When it comes to your privacy how creepy is too creepy?

privacy skills

We are the first generation in human history who can be monitored at such a precise level – *Kevin Mitnick

 

Identifying your threat model is just a fancy way of asking “What aspects of your privacy & personal information are most important to protect?”.

I believe most of us want & expect a certain level of privacy, but it’s clear now that many technology products are just a front for mass data collection activities. Tech companies have made a business model out of claiming ownership of things that we assumed to be private & personal.

I have around 200 accounts in my password manage. Each of those companies also has the information of thousands to millions of other users in their system. I have no idea how many “partners” they each share my information with, or what their capabilities are to keep that information secure. It’s a given that at some point many of them will be breached & lose my information, or they already have.

There are no laws in the U.S. which regulate this, sets any standards, limits how much they can track, store, who they can sell it to, or that gives us any rights over our data whatsoever.

Who is your adversary?

There is a difference between protecting your privacy from hackers, protecting your privacy from advertisers, protecting your privacy from law enforcement, & protecting your privacy & data from the government. Eva Galperin | Internet Expert Debunks Cybersecurity Myths | Wired

  • Are you looking to clean up your digital footprint?
  • Are you a parent looking to teach your child how to protect themselves?
  • Are you a business owner who needs separation from personal data?
  • Are you tired of being tracked, & recorded?

You may not care that Google knows what kind of music you like & makes recommendations based on it, but that doesn’t mean that you want them also reading your emails, or using your photos to train their AI (Artificial Intelligence) models

Whatever your reasons, someone elses will be different. Some people close their window blinds at night, others don’t. How people approach privacy is no different. It is not one size fits all. What you protect, how, & why is up to you & your needs.

Let’s talk about some common ways that our privacy is exploited, & our data tracked, stored, shared, & sold.

Social Media

Social media sites are the kings of invasive data collection & mass surveillance, & they do so with absolutely no legislative oversight. Where it seemed at first they were only monitoring our likes & dislikes targeting us with relevant ads, they have now grown to be full-fledged mass surveillance organizations collecting data about everything you do online, & on your devices whether you’re using their services or not.

Social media phone apps can track your location, track your location, other apps on your phone, who your contacts are, where you shop, what you purchased when you were there. They know who you’re likely to vote for, how much money you make, who you’re related to, your sexual orientation, about your relationships, where you live, & so much more.

It all happens in the background, even if you’re not using the app & aren’t on their platform.

Our devices

Every device you use was made by a company that is tracking how you use it. . Your phones & computers have multiple radios that are constantly sending out signals announcing their exact position on the planet. Main stream operating systems use your device to feed their own data sets & research.

Every app that you install has its own set of data points that it’s tracking including what other apps you are using.

Every service you sign up for to use those devices as they are intended including your ISP, mobile service provider, cable company, streaming entertainment services, & so on is tracking how you use that service, when you use it, where you use it, & what other services you use it with. It’s a hot mess.

Websites

The ads that appear on websites, apps, & on social media are tracking you through a variety of tactics including browser fingerprinting, device fingerprinting, cookies, location, & many other ways.

Ad networks accumulate a stunning amount of personally identifying information about you & your habits in order to make split second decisions about which ad to show you everywhere you go online & off.

Data Brokers

Your data is a multi-billion dollar industry. Every day your devices, service providers, retailers, search engines, social networks, loyalty cards, & financial institutions are tracking every move you make & sharing (or selling) it with data brokers. Data brokers collect data themselves, buy or combine it with data from other companies.

On average a data broker has 1500+ different data points about each one of us. They are the middle men who crunch, analyze, mix, & then resell it to corporations, governments, law enforcement, or make it available for consumption through public, & private databases.

To make matters worse, some data brokers are also federal contractors who provide data for government mass surveillance & investigation programs.

Government

In most cases, you need your government to know who you are for things like citizenship verification, driver’s license, voting rights, property records, tax information, & so on. However, some governments have spent billions building mass surveillance systems to gather & store exact details & metadata from every device & user on the planet, & many belong to cooperation pacts that share that information internationally.

