Understand the Evolving Online Privacy Landscape
Having acquainted you with what private data of yours may be at risk and to whom, I wanted to step back for a moment and look at how the online privacy story is changing—partly for the good, but mostly not.
I wish I could tell you that you can take a simple series of steps that will protect all your private data forever. I wish, especially, that I could tell the people who read the first edition of this book back in 2013 that the steps they took then are still sufficient. But online privacy is a moving target, and even within the past year things have changed dramatically. You can’t treat privacy as a set-it-and-forget-it thing. You must remain informed and vigilant.
On the plus side, there has been some good news in the last year. For example:
Stronger privacy laws have come into effect; see Privacy Laws Are Changing, later in this chapter.
More and more websites use SSL to encrypt connections by default; see Use SSL If Possible.
Google stopped scanning Gmail to help it target ads (which I would have said is right up there with flying pigs and frost in the underworld in terms of likelihood, but it happened all the same); see Gmail Stops Scanning Email.
But the challenges are even more numerous, and I want to catch you up with the latest facts.
I’d like to begin, if you’ll indulge me, with a brief sermonette about the rampant addiction to free stuff and what that has to do with your privacy.
The Curse of Free Stuff Continues
Although the web’s overall financial model looks approximately the same now as it did 20 years ago—from a distance, if you squint—the details are different. Now there’s much more “free” (that is, free-with-ads) stuff: not just content but also apps, data storage, online services, and much more. And we’re not paying for this stuff with only our attention (i.e., looking at ads). We’re paying for it with our privacy. So ruthless and greedy are the purveyors of online content that transparency, ethics, and legality are routinely ignored. For many of them, only ad dollars matter, and the less privacy you have, the more ad dollars they have. You can see where that leaves your private data.
As the oft-repeated saying goes, “If you’re not paying for it, you’re the product.”
But part of that is on us. We, the billions of people who use the internet every day, repeatedly and voluntarily give up our privacy—or other people’s privacy—to avoid paying for things. Whether our reward is greater convenience, no-cost tax preparation, or even a free pizza, we’ve all convinced ourselves that the exchange of privacy for free stuff is not only normal, it’s inevitable. We do it because that’s what everyone else does, and because we don’t realize we have a choice.
And then there comes a moment of discomfort, when that deal turns into more than you were bargaining for. Someone steals your money or your identity, harasses you online, or threatens your livelihood—all because some of your data got into the hands of a party you never dreamed would have it. You can try to control the damage, but Pandora’s box is already open. It’s happened to millions of people, and it can happen to you too, if it hasn’t already.
That’s the cost of free.
I get shocked looks when I tell people that I actually pay for email, software, data storage, and more. Yes, I could get it for free, but in my view, the cost (in privacy) is too high.
You may be reading this book because you realize you’ve made a Faustian bargain and you want to extricate yourself from it before it’s too late. I applaud and support that effort! Just remember: the relentless push to extract private data for free things will only escalate. It takes effort, courage, and dedication to say no to “free” things that cost you your privacy and say yes to good old-fashioned paying for stuff.
Major Data Breaches Are Increasingly Common
I remember when a data breach that exposed thousands of records (email addresses, passwords Social Security numbers, phone numbers, or other private information) was shocking, front-page news. And yet in the past year alone, I’ve heard of several breaches involving hundreds of millions of records each, and these are barely a blip in the day’s news. They’ve become that common. What’s more, we all know we’re powerless to prevent them. All it takes is one bad actor, or one small programming error, and even the largest collection of data from the most important institutions can become public.
Although each major data breach results in remedial action to prevent the same thing from happening again, the volume of data big companies have about each of us and the complexity of the systems they use make it inevitable that more and worse breaches lie ahead.
Hardware Is Being Compromised
You may recall, from a couple of years ago, a big hullabaloo about vulnerabilities known as Meltdown and Spectre. These were different from the garden-variety bugs and weaknesses that affect operating systems and apps, because they exploited subtle flaws in the design of microprocessors themselves. That made them harder to detect and much harder to fix. Software patches worked around parts of the problem, but a complete, genuine fix required a redesign of the faulty chips. Because zillions of devices use the old chips (and can’t be retrofitted with new ones), the problem can’t be solved definitively until all the products that use the affected chips have become obsolete and are no longer in use.
This pair of issues is just one of a growing list of attacks on hardware.
There was also a much-publicized story alleging that servers destined for big companies like Amazon and Apple had been covertly fitted with tiny chips that enabled Chinese spies to access their data remotely. Although that story has not been independently confirmed and is widely believed to be false, the fact that it didn’t happen doesn’t mean it couldn’t. It’s absolutely plausible that some company within the supply chain of a major manufacturer could alter the hardware in a nearly undetectable way that compromises the privacy of its users. And, for all we know, that hardware could include consumer products like your home Wi-Fi router.
My point in bringing this up is that the people who are after your private data are becoming much more sophisticated in their efforts, and much harder to avoid.
