Privacy on the Internet

I’m a historian, not a whistleblower (Edward Snowden), activist (Julian Assange), or novelist (George Orwell) with expertise on privacy. Although I have no specialized knowledge to offer that you couldn’t find anywhere else on the Internet, the information I have gathered together here might help students, colleagues, and other ordinary people to manage risks and make informed decisions about their privacy. Often in academia, especially in the humanities, we (I include myself) lag a little behind others in terms of technology, and I’d like to see that change. Skip to the end of this post for six concrete and easily-implemented methods for protecting your privacy.

Why Do I Care?

I initially became concerned about my privacy after it was compromised. Technically speaking, I suffered from “security” breaches, but I think the two concepts largely overlap in the context of the Internet, and from my perspective, when employees, state-sponsored hackers (in the US or elsewhere), and others are “legally” or illegally rummaging through my data, it sounds neither secure nor private. Below are my experiences (a complete list including password thefts would be several times as long because it has become commonplace nowadays):

  1. Health Records: I received a letter a few years ago from my old university that informed me about the theft of my health records. I didn’t think much about it at the time, and even if I had become concerned, I suppose there isn’t a whole lot that I could have done to force other people to keep my data secure. I think the university was compelled to inform me because of HIPAA, but what was the point if I couldn’t do anything about it and there was no cost to them for failing to protect me? Breaches appear fairly common, but enforcement of penalties seems spotty, and focused mainly on malicious acts.

  2. Gmail and Amazon: The health records incident was followed a year or two later by the hacking of my Gmail and Amazon accounts. It was quite a crafty attack that took me a while to figure out (embarrassingly), and I only discovered it in the first place through dumb luck. I was able to get the credit card charges reversed, and (as far as I know) no harm was done. This time I decided to do something to protect myself, and I got more serious about password protection (see LastPass and other password services).

  3. Dropbox: Strong passwords weren’t enough, though. The proverbial straw that broke my back was the Dropbox incident that made everyone’s accounts accessible to anyone. I don’t know if anyone actually accessed my account during that window of opportunity, and I haven’t seen any harm done (no one appears to have stolen my intellectual property and published articles or books on sixteenth century Japan with it!), so I guess you could say that I was lucky again, but I developed a better backup plan (no more relying so much on Dropbox for backups), and became more wary of the cloud.

The Dropbox hacking incident and a worrisome change in Dropbox’s terms of service a few days later (this came on the heels of allegations that Dropbox had been lying all along to customers) got me thinking seriously about privacy, and I read other scholars who were raising red flags about privacy at the time, but up until 2013, thinking is about all I did. Sure, I was aware that most of the attacks on our privacy go unreported, if they are discovered at all. I also heard rumors on the Internet about the NSA’s Room 641A and bold attacks on major companies by state-sponsored hackers. However, the concerns sounded far-fetched to me. I figured that I had taken reasonable measures to protect myself.

I was wrong. After the Snowden leaks, it has now become pretty obvious that anything leaving my computer over the last few years was probably “public,” especially considering the fact that I communicate a lot with people in foreign countries. I am not doing anything illegal, and it is unlikely that my research on sixteenth-century Japan is in high demand among our state-sponsored hackers, but I don’t think I should have to abandon my privacy to use the Internet.

Why Should You Care?

Eric Schmidt (the CEO of Google) seems to think you shouldn’t. You may have heard him say that you have nothing to fear if you have nothing to hide. When Facebook founder Mark Zuckerberg removed all of our privacy settings one day, he explained it by saying this: “we decided that these would be the social norms now and we just went for it.” NSA chief Keith Alexander puts it this way: “Far from imperiling civil liberties and privacy, the tight links between the NSA and our growing cybercapabilities help to ensure professional, sober and accountable consideration of potential impacts from our operations.”

