Your connection is not private

Privacy online is an ever evolving topic. Back when I was first introduced to the internet, privacy issues were not something to be concerned about. Facebook, twitter and even Myspace didn’t exist at the time, and the ability to share to a big audience was significantly less than it is now. Technical skills of the common user made this even more so- with few able to print screen or take a screenshot, let alone upload it somewhere people could see. But now things have changed. The ability to send information around the world at speed has increased substantially and the average competency level of a computer user is far higher than 15 years ago. What is good and appropriate when it comes to personal privacy, and where do we draw the line?

Sometimes privacy software does not quite hit the mark. Is there always a human component to decide to what constitutes privacy?

Sometimes privacy software does not quite hit the mark. Is there always a human component to decide to what constitutes privacy? (An attempt to read some of this weeks recommended readings!)

Privacy and you

Facebook has been in the news repeatedly over the past decade (only to 2010) because of its changing attitude towards privacy. Facebook is a great example to look at too, both because it was the forerunner of the social media age and because individual privacy of our most intimate moments is what is most important to us. For example as discussed in my last blog post, what an employer might see on Facebook could make or break your ability to get a job. So that photo of you and your friends having a drink in town last Friday could cost you a job you apply for in years to come. In Facebooks case, you can stop others from seeing these photos, but what has been contentious through the years is who can see the photo by default. At time of posting is that photo shared globally, or is it private until you say otherwise? Again we can bring up the case of the Georgia teacher who posted a private photo on her Facebook page, only to be fired for it later. Her privacy was breached by ‘someone’, and that breach led to a dramatic change in her life.

This for me is really sad. It demonstrates that some employers make decisions based upon data that was acquired against the wishes of the employee. This article makes suggestions for how you can or should be writing your Facebook posts so that it would not go against you when job hunting – but that defeats the point of the social media platform. This article is even scarier, where it suggests employers have been requesting applicants passwords to their social media account in order to see what their private life is like. It might be that you drink heavily in your spare time, or worse take drugs – but if an employees record in their previous jobs makes no mention of poor behavior, lack of motivation etc then is it relevant to the candidates ability to perform the job? Sites like LinkedIn should be the type of place for employers to find out about a candidate. Facebook is where we post the most intimate parts of our life, where we share good and bad news, or our opinions on particular things with friends. It forms a story of our lives, and how we change through time. I dont see it as right for an employer to make use of private data in making job decisions, if other evidence suggests it makes no difference to their ability to perform the job well? Note that whatever data you do make public on Facebook I think could reasonably be looked at by employers, as this public face of an employee could potentially reflect upon the employers.

Thus another question is what do you mind being made public and private? Facebook gives us the option of who sees what (albeit through sometimes convoluted privacy settings). What about those devices that tell the manufacturer things without us knowing? The group Privacy International report on those things it considers to breach user privacy, their first aim being “[to] build[ing] the global movement for the protection of privacy”. One highlighted example of ‘market research’ being secretly collected was by the WeVibe sex toy, where they recorded ‘use’ and sent that data back to the company. Whilst this does not harm the user (as they probably dont give you a profile page on their website with achievements or anything!), the sensitive nature of the appliance maybe means users do not want their usage shared with others, irrespective of how anonymous it might have been. WeVibe were sued for this, and lost in court this year.

Most of the time, personal privacy with internet connected devices is controllable, and we are in charge what is posted as public or private. Where privacy becomes a bigger question is when governments and the law get involved.

 

Privacy and the Government

GCHQ, the UK governments communications arm can allegedly intercept much of the internet traffic into and out of the UK (Image Credit: GCHQ, Crown copyright)

In India this past week, Privacy has been a big issue in the news. The question had been brought before the supreme court, asking the question, ‘is privacy a legal right for the people of India?’. The case came about because of a system the government wanted to introduce to help handle welfare payments. This system would require Indian citizens to submit their bio-metric information, but privacy groups were concerned about what else the government would use the data for, as they rolled it out into other financial transactions (such as purchasing expensive goods). The supreme court decided that yes, privacy is a fundamental right of the Indian people.

