BY STEFFAN HEUER AND PERNILLE TRANBERG
It’s been roughly a year since we launched our call to arms in this series over the steady erosion of privacy for consumers and citizens, and the reasons to practice digital self-defense have only grown more compelling. Companies from Facebook to Google consider your data a free-for-all, and lawmakers are slow to step up and draw modern boundaries to tracking and mining your identity. This week’s vote by the E.U. Civil Liberties Committee to finally tighten data protection rules and create a right to erasure is a long overdue and encouraging step in the right direction.
That’s why we keep advising anybody who will listen to “fake it”—by signing up to services you distrust with as few personal details as possible, using pseudonyms and disposable email addresses, and hiding your tracks with private search and anonymizers such as Tor. Strong encryption with services such as Silent Circle or the GNU Privacy Guard should by now also be on your list of priorities to get snooping enterprises and governments off your back.
Is all of that hard work? Hell yes. Like any good method of self-defense, you don’t walk out with a black belt after just one session. It’s a multi-step journey that requires a sensible investment in terms of time and acquiring knowledge. A good primer that goes all the way to the master level comes from the Freedom of the Press Foundation and can be found here.
The good news is that we do see some encouraging signs in this world of pervasive surveillance that former National Security Agency contractor Edward Snowden helped unmask. Pew Internet reports that the vast majority of U.S. consumers now take measures to veil or erase their steps online. And when a former Department of Homeland Security bureaucrat belittles Supreme Justice Louis Brandeis’s dictum that privacy is the “right to be let alone” as the delusions of a privacy “fogey,” you know the public outcry over the trampling of privacy rights has hit a nerve.
Read between the lines of the speech by Stewart Baker and you can see what’s called for: not acquiescing to the PRISMs, Temporas, and whatever else will come to light. Being silent and passive makes the violators believe they have won. Baker argued that with time and perseverance, one can shove any privacy violation down the public’s throat. “The better way was to stand up,” he claimed, and “fight for the justification your policy has. And there are a surprisingly large number of people who will accept that, and the privacy panic subsides quickly.”
Panic? We prefer calling it justified outrage over the fact that too many companies have for years tracked every move we make, sold us down the data stream without informed consent, and provided data openly or through back channels to governments. If we’re the resource, why not call it the human-mining cartel?
It’s a vicious cycle that destroys trust—the trust of consumers in the companies and providers they do business with, the trust of citizens and companies in government to respect their rights, and the trust of the entire international community that can no longer distinguish between legitimate security interests and potential industrial espionage.
So we say: Keep up the anger, and act accordingly. Hide your tracks and veil as many of your communications online as you can—unless the service you use is open about how they use or don’t use your data and, thus, can be trusted. Throw a million little wrenches into the machine-readable monster we’ve allowed to be assembled. And don’t fall for the specious arguments that it will all clear up once the facts are known, or—even worse— that the numinous market will devise a solution.
Your privacy is not a fungible good with a price tag. Sure, digital self-defense is about tools and services that help you protect your identity, and we have spent quite some time to explain a few of them, such as Disconnect.me, which cloaks your searches and keeps mobile apps from leaking your kids’ data one innocent game at a time.
On the other hand, there are “personal lockers,” like personal.com, that offer to let you store your valuable details in order to exercise control over who gets to see and use them. If you take this idea to its logical extreme, it reduces the entire debate over privacy to a series of business transactions. Again, your privacy should not be a good for sale.
It’s a perfectly American approach to the problem, but it does democracy a huge disservice. Snowden didn’t win the German Whistleblower Prize of 2013 for nothing. When an entire society and economy runs on distrust and forces everybody to constantly be on guard to cloak, block, and encrypt, it kills discourse and openness. Pushing the burden of privacy to companies and consumers is a particularly sinister form of privatization.
What does it say that we have become a society that degrades citizens to consumers who need to incessantly buy protection and peddle themselves to the merchants of privacy as a precondition to even participate in discussions? Do we really want to be forced to open accounts with the global identity banks that companies such as Facebook and Google have set up?
When it comes to privacy and identity online, we need to decline this bad deal. Instead, let’s join the ranks of the underbanked or, even better, the unbanked. The interest you earn in the form of supposedly free services is rarely worth opening such an account. As any gambling addict knows, “free” drinks and room “upgrades” sound good. But the casino always wins.
One of the most vocal critics of this dangerous trend to become your own data entrepreneur is author Evgeny Morozov. At a recent meeting in Harvard Square, Morozov reminded us how the problem becomes much worse as soon as we buy into the idea of commodifying our personal data. Privacy is a public good, period. If we fall for the trap that it’s our responsibility—or duty—to collect, quantify our lives, and feed them into the behemoths of the always-on world, “it cuts citizens out of the deliberative processes that define democracy,” Morozov said.
“If we think we are saving privacy by attaching a price to it, we are destroying democracy. We let the technocrats optimize the system without consulting citizens. Participating in the marketplace becomes a shibboleth for privacy. If everything is encrypted, you are no longer part of an open discourse. Tools to stay private,” Morozov said, “fail to understand the balance between privacy and democracy. It’s a balance that needs to be constantly negotiated.”
If that’s not reason to panic, we don’t know what is.
Steffan Heuer and Pernille Tranberg are authors of the book Fake It: A Guide to Digital Self-Defense. They cover technology and privacy issues in San Francisco and Copenhagen. In this series, Digital Self-Defense, Heuer and Tranberg report with updates from the digital identity wars and teach us how to defend our privacy in the great data grab going on all around us. Follow them at @FakeIt_Book.
Illustration by Jason Reed