In contrast to the cavalier attitudes about your privacy expressed by business leaders, and the belief by government leaders that your (lack of) privacy is just fine as it is, security expert Bruce Schneier has written a persuasive essay on the value of privacy. The Guardian has a clear and fantastically designed page about how this privacy stuff affects us. A recent documentary entitled Terms and Conditions makes a compelling case for rejecting the perception of privacy that Google and Facebook have been promoting. For a bit of humor in explaining why you should care about Facebook’s attitude towards privacy, see the video below by the Taiwan-based TomoNews:

Should We Expect to Have Privacy?

Computer scientist and “father of the Internet” Vinton Cerf does not seem to think we should expect privacy. He has boldly suggested that privacy may actually be an historical anomaly. The implication is that we should not feel entitled to it. The CEO of Sun Microsystems, Scott McNealy, went a step further and declared that privacy was dead more than a decade ago, saying “You have zero privacy anyway. Get over it.”

I’m confident that Cerf is wrong about the history of privacy (see this post by Omer Tene, for example), and I hope that McNealy is incorrect as well. I’d like to think that we can still do something to protect ourselves. There are people who say we can carve out some privacy for ourselves (though not 100%), and even within our surveillance society there are organizations fighting for our right to anonymity. Omer Tene and Jules Polonetsky have an insightful article entitled “A Theory of Creepy” that attempts to explain why we have failed to recalibrate social norms and laws in a quickly changing environment, and, amongst other things, argues forcefully against a kind of technological determinism that fails to distinguish between what we can do and what we should do. Perhaps a shift of thinking about privacy will bring some improvements.

The Stakes Are High

First, it has become extremely difficult to communicate privately with anyone using digital means. Consider the case of Ladar Levinson, who recently shut down his encrypted email service and left a disturbing post on his website. He is arguably an expert on email systems, and he has abandoned email entirely, ominously saying “[i]f you knew what I know about email, you might not use it.” We all know about the state-sponsored hacking of email in the U.S. that ended the career of the country’s top military leader. In addition, the privacy threats undermine our right to free speech and our reliance on a free press to keep us informed. Reporters at the Guardian have developed methods to keep data secure, but can ordinary people like you and me realistically expect to work that way as well?

Second, the lack of privacy protections affects other communities dedicated to the public good as well. Revelations about the lack of privacy and security have already had a chilling effect on free speech. A dean at Johns Hopkins attempted to require one of the university’s faculty members (Matthew Green) to un-publish his thoughts about the NSA, and threatened legal action if the professor did not comply (the dean later apologized). Paralegal Pamela Jones, the founder of Groklaw, abandoned her site for the FOSS (Free and Open Source Software) community after Ladar Levinson came out with his warning about email. We have just lost a major voice for the open source community, and we don’t know how many other honest dissenters have been suppressed by this need for self-censorship.

Third, unsuspecting users are being drawn into the surveillance net, and we have no idea what implications the accumulation of data on U.S. citizens will have for the future. Sue Scheff has issued a chilling warning to parents that many schools are paying for Google services with your child’s privacy. Microsoft has launched a well-publicized “Scroogled” campaign attacking Google’s data mining practices, but this is a little like the pot calling the kettle black considering Microsoft’s own treatment of our data.

For educators, privacy is especially important to consider, because we are the “custodians” of our students data, and we have obligations under FERPA (Family Education Rights and Privacy Act) to protect it. Some major institutions have decided that popular cloud services such as Evernote and Dropbox are not considered compliant, and Dropbox itself states that it is not FERPA compliant. As I understand it, this means that if you grade student papers and have them in Dropbox (some of the iPad apps for annotating PDFs will automatically backup the data in Dropbox), or if you you have student grades in an un-encrypted spreadsheet in Dropbox, then you may be in violation of FERPA. I doubt anyone is in danger of having the government punish them for the government’s own aggressive data collection measures, but shouldn’t we also be thinking about the spirit of the laws? After all, once the data is out of your control, there is no way to get it back for our students.

Is [Fill in the Blank] “Evil?”

