levers. Only part of what is so offensive about this machine is that we are influenced to buy things we don’t need. What about radicalization–being influenced to believe things we haven’t thought sufficiently about? What about self-censorship, because the increasingly bold and shameless social media censors (no longer mere “moderators”) increasingly require ideological purity? What about the failure to consider options (for shopping, entertainment, socialization, discussion, etc.) that are outside of our preferred, addictive networks?

More importantly perhaps than any of those, what about the opportunity cost of spending our lives coordinated by these networks, with less time for offline creativity, meaningful one-on-one interaction, exercise, focused hard work, self-awareness, and self-doubt?

The machine, in short, robs us of our autonomy. As soon as we started giving up every little bit of information that makes us unique individuals, we empowered executives and technologists to collectivize us. It is not too much of a stretch to call it the beginnings of an engine of totalitarianism.

The criminal threat: privacy means security

If you’ve never had your credit card charged for stuff you didn’t buy, your phone hacked, precious files held hostage by ransomware, your computer made inoperable by a virus, or your identity stolen, then you might not care much about criminal hackers. Several of these things have happened to me, and since I started studying programming and information security, I’ve become increasingly aware of just how extensive the dangers are.

Here’s the relevance to privacy: keeping your information private requires keeping it secure. Privacy and security go hand in hand. If your information isn’t private, that means it’s not secure, i.e., anybody can easily grab it. You have to think about security if you want to think about privacy.

So, even if you (wrongheadedly) trust the Internet giants not to abuse your information or rob you of your autonomy, you should still consider that you’re trusting them with your information security. If a company has your credit card information, government ID number, medical history and health data, or candid opinions, you have to ask yourself: Am I really comfortable with these companies’ confident guarantees that my information won’t fall into the wrong hands?

If you are, you shouldn’t be. Think of all the data hacking of systems that, you might have thought, were surely hacker-proof: giant retailers like Target, internet giants like Facebook, major political parties, and heck, the NSA itself (not just the hack by Snowden).

No, your credit card info is not guaranteed safe just because the corporation storing it makes billions a year.

If you want to keep your information safe from malevolent forces, you shouldn’t trust big companies. There are all sorts of ways bad actors can get hold of your information for nefarious purposes. They don’t even always have to hack it. Sometimes, they can just legally buy it, a problem that legislation can make better–or worse.

The government threat

Remember when Edward Snowden revealed that the NSA has a (once) secret spy program that actually empowers it to monitor all telephone calls, emails, browser and search histories, and social media use? Remember when we all were shocked to learn that Bush and Obama, Democrats and Republicans had together created a monster of a domestic surveillance program?

I do. I think about it fairly often, although one doesn’t hear about it that much, and the programs Edward Snowden uncovered, like NSA’s PRISM, have not been canceled. That means (a) everything you do and access online can be put in government hands, whenever they demand it, and (b) it’s no more secure than the NSA’s security.

Remember when everybody left social media in droves and started locking down their Internet use, because otherwise the NSA would have easy access to their every move?

No, I don’t remember that either, because it didn’t happen. Nor, sadly, was there a popular revolt to get these programs repealed. I think many of us couldn’t really believe it was happening; it just didn’t seem real, it seemed to be about terrorists and spies and criminals, without any impact on us.

One thing that bothers me quite a bit is that pretty much the whole Democratic Party thinks Donald Trump is a crypto-Nazi and is one step from instituting fascism—but still, puzzlingly, nobody thinks to observe worriedly that he’s in control of the NSA and can find trumped-up excuses to spy on us if he wishes. In other words, if Trump were a fascist and he did turn out to want to start the Fourth Reich here in the good ol’ U.S. of A., it doesn’t seem to bother many Democrats that Trump holds handy tools to do just that.

Meanwhile, Republicans often think the Democratic Party is beholden to social justice warriors that want to institute socialism, thought policing, censorship, and general totalitarianism. You know–fascism. But they, too, seem strangely uninterested to dismantle government programs that systematically monitor everyone.

