Privacy is SO 20th Century

What follows is not the ravings of a tinfoil hat conspiracy theorist. (No, really!) I write this as one who has worked in I.T. and had an online presence since the 90’s.
These are publicly known and easily verified facts (hence all the links) for those unaware of how modern technology is affecting our privacy.

Introduction

You might remember the day you discovered that computers know a lot about us. Maybe it was the first time you “Googled” yourself and found that picture you didn’t even know existed. Perhaps it was when you saw that old websites are stored in an archive even after they are deleted. Maybe it was when you searched for something on Amazon and then ads for it popped up on Facebook. How ever it happened, it was likely unnerving. And it should be.

And it’s probably worse than we think.

Back in the early days of the web, it was easy to remain private. Even if you gave out your name address and phone number on a popular message board, it was wasn’t like anyone would likely stumble across it. Data was difficult to find, get to, and rarely could it be correlated with other data to make a significant incursion into one’s privacy. Further, even if there was some secretive government agency rifling through our emails or forum sessions, it’s not like they could hire enough people to watch everything (at least we hoped so).

NONE of that is true anymore.

The Connected Culture

While certain public records have always existed, their access was typically so limited as to not be an issue. What many are just now learning is that the combination of all this easily available data is the virtual elimination of privacy.  Personal data uploading has gone through and well beyond the previous century’s roof with the advent of smart phones. The culture itself has become one of personal publicity (“pics or it didn’t happen”). The internet has kept pace and blossomed into a massive data network, and artificial intelligence has made it possible to track and tag that data in a manner impossible with mere manpower. For example, pictures or video taken with a phone or some digital cameras contain “metadata” (data about your data) called Exif. This exif data contains information about the media it captures including the time, date, and location (if GPS is enabled). if this data is not removed, it travels along with the digital files anywhere those files go. Pair just this one data collection point with image recognition and you can put together quite a history.

Take, for example, Google’s use of Android phones to record conversations, or their facial recognition algorithm. Just these two “features” alone should be terrifying to privacy-minded people, and yet many do not even know they exist. What else is going on in our devices that has not been discovered yet? Whatever technological insanity we can dream up, it is probably already occurring.

Worse, there are many who have simply embraced anti-privacy tech out of convenience. They will install listening devices in their homes so that the internet activated without having to sit down and type – basically inviting companies to spy on them. Why are we doing this to ourselves? Are these minor conveniences worth losing our privacy and possibly autonomy? Moreover, can anything be done about it?

I used to think so, but no longer.

You’re Almost Certainly Not Off the Grid

How do I know you’re not “off the grid”? Because you’re almost certainly reading this form an internet-connected device (from right here!).

Let’s say you want to get serious limit your digital footprint. Of course this would include getting off Facebook – that’s basic (especially getting it off your phone). But will you also get rid of Email? Texting? Phone calls? Maybe you (wisely) switch to ProtonMail and Signal so that you can remain in contact with people – there is still the internet to contend with. Think you’re safe because you delete your internet history or use a “private” browser? Did you remember to delete cookies too? Do you know what the index.dat file is? If you answered no to any of these questions, you better hope no one ever really wants to see where you’ve been.

Even if you’re knowledgeable enough to get everything off your personal computer, that’s not the only device you have to worry about. What about the tracking your browser company does? Or your internet service provider? Or all the computers you connected to while surfing? If you weren’t at least using a proxy or VPN, your activity is still easily tracked.

And this is just the beginning….

The Internet Can Almost Always Identify You

Because of how the internet works, you are essentially unable to control who knows what about your activities. But let’s say you really wanted to give it a try. Most people have not even begin to guess how difficult it would actually be.

You would probably be safe if, first, you only use a laptop that you paid for with cash while wearing a disguise and that you’ve personally rebuilt with your own parts so no firmware hack is possible (and one that you’ve never taken it to a repair shop or let anyone else use). Second, you’ve covered your camera with electrical tape and disabled the microphone so no one can hack your devices and record you. Your phone is, of course, turned off and stored in a microwave or refrigerator so it can’t be used to spy on you either. Third, you’ve disconnected the laptop’s internal HD and are booting to Linux off an encrypted USB drive so no traces can be stored on your device. Fourth, you never connect to the internet at home. You always travel to a place with public wifi, and you never access the internet from the same place twice. You avoid any website that is not https or that require any input or user accounts (because you know that all wifi is hackable). Fifth, you’ve setup both IP and MAC spoofing, and you’re using a TOR browser with Javascript, Flash, and other plugins disabled on a standard screen resolution (because they’ve used just that little bit of data to identify users).