I want to be clear that I am not criticizing the people or organizations who helped to construct our current surveillance society. I’m not, for example, suggesting that Google’s Eric Schmidt, Facebook’s Mark Zuckerberg, or the NSA’s Keith Alexander are “evil” or operating illegally. In fact, they probably do believe what they are saying about privacy, they are doing what they think is best, and they are attempting to follow the law. They certainly have a right to their opinions.

It’s just that I happen to strongly disagree with them. Ideally, we will all become more conscious about privacy and support leaders (lawmakers, software engineers, and businesspeople) who will work to protect it. We need to take our privacy seriously if we want to see see changes in the way it is handled, and we have to talk about it more so that people become aware about what is happening to them. I’m glad to see that people are organizing for change and pushing for better legal protections.

What You Can Do Today

The suggestions below are meant to give you some ideas about how to start taking control of your data. Don’t worry. You don’t need to master technological methods of a evading detection and become an Anonymous hacker. You also don’t need to put on your tinfoil hat, go off the grid, and hide in a cave for the rest of your life. There is nothing wrong with trading some information about yourself in order to use Google, Facebook, or any of the many other wonderful technological tools we have at our disposal. However, as I mentioned in my previous post on security, I do recommend putting some thought into what you give them (a picture of your dog might be OK, but not one of you passed out on the sidewalk) – you trade privacy for convenience when you use the Internet, and it is best to minimize the risks. Take a look at this handy threat chart to get a sense of what methods best fit your situation.

  1. Re-Examine Your Relationship with Facebook
    • Some people stop participating in social networks, but I still keep a Facebook page, because I like the idea of staying in contact with friends and family around the world, and I appreciate how easy Facebook makes it for me to do that. I confine my activity to congratulatory messages and so forth to friends and family. When I want to have a conversation with someone, I call or send an email.
      • Photos: I uploaded photos of my dog to Facebook a long time ago before they modified their privacy policy (who could resist posting such cute photos?), but I haven’t uploaded anything since then, and I doubt that I will upload anything to the service again.
      • Logging Out: Of course, I always logout immediately after I finish using the site. Otherwise, you are telling Facebook and other companies everything you are doing on the Internet.
      • Privacy Settings: I am sure that my ideas above are a little too restrictive for many people, so I recommend you at least avail yourself of the limited privacy “protections” Mark has given us, with the understanding, of course, that he may decide to fiddle with them at any time, and it is not really “private.”
  2. Re-Examine Your Relationship with Google
    • Email: Until I find an alternative to Gmail, I periodically empty my account by downloading all of my emails. Although this probably isn’t very effective at protecting my privacy, it might at least prevent some data mining or government snooping.
    • Google Services: It is difficult to work efficiently and not use Google tools. I was an early adopter of GDrive, GoogleDocs, Google Chrome, and other wonderful Google products, but I no longer feel comfortable sharing so much data with Google, and besides Gmail, the only Google services I regularly use relate to search: Google, Google Scholar, and Google Books. As an educator, I do not think you can legally store records in GDrive, because it is not FERPA compliant (see the University of Minnesota’s comments on this), so this is something else to keep in mind.
    • Google Chrome: I recommend regularly clearing your search history and using “Incognito” mode (or your browser’s equivalent) to avoid feeding companies (not just Google) your data.
  3. Change Your Browser to Tor
    • The U.S. military developed Tor (“The Onion Router”) as a method of directing Internet traffic through relays around the world in order to make government communications more secure. For regular people like you and me, it protects us from traffic analysis. Download and install the free Tor browser bundle to start using it. It works a lot like your regular browser, but it is a little slower, and sometimes links or features of websites (embedded videos) don’t work quite right (you may still occasionally need to use another browser). It’s not perfect, but if you don’t mind the slight inconvenience, why not browse anonymously?
  4. Use a VPN (Virtual Private Network)
    • A VPN can offer you privacy. When you use a VPN, your home location is protected from identification (useful against stalkers), all of your internet communication is encrypted (necessary in public wi-fi locations like coffee shops), and you do not have your access modified / restricted / blocked just because of your IP address. In addition, if you prefer not to allow your ISP (Internet Service Provider) collect and store data on all of your web traffic (Comcast and others do, but they seem to hold onto the data for different lengths of time), then a VPN is the way to go (all your ISP sees is the address of the VPN gateway and nothing beyond it). Make sure your VPN service doesn’t log your traffic, though – what’s the point of using a VPN service if it does? You can use Tor and VPN together, or separately, depending on your needs. SpiderOak has an informative blog post on the difference between anonymity and privacy in the case of a VPN, and the limits of the protection you can expect from using one.
      • Free: For a convenient free service that you might want to have on hand when you are in public wi-fi locations, see TunnelBear.
      • Paid: If you are willing to pay for privacy, I recommend Private Internet Access because it is inexpensive, it doesn’t log your traffic, it has many VPN gateways, and it seems to be relatively speedy. Whether you choose a free or paid service, I think it is a good idea to use some kind of VPN to protect your privacy.
  5. Use A Cloud Service With Zero-Knowledge Encryption
    • Dropbox encrypts your data (good), but they have the keys (bad), so they have to turn over your data to authorities when they receive a request, and they don’t have to tell you when they do it. This also means that the lock and the key are stored under one roof (not yours), which doesn’t strike me as a terribly good policy. In addition, educators (like myself) are not permitted to use Dropbox for educational records because doing so would be a violation of FERPA. For more robust (and FERPA-compliant) protection, I recommend a service that encrypts your data, but doesn’t have the key to unlock it (zero-knowledge). Even if employees or hackers (private or state-sponsored) want to take a look at your stuff, all they will find are encrypted blocks of data. I am using SpiderOak.
  6. Turn Off Location Services on Your Phone
    • Many smartphones collect detailed location data and send it back to app developers. Turning off the data tracking will put a stop to this, though you will have to trade some convenience for privacy. I only turn mine on when I am using the turn-by-turn directions with GPS in my car. Otherwise, why report all of my comings and goings to Google (or anyone else who has received permission to track you)?

