A Privacy Experiment - Squaring the Circle?
In an alarming piece titled The Anonymity Experiment on PopSci . com writer Catherine Price reports her attempts in (re-)establishing citizen privacy for a single week in California, which is, after all, the United States’ nation leader in privacy protection.
Not being a privacy and intelligence expert herself, she initially consulted with Chris Jay Hoofnagle, a privacy expert and lawyer who used to run the West Coast office of the Electronic Privacy Information Center (EPIC). Here’s her summary of his recommendations:
Pay for everything in cash. Don’t use my regular cellphone, landline or e-mail account. Use an anonymizing service to mask my Web surfing. Stay away from government buildings and airports (too many surveillance cameras), and wear a hat and sunglasses to foil cameras I can’t avoid. Don’t use automatic toll lanes. Get a confetti-cut paper shredder for sensitive documents and junk mail. Sign up for the national do-not-call registry (ignoring, if you can, the irony of revealing your phone number and e-mail address to prevent people from contacting you), and opt out of prescreened credit offers. Don’t buy a plane ticket, rent a car, get married, have a baby, purchase land, start a business, go to a casino, use a supermarket loyalty card, or buy nasal decongestant. (Pseudoephedrine can be used to make methamphetamine, and thanks to a federal law passed in 2006, your name goes into a log when you buy products that contain it.)
So did it work? Well, unsurprisingly to most of our readers, it patently didn’t. Buying a cell phone anonymously by refusing to give his ID? Only after some clerk simply made up a name for him without asking.
Staying anonymous online? Well-nigh impossible for him. Access issues aside (such as ISPs forced either by law or not-so-soft administrative pressure to log all their clients’ online activities for months or even years (depending on where you’re located), there’s the dubious integrity and security of commercial anonymization services (so are they infested by government trolls or not? And how would we actually know?) Consider browser cookies saved on your computers to expire sometime in 2075, for example.
What’s worse, unless you’re deploying a pristine, never-before-used computer, your hardware’s MAC gets traced across your online connections, creating patterns someone who’s after this kind of thing (such as various governments’ snoop outfits) can suss you out anyway.
Then there’s the e-mail problem: Simply signing up for an account at Hotmail with fake user data and using Hushmail for responses won’t do – both are anything but secure and the latter has definitively been know to spill information to the FBI.
And the story goes on. Let’s not forget that it isn’t just nefarious, surveillance happy administrative agencies that are after your every data bit: An even hungrier data behemoth is actually commerce: banks selling your transaction data (you didn’t think they’re considered and treated as confidential, did you?), your local yoga parlor storing your name, address and the courses you book, address and marketing profile brokers, the search engines who keep track of your queries, etc. Even then, there’s a strong interdependency between the administrative and the corporate world, the former actually functioning as a major client of the latter wherever outsourcing data procurement seems desirable if only to stay on the legal side of things – at least ostensibly. One instance of this is pointed out by Price:
Contracting data-collection projects to outside companies allows the government to purchase data that would be illegal for it to collect itself. Take, for example, what happened in 2002 when a now-defunct information-mining company and Department of Defense contractor called Torch Concepts got five million itinerary records for JetBlue passengers—records that included names, addresses and phone numbers—for a project whose goal was ostensibly to identify high-risk airline passengers. Torch Concepts then bought demographic data from Acxiom on about 40 percent of the passengers whose records JetBlue had released.
This demographic data included passengers’ genders, home-ownership status, occupations, length of time spent at their residence, income level, vehicle information, Social Security numbers and how many kids they had. The company used the information to create detailed profiles of the passengers, including one (with the name stripped off but all other information still intact) that it used as part of a presentation to pitch potential clients.
Transport privacy? A veritable nightmare: Not only will train companies and toll booths track your every step, chances are your car’s inbuilt event data recorder (EDR) may be used (or, arguably: abused) as an eavesdropping instrument on you – if not now, it’s certain happen in the very near future. Science fiction? Not so: Price recounts one case where the FBI has actually used this technology on a subject several years ago, albeit finally losing the case on a legal finery. (Car rentals are no easy workaround: All major rental companies have implemented GPS devices to track customers’ violating speeding limits and other traffic rules.)
Closed circuit TV surveillance is another obvious issue. E.g. in the UK there’s millions of the installed already (trend: rising) and the government has recently decided to fit some 2,000 police hats with them. A country like Monaco is equipped with video cams establishing surveillance of just about every square inch of public space, the same goes for places like Singapore and many major Western city centers. Many taxi cabs will videotape their passengers automatically, not to mention webcams being installed just about everywhere interesting.
IPv4, IPv6, RFID – the list of technologies nixing privacy protection for the individual citizen goes on and on. Do read the entire piece here to learn more about what’s up and coming: The Anonymity Experiment
But: Next time you read another lukewarm headline of the “Are we heading towards an Orwellian state” ilk in the mainstream media, permit yourself a ghastly chuckle or three – no way we’re heading there: It’s arrived years ago and hardly anyone has bothered to take notice.
Of course, while most of the privacy protection measures Price narrates in her article are sound and sensible in and by themselves, overall her approach was amateurish in the extreme. There’s way more effective methods to safeguard your own and your loved ones’ personal privacy even today, provided you know what you’re doing. For a more professional – and effective – way of going about this issue, we recommend you check out our Privacy Tools section.