Sure, there may only be two websites that will operate under these conditions, but you’re anonymous right? (Or maybe you missed something . . .)

Unfortunately, even the above scenario won’t save you.

No Technological Opt Out

The sad fact is that regardless of how hard you try or how tech-savvy you are, there is no real “tech opt out” available anymore. Why not? Because other people use technology and almost none of them are secure enough with their data.

Or with yours.

Let’s say you decide to go full Luddite – you delete everything you can off the internet and trash every piece of tech you own (you did remember to destroy your hard drive before you threw your computer[s] out….right?). Unless you then move to a cabin somewhere in the wilderness and never allow visitors again, you’re still about as vulnerable as you were with your technology in use. That’s because your data can be communicated by anyone who has it. So, if you have even one acquaintance that mentions you on Facebook, or in an email, or a text, or uploads a picture with you in it, you’re still in the system.

Consider Google Photos – a free service that will automatically upload your media as a backup for your devices. With Google’s Image Search capability, a lot can be learned from a simple photo, so one tagged picture and it’s all over for your privacy because the app’s facial recognition can do the rest. And this data can be used publicly. That’s is not some conspiracy theory – you allow Google to do this when you use any of their products (including mere email). It’s right there in the terms of service. Of course you can limit this usage (Google promises) if you (and everyone who has a picture of you) simply digs 7 levels deep into the app’s security settings.

Dark Days Ahead?

The most frightening aspect of this is that most people have not truly grasped how much information they are giving away and how it can be used (against themselves and others).

Beyond “mere” privacy concerns, the risk of this much data being so easily accessible should be obvious. Today citizens of any country with a totalitarian regime can be easily identified according to any number of search criteria and found out with an ease unimagined just a few years ago. (Imagine Nazi Germany with such access!) We are making it easy to profile ourselves by handing out massive amounts of data that governments wouldn’t even have asked for a decade ago. The stuff of dystopian movies (like socially engineered purchasing allowance) is now becoming commonplace. And even if the government is trustworthy (Ha!), this data is hardly safe from anyone else who wants it bad enough.

Granted, a lot of us didn’t think far enough ahead to see how our data could be misused, but today there really isn’t any excuse since misuse is already happening. The fact that we already know about the potential for an automated profile-driven drone attack implies that there are far more nefarious technological possibilities already available that we don’t know about.

Silver Lining

If there is a silver lining to this state of affairs it might be that because people are beginning to realize that they can no longer assume privacy, they may curb some of their aberrant behavior (although for some it has actually increased).

While most Baby Boomers and Gen-Xer’s can rejoice that we did our most of our stupid things before the internet and social media, Millennials were raised in a world where not only was privacy not a given, it was often given away. Their kids will be raised in a world with almost no realistic expectation of privacy. One might hope, then, that more caution concerning one’s actions will be on the rise.

This does not transform the inherent evil of privacy violation into a moral good, but it does show that some good can come out of evil. In a world where nearly everyone carries around a device capable of quality data capture, the risk of being caught doing . . . . anything . . . is a real issue. People need to seriously consider the possible ramifications of their acts.

Conclusion

Some of us gave away our (and probably other’s) privacy years ago without fully realizing it. By the time we recognize a privacy breech, it’s too late because the internet is forever, and  privacy scandals are never able to be corrected with certainty. Worse, many today continue to do so knowingly, and this will only increase as people come to accept it as commonplace.

I wish I had some good news – some way to fix this. But I don’t see a way out. If you are alive today, chances are your data is out there somewhere or will be soon. This is the new reality, and it is not affected by ideology. Assuming privacy is now unrealistic and often dangerous. So if you feel secure just because you can’t find yourself on Google right now, don’t. The only reason it’s you’re not easy to find today is because no one has decided to make it easy.

Yet.

Privacy fears are well founded, so plan your life accordingly.

Advertisements