Trying to hide your digital fingerprint long term from a government is difficult. If this is your concern the best advice is to not use any internet-connected device or phone at all or fight for privacy legislation to change things & protect your rights.

This is an issue that we need to solve with legislation.

Trusted Organizations

Even the organizations that you can trust with your most sensitive information sells you out quicker than a toupee flying off in a hurricane

The DMV tells companies that you just purchased a new car. Your home purchase & property information are public record. Genetic ancestry sites sell your DNA profile to pharmaceutical companies.

Employers are reading your social media profiles. Credit card companies share your purchase information with social media companies, advertisers, & data brokers.

In short pretty much everyone has their hand so far up your data cookie jar, that if they pulled it out they’d probably be crowned King of England.

Criminals

At least one or more of the companies that have your personal information will mishandle, or lose it to people that you do no want to have it. The more accounts, & profiles you have the greater your risk that one of them is going to get “hacked” & cough your info up like a running back fumbling on the goal line.

When your information falls into the hands of criminals they may use it to do all kinds of things to you including but not limited to: sell your info to other criminals, spam you, phish you, open lines of credit, exhaust your credit cards, take over your bank accounts, steal your tax returns or government benefits, steal from your company, create fake ID/Passports, scam your family & contacts, stalk/harass you or your family, black mail you, & worse. It’s not personal, you’re just collateral damage to achieve the goal. That means everywhere there is a treasure trove of user information is a “honey pot” for “hackers”.

Your contacts

Yep even grandma can be a threat to your privacy & personal information. Odds are most of the people you know have smartphones, & that you’re a contact in that phone which can include but is not limited to your name, address, home & work phone number(s), email addresses, birthdate, their relationship to you, company you work for, & any other information that they may have added.

Also, many of the apps that they install on their phones including casino/gaming, messaging, social media or just random weather apps ask for access to their contacts & most people just give up that permission without thinking twice. If you’re in their contacts list, now that company (whoever it is) has your contact information.

Our privacy is our responsibility

Once you have an idea of what your privacy concerns are, & who you want to protect it from (your threat model) you will begin to

  1. Develop habits to protect it at all times
  2. Use solutions that address those concerns specifically
  3. Be more discerning about with whom you share your information
  4. Ask questions about the use & security of your information
  5. Weigh the benefits of “free” vs. how much data you need to give up

Tech companies & device makers aren’t going to volunteer to stop tracking us. For many it is their only business model. The privacy options in the settings pretty much amount to placebos that just make it harder to sign in to your account, or be presented with even more targeted ads. So far I have not seen anyone offer a setting that allow you to completely opt-out altogether. Not even for a fee.

The good news

Many of these digital surveillance companies feed off of each other & share information. If you affect the sources of the info you affect everything that feeds off of it. While many of the tracking methods employed are dirty, embedded by default as a business model, & require more effort to thwart…most are dependent on your apathy, lack of knowledge, & blind trust.

It’s never too late to start

The community of privacy rights organizations such as EFF, Privacy Rights Clearinghouse, device makers, privacy-focused operating systems, browsers, open-source software, tools, alternatives, & privacy resources is huge & growing. We have options. MANY options today.

You are not alone, & you’re already starting to do something about it, so pat yourself on the back. You already know more today than you did 2 weeks ago.

 

Resources

*Kevin Mitnick is a hacker who was on the FBI’s most wanted list for infiltrating government systems. Now reformed, he is widely regarded as an expert on privacy & computer security.

A few weeks back I read (listened on Audible), “The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother & Big Data”, where he details his experiences hiding from government surveillance & tracking, & what it takes to completely go off grid.

I thoroughly enjoyed it & found many of the stories fascinating. If you want a good read (or listen) & a deeper dive into privacy strategies I highly recommend it.

See ya next week.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website & the services we offer.