Where Can You Find Out More?

The Electronic Frontier Foundation (EFF) has launched the Surveillance Self-Defense (SSD) project to educate U.S. citizens about their rights and measures they can take to protect their anonymity. I highly recommend reading through it to get a better sense of how you can adapt your behavior to gain control over your data.

There are also plenty of books and articles on the subject of surveillance and privacy. Here are a few to get you started.

Where Should We Go From Here?

Personally, I think there are incentives for protecting our privacy, and I hope that lawmakers and business leaders will consider them. Changing laws that undermine privacy and anonymity or avoiding them altogether would foster growth in secure cloud services. Currently, the laws discourage users with sensitive data from putting their data into the cloud.

For companies in the private sector, there are certainly people who are willing to give up their privacy for free or less expensive services, but there are also plenty of people who would like their privacy protected, and are willing to pay for it. I think there is a strong demand for more services like SpiderOak, which structures its entire business model around protecting our rights — privacy isn’t just mentioned in a policy, but is instead one of the primary “features” of the service. In addition, companies are increasingly being recognized for the progress they are making in terms of privacy. I hope, and expect that we will see more of these services in the future, something which will be a win-win scenario for cloud providers and users alike.

Ultimately, even if legal challenges to the current surveillance system succeed and the NSA is officially bound by law to curb its activities, unofficially it might flout the law or devise bizarre interpretations of restrictions in order to pursue critical national security interests. More importantly, other countries and non-state actors will be able to continue operating without such restrictions. Whatever happens going forward, there is clearly a need for more security and I hope more cloud providers will develop business models that will meet this demand. Ideally, revelations about the NSA’s activities and the debates that have ensued will prompt us all to take privacy and security more seriously.