Big Data Is Harder to Get Away From
I’ve mentioned Big Data already and will mention it again. What many people don’t realize, however, is the extent to which a handful of giant tech companies have their hands in your data—even if you never deliberately visit their sites. That’s right: Amazon, Google, and other companies regularly gather information about you even if you are unaware of any involvement with them.
In an epic six-part series at Gizmodo, reporter Kashmir Hill detailed her six-week experiment to simply go about a relatively normal life but without using any services from Amazon, Apple, Facebook, Google, or Microsoft. The entire story is both fascinating and infuriating, and it may lead you to form somewhat different impressions of the five companies in question.
But the main thing I want to point out is that thousands of other companies rely on infrastructure provided by Amazon, Google, and Microsoft for their own services. For example, Netflix and Slack use Amazon’s cloud platform to provide their services. And although that does not mean that Amazon knows everything in your Netflix queue just because Netflix relies on Amazon’s servers, it still shows how interconnected and interdependent the tech world is. And I wouldn’t blame you for worrying that an as-yet-unknown bug or vulnerability in Amazon’s system might have privacy implications for the many companies that rely on it.
Then there’s Google. Google isn’t just a search engine; it’s a provider of email, document storage, videos, maps, phone service, and numerous other capabilities. Forget, for the moment, the back-end Google computing tools other developers can use; what all these public-facing services have in common is Google’s legendary contextual advertising—that’s how Google makes money. And the more Google services you use, the more personal data the company has about you that can be used to target ads with ever greater precision. Make no mistake about it: every search, every YouTube video viewed, every Google Maps location visited contributes to Google’s personal profile on you, to be used for the express purpose of targeting ads.
You can use other search engines and email providers, buy a non-Android cell phone, and watch videos on sites other than YouTube. But it’s nearly impossible to avoid Google altogether (though some people try). By all accounts, Google works hard to prevent your personal data from falling into other companies’ hands—after all, that would be giving away the store. But will Google be able to protect your data from everyone, forever? And can you trust Google itself not to be evil with your data?
On one hand, it’s not in Google’s best interest to alienate its users. On the other hand, Google is a giant corporation whose primary mission is to increase shareholder value, not to protect your privacy. If push came to shove, I’d have to guess Google would choose profit over kindness. And, even the best-intentioned companies sometimes experience security breaches that leak personal data.
Even if you implicitly trust Google, you should be aware of the massive amount of information most of us give Google for free—and remember that there’s always a cost somewhere. You should also review the privacy settings on Google’s My Account page to make sure that, to the extent permitted, you’ve opted out of any data collection activities you don’t want to participate in.
And, of course, you shouldn’t think other companies with comparable services (Microsoft, Yahoo, and so on) are fundamentally different. The more data any company has about you, the more power they have—and the greater the risks to your privacy at their hands.
To end on a more positive note, all the evidence I’ve seen so far indicates that Apple is in a much different (and more trustworthy) position. Yes, they’re a gargantuan tech company, and yes, they collect some data about you as you use their services. But uniquely among the tech giants, Apple derives little revenue from advertising—their income comes mainly from sales of hardware (like iPhones and Macs) and services (such as Apple Music and iCloud storage). In addition, Apple has the strongest privacy story of any of the big tech companies. I won’t say they’re perfect or even close, but I’d trust Apple to keep my data private long, long before I’d trust Amazon, Google, or (especially) Facebook.
Privacy Laws Are Changing
In 2018, the European Union’s GDPR (General Data Protection Regulation) took effect, which occasioned all of us getting a bunch of email messages asking us to read and agree to new privacy policies, and a huge increase in warnings about websites using cookies. But behind those surface features is a huge change in how companies that do business in Europe are required to treat their customers’ privacy, as well as far greater control by EU residents in how their private data is handled. (And, because so many companies do business worldwide, it’s often easier for businesses to make global changes in their sites and policies, which bring many if not all of the benefits of GDPR to customers everywhere—not just in Europe.)
Although making the changes required for GDPR compliance were onerous for a lot of businesses (I speak from personal experience here), the net result is very good for everyone. This new regulation has teeth, and some major fines have already been imposed on businesses that have violated it.
The same year, my home state passed the California Consumer Privacy Act of 2018, the most rigorous data privacy law in the United States. As with the GDPR, the existence of this law has resulted in many companies changing their privacy policies and practices nationwide or globally, because it’s easier to do things the same way everywhere. Other states and countries are in the process of considering their own new or improved privacy laws.
In general, the thrust of new laws like these is to force businesses to be more transparent with consumers about what data they collect, when and how they do so, how they use that data, and who they share it with. It also gives consumers more control over finding out what personal information companies know about them and, in some cases, removing personal data from online databases.
But laws are one thing, and actual behavior is something else. As hopeful as these new regulations may be, they haven’t led to a sudden decline in data collection or sharing, a decrease in targeted advertising, or an overall improvement in customers’ privacy. Those sorts of changes, on an international, national, or even institutional level, will take a long time. Baby steps.
What About Privacy Policies?
