Ubuntucat

Two years ago, I posted Privacy on the internet doesn’t exist. Well, it still doesn’t. I’m not saying you should go out of your way to disseminate your personal information to the general public, nor am I saying that paying attention to privacy settings in various online services is an exercise in futility. What I am saying, though, is that the idea that you can use the internet and be totally off the radar from governments and corporations is delusional.

Google and Facebook have certainly had their screw-ups when it comes to user privacy. But you have to realize we live in an increasingly networked and digitally stored world. You do not have control over everything about you. If you use the library, the government can find out what books you read and how long you read them for. If you even just look at an item on Amazon, Amazon keeps track of what you’ve looked at. If you encrypt your emails you send out, even if you run your own mail server locked in a bullet-proof vault, the people who receive those emails may forward them on unencrypted or may have weak passwords that get guessed by cracking programs or people who then read your private emails. If you don’t have a Facebook account, your friends who do will still post pictures of you and comment about what you all did last night. If you own a credit card or have a bank account, your information is stored somewhere or even multiple places in a networked computer system. All it takes is one unscrupulous or stupid employee to allow someone else access to your information, and it’s out there.

Are you using a proxy? How do you know you can trust the proxy with your information any more than you can your ISP? If you don’t trust Google’s privacy policy, why should you believe Scroogle’s?

I really am sick and tired of tinfoil hats (especially on Linux forums) pretending they have some magic bullet of privacy just because they use ixquick instead of Google to do searches. Unless you live in a cave, have no bank account, do no business, never see people, don’t have a phone, don’t pay taxes, and never use a networked computer, your imagined total privacy simply does not exist.

Do I care that Google knows who my friends are and how often I call them? Not really. Before I had an Android phone, I used a Virgin Mobile phone. Guess what! Virgin Mobile and Sprint (whose network Virgin borrows) knew who my friends were and how often I called them. Do I care that Google knows what I’m searching for? Not really. I’m not searching for anything that anyone else isn’t searching for. You can tell because they now try to guess what you’re searching for, and it’s usually what you are searching for, even if you’ve never searched for that before. Do you think if Britney Spears does something crazy that you’re the only one searching for “Britney Spears [something crazy]“?

And also, do you think if the government suspects you’re a terrorist that they really won’t just tap your phones and stalk you (I believe it’s called surveillance) anyway? Don’t you think the hospital, when served with a subpoena, will hand over your medical records? Don’t you think the store you shop at will hand over its security camera footage of you shopping there and what you bought? Please, just put the tinfoil hats away. Use common sense, and that goes both ways. You can hide most things from the general public, but if the corporations and governments want your information, they will get it. That doesn’t mean you have to make it easy for people to find information about you, but it does mean you can’t pretend your information is impossible to find.

You got that recent notification about the Facebook vote, right? Oh, no? You didn’t? But you got some notification that your friend commented on some other friend’s status? Or that someone added a stupid Facebook application?

Oh, you haven’t heard about the Facebook vote at all? I’m not surprised. Facebook hasn’t really publicized it. I mean, Mark Zuckerberg wrote about it on the Facebook blog… because all Facebook users read that, of course. Yeah.

Do you know what Mark Zuckerberg wrote?

For this vote and any future one, the results will be binding if at least 30 percent of active Facebook users at the time that the vote was announced participate.

Let’s see. So there are 175,000,000 Facebook users, and they need 30% to vote. Do you know how many have voted so far?

At the time of this writing, 283,361 Facebook users have voted. That’s 0.16% of Facebook users, and we have until next Thursday to make up another 29.84% (or 52,220,000) users. Um, not going to happen.

The tech news is reporting this as a some kind of Facebook democracy, but how is it democracy if you hide the vote? I found out about it only because I keep up with tech news. I can guarantee you maybe only one or two or my Facebook friends (maybe even zero) know about this vote. Why not just say the vote will be whoever shows up? Can you imagine if government elections were decided based on a certain percentage of the voter population having to vote? No. If you don’t vote, you don’t count. It makes no sense to say that those who do show up don’t count (which is essentially what they’re doing). And, worse yet, you can’t have an election if you don’t let people know about it. Facebook users are not automatically subscribed to Mark Zuckerberg’s blog. Unless they keep up with tech news, they get no notification whatsoever that there’s any kind of vote.

Well, if you’re reading this now and are a Facebook user also, go vote now. At least you can say you tried and somewhat care about your privacy and user rights. Maybe we can even get up to a full 1%. Whoop de do!

A recent discussion on the Ubuntu Forums (the link will work only if you are logged in) has got me thinking about the role of anonymity in online discussions. Is it a good thing? Is it a bad thing?

Well, the answer, of course, is that it’s both good and bad. And I think I would rather take the cons of anonymity for the sake of privacy than take the pros of full disclosure for the sake of civility.

