Privacy Versus Security: The New Equation

In Defense of Privacy

A recent unanimous decision by the U.S. Supreme Court has been called “a sweeping victory for privacy rights in the digital age” by The New York Times. At the same time a unanimous decision by the Supreme Court of Canada has been reported by The Globe and Mail as “a privacy landmark” that overruled government fears of a “crime-friendly Internet”. Yet, as privacy rights advocates in both countries applaud these rulings, our governments and police forces continue to resist these regulations, arguing they impede police powers to investigate criminal (and terrorist) activity. Happily for us, the courts have turned a deaf ear to those tired arguments and pronounced their determination to defend our privacy rights. It’s about time.

The divisive debate pitting privacy rights against national security in the post 9/11 era was until now largely won by the politics of fear. These decisions by our top courts represent a tipping point in this long-simmering controversy, giving citizens of both countries a reason to feel optimistic that our privacy rights may finally trump perceived national security concerns, as they should. Restoring a healthy balance between privacy on one hand and security on the other has long been overdue, and these opinions from the courts are encouraging. However, before we strike up the band and start the victory march, let’s put these developments into perspective. What exactly do these rulings mean for an average citizen’s privacy? Not as much as we might hope…


Re-defining the Security Equation

Following the disastrous events of 9/11 in 2001, individual privacy rights in the U.S. and Canada have been systematically eroded, led by government agencies like the NSA, Homeland Security, and CSIS. In a climate of fear – which in hindsight appears to have been orchestrated – we’ve all reluctantly allowed our privacy rights to be sacrificed on the altar of national security. We’ve grown used to having our emails scanned, our communications intercepted, and our activities scrutinized, to mention just a few examples. Yet, while fears of new terrorist attacks have subsided, the invasive surveillance has only increased in scope and depth. Thirteen years after 9/11, in the wake of Edward Snowden’s revelations, we all know that the ‘watchers’ have grown ever more sophisticated, and pervasive. There isn’t much your government doesn’t know about you, and it isn’t only your government who is watching you.

Today, aside from widespread government surveillance, private companies like Google, Facebook, Apple, and many others collect vast amounts of data about where you go, what you do, who you talk to, and what you say, buy, read, etc. They then share this information (sometimes with law enforcement agencies, which is not always justifiable), and also sell this information – data about you and your family – to other companies, usually without any regulation or oversight, which is never justifiable. In fact, it’s downright inexcusable. And what do you, the average citizen, have to say about this wholesale commercialization of your private info? Surprisingly little, but that will change in due course.

Meanwhile, many of us blandly accept this travesty of ‘informational insecurity’. We actually agree to it, admittedly through ignorance or conditioned obedience, rather than willingly inviting hugely rich companies to spy on us for profit. But, whether we know it or don’t think about it, that is what’s happening today. Companies slyly gather all the personal information about you they can, and then profit from that intelligence. I am not the only person who thinks this is wrong. If you think about it for just a minute, you will probably agree that having Google or whomever mine you for data and then get obscenely rich by selling that data is inherently dangerous. In fact, a growing number of people find this practice repugnant, and scary. What is scary about it is how many of us blindly agree to cooperate with these companies every time we click “yes, I agree” to some incomprehensible 8,000 word user agreement, or other similar document. We’re used to it by now – we just click yes – and the whole unseemly business of tracking your every thought or action becomes legal, and somehow legit. Well, that just stinks, doesn’t it? But there you have it, the new privacy and security equation: your privacy sucks, and your data = big bucks. While you were busy watching one hand perform some clever trick, big business was busy figuring out how to cleverly trick you with the other hand. Has it worked? Yes, it has, and they’ve made it look easy. Should we allow this trend to continue? I really don’t think so. It’s just too dangerous to allow private companies to run amok earning billions of dollars manipulating the personal information of hundreds of millions of people. Can we stop it, or at least control it? Eventually, through legislation, policy changes, and massive public perception shifts. Talking about massive public perception shifts…

What began fourteen years ago as an attempt to defend our collective security against terrorism has morphed into a war against us, diminishing our rights and commercializing  our personal information. It is ironic that what we thought of as a patriotic duty to surrender our privacy to the notion of security is now an attack on our privacy, and the security of our personal information. That’s how massive public perception shifts work. Nifty, huh? And in the midst of this mad rush by powerful organizations to disown our privacy and take ownership of our information come these two privacy rulings from our top courts. So, what do they actually mean?

Viewed in the context of who is targeting us, the Supreme Courts’ declarations are really very limited.  In the U.S., police will have to get a warrant before they can search an arrested person’s cellphone, or similar device (except in ‘special’ circumstances). In Canada, the courts require that a warrant be issued before police can legally retrieve subscriber identification (name and address) from an Internet provider. That’s it. Years of debate have produced these narrow, specific decisions. Sure, it’s a win, and it does represent an important advance in the long march to reclaim our rights to privacy and information security, but it isn’t exactly a breathtaking victory for the average citizen, is it?


Our Rights in the Cross-hairs

Our rights as free and sovereign peoples of some of the leading nations on earth are squarely in the cross-hairs while the battle between us and these opposing interests plays out, and we have a long road ahead before new legislation is enacted that substantively protects our privacy and the security of our information. Aside from heavy-handed surveillance programs, and powerful corporations vacuuming up our private information for profit, let’s remember that there are many criminal enterprises spying on us, hacking us, phishing for data, and generally invading our lives. In this new war our only allies are the courts, and their capacity to influence law-makers our best, but not only defense. It is the opinion of the Supreme Court of Canada that “anonymity is vital to personal privacy in the digital era”. So, what can you do right now to leverage anonymity to defend your privacy and protect your valuable ‘personal data’?

