Privacy on internet – Part 1/7
Introduction to privacy
Before we go into the real introduction to privacy, I would just like to say that privacy is, in my humble opinion, a seriously important topic. It is also a topic that covers a lot of ground. Therefore, I will divide the topic up to make it easier to read about and you can pick the parts that you are interested in. Paranoid Mind and this page will both be updated with links to all parts. The planned parts in the topic of privacy are:
- Smart speakers & Virtual assistants
- Hidden privacy leaks
- Privacy on Android
- Privacy in Windows 10
- Privacy on iPhone
- Privacy on a Mac
But that’s later. Now let’s begin this introduction by actually introduce privacy.
What is privacy?
The definition of privacy, according to Oxford is “a state in which one is not observed or disturbed by other people“ and “The state of being free from public attention”. If we simplify the statements with an example you can see it as closing the door to your house or even locking it, depending on where you live and what you would like to protect. In my case that would mean close the drapes and prevent my neighbors from being subjected to the naked dance of my people.
Why is privacy important
Besides the protection from your average stalker, privacy allows us to be free, individual, anonymous, safe (from both mental and physical harm), and autonomous. If we have no privacy we will always have to conform to all social rules, morals, and ethics. One could see it as one of the most basic foundations of freedom. Freedom to think, act, say, and be yourself.
Let’s make the presumption that you live a perfect life without mistakes and you have no problem with lack of privacy. Putting your life on the internet is something you love doing. Now you meet a person like me, but evil. Let’s call this evil me “me” with quotations. If “me” used all that disinterest of privacy and access all the information available about you, what is there to stop “me” from using all that knowledge to steal your identity, empty your bank accounts, use your computer (without you knowing what I am doing) to commit crimes in your name? Then plant incriminating evidence in a folder that you won’t even know is there and then contact the police, once again in your name, and “confess” to the crimes. Since they are made with your computer and all traces points to you, the evidence will be overwhelming. In fact, they will be so overwhelming that no-one will believe your claims to be computer illiterate. This is not as far-fetched as one might think. It has happened and will happen many more times in the future. Now you may protest and say that this is more of a “hacker” issue. You are partly right to think that. Read on and I will explain why this is ALSO a privacy issue.
Let’s take another example
Since most people, today, aren’t very careful with their information it is very easy to gather and use that information. Rejected? Take a photo from the distance, do a face search, get name, get address, get pictures from inside the home, get Facebook, Instagram, tiktok, snap, phone numbers, relationship status, most visited places, favorite bar and so on. Got an alarm? Of course you do, I can see what brand of alarm you chose on all those stickers on your windows and doors. Thank you for that! *searches manuals*. Ah, so that’s how I bypass it.
Since I have the home address, the favorite bar and times it is visited most of the times, I can easily look at a map to find out what the best place is depending on the purpose for the stalk. Evil “me” hasn’t even left the bar and can just order another beer and look for the next victim. I took the bar as an example but fact is you don’t even have to make the effort to go to a bar to find someone to stalk. You can do it from the comfort of your own home and you have millions of people to choose from. All of them share everything about themselves openly to get a “like”. The more friends on Facebook the more friends in real life seems to be the creed. Friends wouldn’t do anything to harm you, would they?
The contrast from long ago
As a contrast to how to get information today compared to when “grandpa” was young, you know, before the internet.
With the risk of sounding like a grandfather (again), when I was young or life v1.0, privacy was the default life mode. Only those closest to me knew me. To everyone else I was a stranger. This worked both ways. Most people in the world was a stranger to me. If I wanted to gather information on a person, for whatever reason, I had to work hard to get ANY information. Either from asking other people that might know that person, look in the phone book, or stalk them. To those that are too young to remember, a phone book was an analog version of Google that only contained name, phone number and address and was made from paper.
When computers started to pop-up then guessing someone’s password was a hustle since finding information about a person took time. Parents names, pet names, their favorite city, food (in case they lived for food). You almost had to date the person to find all this information. But to be honest, many times they left the password on a post-it note under the keyboard, under the table, or in their drawer. Writing that down made me realize that something haven’t changed. My computer teacher’s administrator password was the name of the program that he was most proud of. Note: He only made one program and he loved talking about it.
Information knows no borders
EU government tries on one hand to protect individual’s privacy whilst reserving the right to intrude on the same. Imagine having a stalker with no restrictions, no conscience, and unlimited resources, and full access to your email, messages, location, private (cell phone, land lines, and in programs such as FaceTime and Skype) conversations, your photos (even those you took in front of the mirror, just for fun, and hid in a place you think no-one but you can access). They even know everything you read, what you searched for on any device (you know, that embarrassing curiosity that you just had to know), what makes your heart pump extra fast (even if you set your browser to private mode for that special “you” time), those less popular political views, whom you stalk, and everything else you don’t want anyone to know. In short: everything that makes you, well, you. Both the good and the bad. I might sound like a paranoid conspiracy theorist but these are facts. I’m not saying that they visit that particular data about you. But keep in mind that data is stored somewhere and those places have people who can access it. If there is a breach, as there too often are, then anyone anywhere can have access to it and does.
