Expect Better

Posted on February 9, 2014
Tags: personal information control privacy

Tim Lavoie

Current Chatter

Privacy issues have stirred up a lot of visceral reactions lately. Edward Snowden’s still got info trickling out through the usual journalistic filters, and we continue to be shocked at the extent to which our laws have been cheerfully ignored or bypassed at every opportunity. The Olympic games are going on at Sochi right now, and while the privacy concerns tend towards amusing pictures of bathrooms with toilets with friends, the Russians have done themselves no favours by tinting the games with their homophobic policies. As such, enough people are concerned about how they’re watched that NBC has gone off and done a hysterical (and fake) story about immediately getting his system compromised by turning it on at Sochi.

One way that some people have responded is to try to avoid online services to a greater extent. Thinking about what you are getting for what you pay (or don’t) is healthy; you look at what these companies do for you, how they make their living, and you can reasonably infer a certain amount when it comes to why they do certain things. If Facebook constantly make choices which lead you towards over-sharing, it’s because it provides a wealth of sticky content to get your buddies clicking links and getting ads served in the meantime. It’s even better for them if you keep your privacy settings as open as possible, so that that “Hotel California”-style of inward-facing links is available (with the ads again) to as many eyeballs as possible.

Misplaced Blame

I suggest however, that knee-jerk over-reaction is not going to be especially helpful. Take for example, Ev Bogue’s Gmail embargo. In it, he states that Google is keeping too much info about anyone using its services, and feeding it all to the NSA. For this reason, he has decided to disconnect with anyone communicating with him from a Gmail address. I believe that this is somewhat misguided, at least for the reason stated, based on the evolving picture coming from the Snowden file. While early leaks stated that the NSA and its friends in other countries were getting vast amounts of data about us all, they didn’t get into how that came to be. Of course, it is easy to jump straight to paranoia, and assume that the easy route is that it is simply handed to them on a platter.

What we can understand now is that these companies are, where they are involved directly, responding to the legal demands placed upon them. Not only do they have to cough up certain things, but they get gag orders placed upon them as well to prevent disclosure of who, how many and when these targeted information “requests” take place. For this, we must blame the nightmare which is the Stasi-wet-dream that we call the current legal framework that creates this scenario. The companies involved aren’t happy about it, and are spending real money trying to fight legal battles to minimize exposure and to be able to talk about it.

It turns out that much of what we thought was being handed wholesale to the intelligence agencies is actually stolen by them. Interception of private fibre traffic between data centres was being used to vacuum unencrypted traffic which Google and others reasonably believed to be their private environment. Their reaction was appropriate, in that they’re now working to get this internal traffic encrypted.

Back to the “why” factor, it is in Google’s (and Twitter’s, and others’) best interest to work with us, and for us, to protect our information. Simply enough, it goes back to their revenue stream. If you can accept the premise of their services though, there is some use of our information to provide ad targeting, for which they make more money. You may decide that that is reason enough to avoid them, and that’s your perogative. Being big makes them more attractive targets for interception too. What does not makes sense though is singling out one company of many, when they are actually pushing fairly hard to do a good job at a technical level. Google has pushed out such things as always-on encryption for its Gmail service (when faced with apparent Chinese attacks), two-factor authentication for securing your login, and a pretty decent browser which helps to raise the bar for our expectations when it comes to being functional, reliable and secure.

What to Do?

If you can’t accept Google’s raison d’etre, that being an ad company with associated search and other services, well, don’t. Voting with your wallet is always an important consumer-level decision to be respected. Be consistent though, and apply the same standards to whatever you do end up using.

Do I use Google stuff? Sure, but less than I used to, and mostly do host my own email and other services now. It’s on my terms, with what and how I choose to share. Ditto with Twitter, and even more so with Facebook. I’ll use their browser when it suits my needs, but it isn’t my default, since Mozilla’s Firefox is created by a non-profit organization which emphasizes privacy in the big picture.

Make sure that your choices are informed ones.