Protecting our private information from abuse is an uphill battle we all face, and our rights to privacy and information security are squarely in the sights of some pretty scary opposition. Yes, the courts can force governments to curtail spying programs and limit aggressive search and seizure tactics, and yes, new laws can regulate the commercialization of our data by powerful corporations, but the wheels of justice grind slowly. Meanwhile, you also have to worry about the criminals snatching your identity away, for example. These are the threats we all face when we explore the world at our fingertips using modern technology. While we’re waiting for our laws to catch up with the pace of our technological development, thereby thwarting the ability of others to invade our privacy and abuse our personal information, what can we do to reduce the abuse and protect our rights? Here are five steps that can help you establish a more secure footing as you traverse today’s perilous cyber-scape.

Actively Defending Your Privacy

Assuming a more defensive ‘posture’ when you engage with the modern world via technology is not only smart, it’s necessary. Protecting yourself and your family is as basic as common sense. To reduce the risk of exposing your private information while you go about your daily routines of engaging with today’s ‘always connected’ world, consider adopting some or all of the approaches outlined below. In the coming months we will revisit these issues, revise our suggestions about how to increase your security and anonymity, and recommend additions to your privacy toolkit. Meanwhile, think of these strategies as best practices to defend against some of the most common threats we all face. Taking action to protect your anonymity and the security of your information is the new equation. Here are 5 options to help you defend yourself, and your family.

  1. Use Virtual Private Networking (VPN)

    Using Virtual Private Networking disguises your identity behind a VPN server. It also encrypts the data you exchange with websites like Facebook or Gmail and makes intercepting your communications difficult. For people who travel frequently, and those who use public hotspots regularly, using a VPN service is essential. Logging into your internet banking account or using any password at a public hotspot without using a VPN could put you at risk of becoming a victim of cyber crimes. To learn more about VPN services click here.

  2. Disable Tracking Cookies

    Tracking cookies are used by many companies to monitor and report on your online activity. They are very common and sometimes useful. Disabling tracking cookies can prevent companies from seeing which websites you visit, what you purchased, and much more. Tools like Adblock Plus, Ghostery, or Privacy Badger are designed to help you selectively block cookies and other tracking software.

  3. Turn Off Geo-Tagging

    Virtually every camera you can buy today has a built-in a “Geo location” feature that is by default switched on. If you don’t manually turn it off this feature will automatically tag every photo you take, which allows anyone to find out exactly where you snapped that picture. Turn off the “Geo location” feature in your camera, webcam, and cellphone. You should also learn how to remove or edit Geo-tags from your photos before you upload them to your emails, Facebook page, or other websites.

  4. Secure Your Cloud Assets

    Today we’re putting more and more of our digital assets into the public cloud without knowing how well our information will be protected by our cloud provider. All cloud storage providers claim their system is super secure, however, the latest security report from CSA (Cloud Security Alliance) tells a different story. To secure your cloud files, investigate providers such as SpiderOak, who support end-to-end encryption, or, encrypt your data locally before uploading it to the cloud.

  5. Encrypt Your Email

    Many people use Google’s Gmail service, but very few users are aware that every message that is sent, received, and stored using Gmail is scanned and analyzed by Google, mainly to customize which advertising to inundate you with (they profit from this practice). Most email providers use similar systems to scan and analyze your communications. Use a program like OpenPGP to encrypt  your email, which prevents others from reading your messages, and also prevents your email provider from scanning the content of your communications.

Image: Colin Harris

Comments

  1. This article is a good review of what you can do to protect your internet privacy. The introduction is a bit long, but once you get to the suggestions for security the suggestions are useful.  Interesting that you have to log in and give your e-mail – is this a collection of information by the blog people?

  2. “The machine does not isolate man from the great problems of nature but plunges him more deeply into them.” -Antoine de Saint-Exupery
    I read with great interest the above article though I’m dismayed in a democratic society we need to defend ourselves against national security entities and corporations that do things in our name; i.e., fight terrorism, manage the world’s economy, etc. Is privacy a thing of the past on the World Wide Web? Do we give up something very important, our privacy, or more important our identity, when we log on?

    The world did indeed change after 9/11 but does that justify government and transnational corporate intrusion in our lives to an unprecedented degree? I say no. Just because large databases are owned and controlled by such entities doesn’t entitle them to intrude in our lives or sell information without our consent. I quite   understand the need to protect us from legitimate harm(government role) but not selling our information(corporate or private business) to benefit the bottom line! The information we input, in good faith, and analysis by the database owners, government security agencies sharing information, and subsequently sold if desired by corporate interests, can be used against us, leaving very little recourse on our part to challenge their decisions. Welcome to the new technocracy wrought by the World Wide Web.

    Do those who regularly partake of social media, Facebook, et al., being on all the time if desired, expect privacy as it used to be? Yes. How do we ensure this  happens? Encryption. et al. The author suggests using virtual private networks; disabling tracking cookies; turning off geo-tracking; securing your cloud assets and encrypting your email. We must expect our health records, banking information and personal electronic interchange be private. It’s not but should be!  Again, how do we ensure this happens as far as we possibly can? Bruce Schneier, as does the author, suggests ways in how to do it but in a democratic society we shouldn’t need to. Yet we are talking about the World Wide Web are we not?

    The author has written a well researched/documented article on an important topic crucial to who we are in a free, technocratic or cyberspace, society but ‘sinister’ forces are present, whether internal or external, that we need protection from. This how-to article is important in helping us do this to the best of our abilities.

Leave a comment