Someone's watching you
17 Mar 2021Go grab your tin-foil hat it’s time to talk about surveillance online in the modern internet.
This post is rather long but sums up some of my opinions on the web and world at large at this time. A lot of this is probably me shouting into the void but let’s get started all the same.
Claiming you are being watched might seem quite paranoid and egocentric but it is the truth. Every moment of your online life is being logged away in numerous databases by numerous entities, it’s being analyzed, scored and evaluated.
Who’s Watching Me?
Social media sites and applications like Facebook, Twitter, Instagram and TikTok are obvious examples. You post information about yourself onto them and they are filed away forever in their deep databases. Your Tweets, Status Updates, photographs, videos, birth dates, likes, comments, views, view times and subscriptions are all collected and saved.
But other sites are collecting your information; GMail, Google Search and YouTube all collect a lot of information about you. GMail for instance has access to all your emails and their contents. YouTube knows what you are searching for and watching, even if you aren’t subscribed. Google Search track your search history and habits keeping track of all of it.
It’s not just big tech companies and applications that track you. Your internet service provider (ISP) keeps track of all the websites you visit, the amount of data you send and receive and from who/where.
Governments themselves monitor their citizens use of the internet and world wide web. The NSA and GCHQ being obvious examples but all countries have their own equivalent agencies. This includes listening to and collecting public traffic, both encrypted and plain text. Emails too are often sent in the clear online and can be collected. SMS traffic is even collected and stored. For more information on such a search for terms like XKEYSCORE, PRISM and ECHELON, or looking into Edward Snowden and Julian Assange will give you reams of information to read.
Advertisers track you across your use of the web. They embed cookies, code and other tracking devices on websites containing their adverts. Devices that allow them to uniquely distinguish you amongst the crowd and better target advertising at you.
There’s an old adage that is often thrown around in regards to companies giving you things for free that springs to mind:
If you’re not paying for the product, you are the product.
Whilst a massive oversimplification this statement rings true in many
situations.
Let’s pair it with another related adage:
If something seems too good to be true, it probably is.
If you see an app, website or service claim to offer something “for free” you should always keep these 2 statements in mind and ask the following questions:
- Why is it free?
- Who are they?
- What do they gain from giving this away for free?
Often the answer to the last question is: data about you!
Why Should I care?
So we can agree that there are a myriad of parties collecting data about you. That is a non-controversial fact unless you have been living under a rock for the past 20 years. But why should you care?
An often thrown around answer is Privacy. And it is true that if you value
your privacy you will care about such things. After all, what business is it of
Government to know what music I listen to on Spotify or why does Facebook need
to know where I am at all times?
Most people will agree that privacy is important but many are very willing to
give away some of their privacy in exchange for access to some services.
For instance, Alexa, Siri and Google Home all listen to you 24/7 but many are
happy to have such devices and applications installed for the conveniences that
they offer without considering their capabilities or what they could be
collecting.
Some people even cite the insipid statement:
If you have nothing to hide then you have nothing to fear.
Without realising the Orwellian undertones it implies.
To be clear, you may have “nothing to hide” now, but times change and things
you say now may become controversial at a later date and having them
permanently written down for all to see can be very damaging later in your
life as a result.
We see this with “cancel culture”, where an author or comedian may have
said something, perhaps even in jest, which was deemed non-controversial at the
time only for it to be dragged up years or even decades later and used as
ammunition against them.
I am certain that everyone reading this article will have done or said
something that they later regret and that, thankfully, has been exiled to the
annals of time, never having been recorded, but in an ever increasing online
word where everything is filed away and collated this will no longer be the
case.
Another reason I personally find such a statement to be dangerous is that it makes the claim that you should have no privacy, because having secrets or hiding things is automatically a bad thing. This is patently absurd. We all have secrets and we all have things that we think or say in private that we don’t want to share with everyone, that is normal, why should it be any different in your online life?
But privacy alone is not the only reason you should care.
Giving companies virtual monopolies of data is another.