Both sides think the other side is just desperate to lord it over us, the innocent, good salt of the earth. But nobody seems to care that the very tools that make a police state worse than 1984 possible are already in place. And they’re only too happy to keep building and rewarding a corporate system that feeds directly into the NSA.

Government surveillance isn’t that bad! Fascism will never happen here! We can keep putting our entire lives in the hands of giant corporations! So say the people whose direst fear is that the other side will consolidate even more power and start executing their secret desires to institute fascist control.

What to do

But it can happen here. That’s why we need to start demanding more privacy from government.

If you’re really worried about fascism, then let’s defang the monster. Complain more about government programs that systematically violate your privacy rights. After all, knowledge is power, so NSA’s PRISM program, and similar surveillance programs in other countries, is really just an undemocratic power grab. With enough of a public uproar, Democrats and Republicans really could get together over what should be a bipartisan concern: shutting down these enormously powerful, secretive government programs.

In the meantime, we need to wake up about our personal privacy.

Look–everything you do online has multiple points of insecurity. If you can see that now, then what’s your response? Hope for the best? Throw your hands up in despair? Do nothing? Figure that decent people will eventually “do something” about the problem for you?

Don’t count on it. If you aren’t ready to start acting on your own behalf, why think your neighbor or your representative will?

Stop giving boatloads of information to giant corporations, especially ones who think you are the product, and contribute to the market for genuinely privacy-respecting products and services. If you don’t, you’re opening up that information to hackers who will exploit those points of security, and making it easier for governments everywhere to control their people.

Do your personal, familial, and civic duty and start locking down your cyber-life. I am. It’ll take some time. But I think it’s worth it and, soon, I’ll be finished getting everything set up.

What if you and all your family and friends did this? If there were a groundswell of demand for privacy, we might create tools, practices, education, and economies that support privacy properly.

Think of it as cyber-hygiene. You need to wash your data regularly. It’s time to learn. Our swinish data habits are really starting to stink the place up, and it’s making the executives, criminals, and tyrants think they can rule the sty.


“OK,” you say, “I’m convinced. I guess I should start caring about privacy. But really, how deep do I need to go into this privacy stuff, anyway? Well, I’ve answered that one, too.”

Part of a series on how I’m locking down my cyber-life.


by

Posted

in

,

Comments

Please do dive in (politely). I want your reactions!

One response to “Why does information privacy matter, again?”

  1. Anon

    While I mostly agree with you, I think you should consider the avarage Joe’s state of mind. Just to understand why most people don’t care about privacy that much. First, they don’t even know about these issues, the mainstream media don’t talk about these because it is aginst the government’s interest. Second, even if they have some understanding and knowledge in this topic, they have much bigger issues in their lifes: health, monetary, family or just everyday issues like car has broken down, etc. Most people simply doesn’t have the luxury to invest time and energy to take care about their privacy. If they can afford the newest and coolest smartphone they want it to work. Without hacking and programming knowledge. Even if there are alternatives like Qubes OS and Lineage OS, people won’t use them because they lack the skills to use them. They will just start up the factory OS with crapware, bloatware and spyware, but at least those work by default instantly, everything is synced with everything, Google Maps has the most updated and detailed maps and traffic info, etc.

    Purism does some relly nice things but I think it is already late. Like there will be never a “the year of Linux on desktop”. There are gazillion apps out there already for Android and people will miss their apps. Not the spyware part but the functionality. It took 10 years to get there where Android is now. For Purism to have the same functionality it will take 10 years at least too. They couldn’t even ship their first phones at the promised date, maybe before 2020?

    And remember, having open, free and secure software is not enough. We need free and open hardware too which could be inspected by anybody. Free software on closed and buggy hardware doesn’t provide that much. Just think about the unfixable CPU bugs discovered recently. Basically everything must be built up from scratch openly by the community. Who will pay for the research and engineers and programmers? How expensive a CPU factory is? What performance these CPUs will have? “But can it run Crysis?” – It is usability against security again.

Leave a Reply

Your email address will not be published. Required fields are marked *