In the US, privacy is also hot topic, and one which was championed controversially by Apple in early 2016. An Iphone 5C owned by the shooter in the San Bernardino shootings was in the possession of the FBI, however it had been locked and encrypted. Encryption of the data meant that there was no way to pull it off the phone without compromising the data, but the problem was the FBI only had a certain number of guesses at the password before the phone automatically deleted all its data. The FBI requested that Apple help them circumvent the encryption so they may see the data in a readable format, but Apple declined. The reasons proposed vary, and Apple said it was in part an issue with reprogramming (as the OS would then supposedly be compromised). Apple argued that decrypting one phone potentially compromises all phones, and so the operating system could have to be rewritten to re-secure other phones. Amongst other reasons cited by Apple, such as:

“… compelling Apple to create software in this case will set a dangerous precedent for conscripting Apple and other technology companies to develop technology to do the government’s bidding in untold future criminal investigations. If the government can invoke the All Writs Act to compel Apple to create a special operating system that undermines important security measures on the iPhone, it could argue in future cases that the courts should compel Apple to create a version to track the location of suspects, or secretly use the iPhone’s microphone and camera to record sound and video.”

Apple-vs-FBI-800x510

Apple vs The FBI – all you need to know. (2016, March 17). Retrieved August 27, 2017, from http://kodework.com/apple-vs-the-fbi-all-you-need-to-know/

And so partly this is a law issue, where the courts may use this case as a way to argue for Apple to undermine security in particular phones in the future. But the question then becomes to what extent is privacy a right? The San Bernardino shooters phone may have contained information that lead to the capture of others intent upon causing harm. If the FBI had failed to get that information in time, and one of those potential links had killed, would the failure of the FBI to act in time be on Apples shoulders?

In the UK surveillance and intelligence gathering (Spying) is common. Indeed, terrorist incidents in the UK are now mostly carried out with easy and quick to acquire weapons such as cars and knives, as the process of making a bomb usually ends up with the government tracking them down before the bomb can be deployed. Searching on the internet for how to construct a bomb is illegal, and logged. The ability for governments to compromise security has prehaps lead to an increase in the amount of lives that can be saved. Another document leaked by Wikileaks suggests that GCHQ (Government Communications Headquarters, the ‘British NSA’) and (by extension) the NSA can infiltrate much of the data coming into and out of the UK. Wikileaks also published documents which demonstrated the extent to which the CIA could use internet connected devices (such as TVs) to spy on people. These are extreme cases of privacy breaches, but I am not per se against it, as it is unlikely to affect my life- and would only be used to catch criminals. The NSA is unlikely to be interested in me and my COETAIL blog posts, or my DOTA games. I am much more in favor of them knowing that I had the most awesome ‘toad in the hole‘ for dinner and potentially catching a terrorist, than them not knowing my dinner choices and people potentially dying.

 

The internet has exploded the conversation on privacy. I believe there has to be a balance between what we expect of our privacy and what we expect of law enforcement ability to catch criminals. But humans have a right to privacy (Universal Declaration of Human Rights, Article 12), and what we post on our private Facebook walls we should have confidence that it is treated in the context in which it was posted. Perhaps the question is not ‘How can we protect our privacy online?’, but rather ‘How can we prevent our private data being exploited?’.

 

Bibliography

 

You may also like...

2 Responses

  1. Cary Hart says:

    Alex you make very good points in your post about privacy. You brought up the iPhone issue that had the FBI demanding access. I think that this is the kind of thing that we have to be very careful of. In that instance, for that case, it seemed like a reasonable request, but what people forget is once they are in they are in.

    Companies and citizens have to remember that things that seem reasonable for a special case may lead to loss of privacy because the permission was given that one time opens the door to allow access to information. Had Apple allowed the FBI to have the access that they were demanding they would then be able to access anyone’s phone for any reason. While they may have never abused that power, we all know that is unlikely.

    Google is one of the largest Data holders in the world and there are many people who are worried about the data they hold, what they do with it and what other people can buy from them. This is all a part of the digital world now and things are growing and changing so fast most people haven’t even considered where their data is or what data is out there.

    I agree with your closing paragraph and I think the other thing that we have a right to is clear, understandable privacy settings. This has gotten Facebook in trouble several times because people were not sure what different settings really meant. I think that companies have to be clear on what their settings do and don’t do.

  2. Alex Bunting says:

    Hi Cary,

    Perhaps then there needs to be legislation which dictates what constitutes when privacy can be negotiated upon. I feel like I am happy to have my phone searched if it helps catch someone who might kill someone. I also feel like the waste of time it would constitute would also put the FBI off of searching my phone in the first place 🙂

    I suppose the question is about how much trust you have in the law enforcement agencies. Generally speaking I trust governments enough not to care about me or bother hacking my phone. The real problem comes in hackers who reveal secret documentation, because if that data is stored it could be a problem when it is out there (though again my computer is easier to hack than the FBIs!).

    Alex

Leave a Reply

Your email address will not be published. Required fields are marked *