Alone your information might not be very useful but collected with millions of
others it starts to become incredibly valuable. Knowing what a collective is
talking about online reflects what they are thinking about offline. Being able
to categorise people into groups becomes incredibly useful for marketing and
mass surveillance.
With access to mass information organisations can start to wield a lot of power
over people’s daily lives. Take for instance email:
Knowing who is communicating with who, how frequently and heavily allows you to
ascertain the relationships between individuals. This can be very useful when
put to good use, for example finding terrorist cells or criminal gang networks.
But such technology can be as easily used against the innocent.
Some non-western countries for instance make it a capital offence to be
homosexual or an
ex-member of a religion and such mass
surveillance technologies enable them to persecute individuals based on these
traits with ease.
The technology can even be used for personal gain. Take for example the case of
having interaction data about a vast cohort of people. From this information you
could easily ascertain when someone is having an extra-marital affair and then
use that information as leverage in a political or financial campaign (i.e.
blackmail).
Take the earlier example of a comedian saying something regrettable online and being tormented for it years later. Now realise that the same is true for government collected data. Currently you may not be a target of any kind of harassment but in a decade new opinions could become the norm and your previously recorded data now becomes a weapon to persecute you with. For example, say you signed a petition to have a certain government official sacked out of justifiable anger at a given decision that ultimately went nowhere. Years later after consolidating power such a petition could be used as a list of dissenters to persecute. Or location data putting you at certain establishments a decade ago could be used to insinuate an association with a now problematic group and guilt you by the association alone. Guilt by association doesn’t even need to be done by a government, we already see it happening in the media; someone may have been at a party with a now disgraced businessman’s partner and have accusation leveled at them for such, as Toby Young writing for The Spectator speculates in his article on how his name ended up in an address book alleged to belong to sex offender Jeffery Epstein.
Another much more insidious application of these social media apps and services is their ability to influence. With enough information about someone campaigns to change opinions can be incredibly targeted. We’ve seen this apparently happen with Cambridge Analytica, Brexit and Trump on both sides of each of those topics. Even without a targeted campaign social media sites are primed to maintain engagement and will tailor content to be similar to what you have already consumed. This can lead to an “echo chamber” effect where all you see are things that confirm your pre-existing biases or radicalise you further (this goes for both “far right” and “far left” viewpoints). Without exposure to polarising views discourse then becomes stunted with neither side in a debate truly understanding the other.
What Can I Do?
If you are still with me you might now be wondering what you can do about such issues. There are a few things:
First and foremost you can speak about them frankly and level your concerns. Talk to your politicians and company representatives about such issues openly and lobby for the change you want. Speaking to friends about privacy topics can help illuminate them on otherwise unknown issues.
Of course lobbying and petitioning politicians and businesses can only get you so far and may not be the most effective use of your time so there others:
Use Open Source Alternatives
There are now open-source alternatives to popular platforms than ever.
Things like Signal, Wire and Matrix make decent replacement for the likes of WhatsApp and other messaging applications while keep everything you say and share private.
The “Fediverse” replaces many traditional social media platforms with more federated alternatives. Twitter can be replaced with Mastodon. YouTube can be replaced by PeerTube, Dtube or LBRY (via Odysee if you don’t want to install anything).
You can set up your own “cloud” services with things like Nextcloud. Or use Syncthing to synchronise data between multiple devices replacing Google Drive and Dropbox.
Replacing data-harvesting search engines like Google and Bing with alternatives that are either open-source or respect your privacy like DuckDuckGo, StartPage and Searx helps prevent companies like Google from having a monopoly on the web and keeps your data safe.
Avoiding Web Browsers run by the likes of Google and Microsoft like Chrome and Edge and instead opting for alternatives like Firefox or Brave also helps keep the web diverse and stops Microsoft and Google from controlling web standards and monitoring you.