- Number of records 3 billion + 500 millions (two breaches)
- Name, birthdate, phone numbers, passwords, security questions, backup-emais
First American Financial Corp.
- 885 million
- Sensitive financial documents
- 540 million (they have been breached multiple times so this number is much higher)
- phone numbers, birth dates, country, gender, hometown, location, name, comments, reactions to posts, friends, photos, passwords
- 500 million
- credit card numbers, passport numbers, guest data/personal information
Friend Finder Networks
(FriendFinder, Adult FriendFinder, Amigos, BigChurch, adult webcam websites, sex chats, Penthouse)
- 412 million
- username, password, email, date of birth, gender, location, IP-address, race, relationship status, sexual orientation, spoken language including accounts that had been “deleted”
Keep in mind that these are the largest, so far, but not the most sensitive, unless you are sensitive about someone knowing about your sexual needs. There are breaches that contain medical history as well but they didn’t break the top 5. Yet. Things that become clear is that humans always have and always will make mistakes. People assume and trust that their information is safe. Even if you live a perfect life, have never made a mistake, or don’t even have a medical history, you can still lose everything you have because you bought something somewhere with your credit card. There are more ways you can get your life messed up because of lack of privacy than I can ever imagine. To toot my own horn, I have a famously massively huge… imagination.
Enter the government aka General Data Protection Regulation (GDPR)
Even though GDPR is seriously lacking in privacy protection it is still a stumble in the right direction. Why isn’t GDPR enough? I’m glad you asked that question. It shows that you are interested in privacy, well done! Let me tell you, but you might be bored by the dry language.
Art. 1 GDPR Subject-matter and objectives writes, as the two first objectives:
1. This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
2. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
Now that looks great, right? I’ll buy that! I’m protected since I’m in EU, right? The answer to that is: meh, a bit. You aren’t really protected unless you take action though. If you read the privacy policies and disagree with that you don’t want to share. Then you risk not having Facebook, Instagram or any other social media presence.
Let’s see whom that does NOT have to follow these regulations. Art. 2 Material scope:
“competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security.”
First thing that strikes my eyes is “competent authorities”. I will not comment but rather pose the question: who decides if the authorities in question are competent?
Second is “detection”. In other words that “competent authorities” are allowed to keep internet under automatic surveillance without notifying anyone. Which they already did and still do. In short: collect ALL data all the time, just in case.
Third is “prevention of threats to public security”. I have no idea what that includes but it sounds good and noble though. To which degree of security and to what level of threats? Am I a threat to public security? It depends how I use my knowledge, I guess. Perhaps the “competent authority” don’t consider me a threat today but want the option to track my information in the future, then they are allowed to record and save it. Since everyone in EU, regardless of current level of threat, is a potential threat in the future, as I wrote above, they will record everything all the time. Mind you, not all countries “competent authorities” record everything on their own servers. They give that honor to contractors who in turn buy services from other contractors that handle the services such as, for example, internet providers. We all know that people aren’t curious right? Never has there been a policeman whom looked up a neighbor, daughters boyfriend or potential partner in their criminal database. Right? Never has there been, or will there be, an administrator at a company that searches for video files on the network they supervise. Everyone always respects everyone’s privacy.
Now let me ask you, as a reader, a rhetoric question. Knowing internet as well as I do, I know how to cover my tracks and be anonymous anywhere. How much use would the “competent authority” surveillance be on people with this knowledge? I’m absolutely not saying that I am smarter than the average person. I just have managed to absorb the right information. Something anyone can do.
We are reaching the end of this short, and in many ways compacted and simplified, introduction to privacy. In my humble, but paranoid mind privacy is one of the most important topics, not only on internet, but in all aspects of life and you should do everything in your power to keep your privacy private. Social media makes their money, not only on showing you ads, but also on the data you provide. They share it, sell it and use it. Every time you post anything on a social media site you make them a little more money. All you get back is a virtual like from persons that might not even exist. All for a quick instant gratification and appreciation. A funny side note is that with a well filled graphical database they can learn more about you from your friends than from you.
Well done for making it thus far. A final word on the matter of privacy. There is a huge gap between how things should work and how things do work. I focus on how it works and let everyone decide for themselves if this is how then want it to work. Even though I might have a few sarcastic comments in this document I do understand WHY it is this way. But I don’t, necessarily, agree with how it is put into place or how it works.