Almost every website and internet service has a published privacy policy (especially now that GDPR is in effect), and I’d think twice about using a site without one. Privacy policies spell out what data the company collects (particularly personally identifiable information), how it’s used, what protections are in place to safeguard it, and so on.
Privacy policies, like software licenses, are typically full of boring, inscrutable legalese. They might be good for curing insomnia, but they’re not exactly page-turners. Even so, you might find it interesting and educational to read the privacy policies from a few sites you visit often. As you do, keep the following in mind:
Although a company may be legally obligated to publish a privacy policy stating how it uses your data, it’s not required to have a policy that protects your privacy. A privacy policy could state, “We ruthlessly collect every scrap of personally identifiable information we can find about each user and sell it to the highest bidder, with malice aforethought.” So, don’t mistake the presence of a privacy policy for a pledge of privacy.
For example, did you know that when you use the Venmo mobile payment system to send someone cash, every transaction is, by default, published right on the site’s homepage? It is. You can opt out, but only if you’ve read enough of the privacy policy to understand that this is a necessity, and you’ve found the switch (on Venmo’s Settings > Privacy screen) to do so.
Privacy policies sometimes contain cleverly worded loopholes—and policies could be updated without your knowledge to become less protective of your personal information.
However strict and commendable a privacy policy may be, it is, at best, only a policy—not a barrier. A company may say it stores your data in a secret mountain fortress protected by a dragon, but does it have a contingency plan in case a hobbit shows up with a magic ring and a bunch of dwarfs? These things happen.
A privacy policy does not, by itself, have the force of law. If you can prove that a company violated its stated policy, you might be able to win damages in a civil lawsuit. But that can’t prevent, undo, or correct a breach of privacy.
I wouldn’t want to do business with a company whose privacy policy admitted to practices I disagree with, and I’d rather know about such things up front. But even a fantastic privacy policy is no guarantee.
Your Own Privacy Is Only Half (or Less) of the Problem
It’s easy to fall into the trap of thinking of online privacy as a personal thing, as though your privacy is entirely dependent upon what you do or don’t do. In fact, nothing could be further from the truth. A huge part of the challenge of online privacy is that for any information transmitted over the internet, at least two parties have access.
If you send me an email or text message, we each have a copy. If you fill out a form on the web, you and the company running the server both have the information you entered. If you share a file with me, we both have a copy. And so on. No matter how carefully you control your own copy of such data—for example, making sure every copy of a file (including backups) is safely encrypted—you can never control what the other party does with your data.
Likewise, you’re responsible not only for your own private data but also for the private data of your contacts. Even if you don’t care about personal consequences from having someone observe, hack into, or steal your data, there could be severe consequences for other people. The contents of your address book, email, calendar, and so on may contain personal data about your friends, family, and coworkers that could damage them if it got out—and even if they themselves are strict about safeguarding their own data. There’s also the matter, as I mentioned in Things You Might Want to Keep Private, of sharing your genetic data with DNA testing services, in that the information you provide can also reveal a lot about your relatives—for better or worse.
And, of course, there may be much more than one other party with access to any given data—for example, you, the other party in an email exchange, both ISPs, both email providers, multiple online backup services, and so on.
There are some partial exceptions to this rule, such as messaging services that delete all traces of a message from both parties’ devices as soon as it’s delivered. (Cue Mission:Impossible soundtrack!) With effort, it’s possible to increase the odds that certain types of data will remain private even once conveyed to another person—as long as the other party doesn’t speak, write down, or take a screenshot of what you said. But for most types of data, and most situations, that’s not feasible.
Although this may seem a depressing state of affairs, I call your attention to it in the hope that it’ll encourage you to be more thoughtful about what information you share online and how you protect the information others have shared with you.
See How Bad Things Are
This is going to hurt, and you’re not going to like it at all. But for your own good, I suggest doing a mini privacy audit of yourself, just to get an approximate sense of how things stand today. I’m not talking about anything formal or detailed, just something like this:
Google yourself. (Yes, use Google, not a more-private search engine, because the point of the exercise is to see what the world’s biggest search engine knows about you. Page through the first few hundred results and see what you find.
Check for leaked credentials. Go to Have I Been Pwned?, enter your email address, and see if that address has appeared in any major data breaches. Do you have several addresses? Repeat the search with each of them. Every hit means a password of yours that the bad guys might know.
Search for yourself at a data broker or two. Pick a data broker (see Purge Your Info from Data Brokers)—for this experiment, Intelius is probably a good choice. Enter your name and other pertinent information and do a search. See what data they already have about you—and remember, any or all of it may be wrong!
If you’re like most people, you’ll be unhappy about what you find in these searches. You may find true facts that you didn’t think anyone else would know, as well as blatant errors. You might find out that people have said some extremely unkind things about you. You might find that a simple (or even embarrassing) password of yours is public knowledge.
I don’t want you to be unhappy, but I do want you to have some real-world information to help guide your decisions. With this data in hand, spend some time reflecting on how willing you are to continue giving up privacy (or your friends’ privacy) for free stuff. If you feel motivated to take action—and I hope you do—you can start right away. That’s what the rest of this book will help you to do.