Limit the Information you put out Publicly and Privately
I get that it is not possible to just dump many applications and services. I still use a GMail for a lot of my email after all, still have a Twitter and Facebook (although seldom used). But there are still things you can do on these platforms to take back control of your own information:
Dig into how an application, device or service actually uses your information, inspect their privacy policy and evaluate how the device works. For instance I own an Alexa. I know it listens, but I also know what it listens for, an activation phrase; the word “Alexa”. If it does not hear this phrase it will not upload data to Amazon for analysis. Additionally there are hardware controls on my Alexa to deafen it and a slider to physically block the camera on it that I use, and I can segregate the device on it’s own guest network for extra security.
Limit the permissions applications have on your devices. Does Facebook really need access to your contacts? To your location whenever it likes? Does Twitter need access to the same?
Does Facebook need your accurate life information? Where you went to school 20 years ago? Do you need to list the City you live in on Twitter? Or provide all the personal details to a website it demands? Do they even need to be accurate? It isn’t a crime to lie to Facebook after all, and large corporations engage in misleading the public all the time so why treat them any differently than they treat you?
Do you need to add every passing acquaintance as a friend on Social Media? Does everyone in your friends list need to have access to every post you make? It is possible to separate people into groups on Facebook for example so your work colleagues don’t need to see your Friday night photos or quasi-philosophical quotes under your selfies.
Turn off the location tracking on posts on Twitter and Facebook, is it really something you want to share? Why is your exact GPS location at a given time something you want public?
Turn on the privacy settings in applications so that they require your approval to have information linked to you.
Think before you share online. Do you really want to share every passing thought? What does your post actually say about you? Do you actually care about the responses you get to it or are you simply fishing for attention or joining in on a trend?
Use Smaller or Local Services
Instead of gravitating towards corporations like Amazon, eBay or Facebook
consider using smaller alternatives.
In the case of buying things check out local stores, posted adverts in sites
like Gumtree or FreeCycle. Visit Carboot/Garage sales, local auctions, police
auctions, social network with friends directly, you’ll be greatly surprised
what friends of friends or family members have to sell.
Use Secure Password Credentials Online
Whilst not directly related to privacy, data breaches can cause the leak of a lot of private information including passwords so you should make sure you are not reusing passwords and are using secure and unique credentials for every site or app you use.
This may seem like a chore but there are applications out there that help you achieve this in a way that is not overly reliant on a third-party, for example KeePass.
Install an AdBlocker
If you’re surviving the web without an AdBlocker I feel for you. Advertising has become so pervasive and annoying that if you aren’t using an AdBlocker you are handicapping yourself online.
I recommend uBlock Origin (not plain uBlock!) for both Firefox and Chrome based browsers. It has sophisticated filters that deal with most adverts, and will save you bandwidth as a result. Brave has it’s own built in filters but I still recommend using a dedicated blocker.
Another useful addon is Cookie AutoDelete, which will automatically delete web cookies from sites you have not whitelisted greatly limiting the tracking potential they pose.
Others include Privacy Badger and HTTPS Everywhere that will help block trackers and force more secure connections respectively.
Use a VPN or Tor
I won’t go into huge details on VPNs but will say that they are a useful technology to help prevent your ISP from tracking your web-traffic as well as making your traffic much harder to track for governments. They route all your traffic out of one of their own endpoints. Generally to be really privacy focussed you would want to use a VPN that assures no logs of your traffic are maintained.
Those really paranoid about privacy online often will also use Tor, a technology that will attempt to route all your traffic through a series of anonymously run nodes in an attempt to completely anonymize it.
The Internet is not Real Life
Lastly I just want to remind you that the you need to remember that the Internet and web are not real life.
Your Social Media profiles, emails, the satirical web-comics you read and videos you watch are only as real as you allow them to be. Treat them as such and remember you have ultimate control over what you share online, along with how you feel about what you see online. Nobody is forcing you to sign up to Facebook or post pictures of your life on Instagram. Don’t compare yourself to the often half truths you see people posting online, and don’t believe everything you read in any media, social or otherwise. Remain sceptical and question everything.
Comments