Basically, the idea is that if (on discussion forums, for example) people gave their actual names, genders, pictures, geographic locations, and other personal details, then online discussions would be more civil and online communities would be better bonded. I think to a certain extent that would be true. If you’re Gertrude Chang from Cherry Hill, NJ with a picture to match, you’re far more likely to post something civil in response to a post you disagree with than if you’re lozahsux3583 with an Elvis Presley avatar. There are few people who would say Keep complaining. I’m sure the internet will listen to me in person, but someone felt it was perfectly okay to post that as an anonymous comment on my blog.

Of course, increasing likelihood is all you can do. After all, some people, even in person can be rude to you, no matter if they know what you look like, no matter how many personal details they know about you or how many personal details you know about them. Also, as anyone who has seen the post-it episode of Sex and the City knows, it’s far easier for someone to write something nasty to you than to say it to your face, so even if people have to disclose personal details, they may still feel freer to let loose their meanie inhibitions if they can type to you instead of talk to you in person.

This all is also on the assumption that you can force people to be honest about who they are. After all, I could say I’m Gertrude Chang from Cherry Hill, NJ and actually be Gemma Maguire from New Castle or Sanjay Gupta from Queensland. I could also post up a photo of my niece instead of posting up a photo of myself. There really isn’t a lot of gained trust you get from forcing people to reveal personal details.

And then there’s the issue of privacy. With identity theft rampant and many online discussions being open ones (Google searchable, browseable by anyone or any bot), there is a real danger in saying who you are and in giving out too many personal details.

In the end, I have found that ultimately anonymity isn’t such a terrible thing. Sometimes it brings out the worst in people, and they’d say things they wouldn’t ordinarily say in real life. Other times, it brings out the best in people and allows people the freedom to speak their minds thoughtfully about things they wouldn’t ordinarily be able to talk about in real life (for fear of losing their jobs or offending family members, etc.). I’ve recently been reading Yao Ming’s autobiography, and he said he likes to hang out on the internet to see what people are saying about him, because he knows the anonymous folks on the internet are likelier to be honest about whether he’s doing a good job or not.

At least on the Ubuntu Forums and on my blog, I’ve found most discussions and comments to be quite civil, despite the relative anonymity people are afforded. The exceptions are a few spambots and trolls that are quickly taken care of.

As a follow-up to my post of four years ago, “Gmail and Privacy,” I’d like to say something about some of the reactions to Google being asked to hand over YouTube user data to Viacom by an American judge.

First of all, I don’t see that Google did anything wrong here. Viacom may have done something wrong. The judge who ruled that user viewing data could be handed over from one company to another company without user consent has done something wrong. Should this make Google rethink how much data it should store and for how long? Of course. But that’s not because of what’s wrong with their privacy policies or practices—it has everything to do with the laws and powers they are subject to.

Secondly, as evidenced in the government subpoena in 2006 of search data, Google is much better than other major search engines, since AOL, MSN, and Yahoo! readily gave up their user search data, and Google didn’t. Google isn’t always in a legal position to protect your privacy, but it will at least try.

But that’s the real problem here. Too many people are focusing on Google and getting angry about privacy issues there. The real issue here is the US government and privacy issues there. If your data is stored somewhere, and the laws are on the side of a snooping government instead of a private citizen, then you’re screwed no matter where you store your data. You could have it on a privately owned domain hosted on a private server or even on your own home mail server. If the government wants to get to your data and a judge approves that action, well, tough luck for you. Never mind that most emails are sent unencrypted anyway.

When I think about how much of my life is stored places, it’s a little scary. I check books out of the library all the time. The library has a database (which is accessible online) of all the books I’ve ever checked out. Amazon keeps track of all the books I order or even look at and don’t order. If I use a credit card at a grocery store, they know what groceries I buy, and using a grocery store frequent buyers card makes it even easier for them to track what I do.

I guess if there’s anything that makes Google dangerous in terms of privacy, it’s the fact that they store a lot of data together. The government doesn’t have to search through millions of individual homes. They can just pester one company to give up its data. Really, though, imagining that you have privacy on the internet is just delusion. Yes, there are some things you can do to limit the amount of personal information you have floating around, but ultimately we live in a digital age, and the government has the ultimate say in terms of how that data gets accessed, privacy policies be damned.

Further Reading
Privacy on the Internet Still Doesn’t Exist

Last week, I got into TLC’s Jon and Kate Plus 8 about the Christian couple from Pennsylvania that has twins and sextuplets. I just found this amusing.

From the “Jon & Kate Family Movie Night” episode, they’re hanging up new blinds and Kate says, “When I want privacy, I want to be able to pull blinds and not have people see in.” You’re on a reality TV show. You have no privacy! Well, I guess after a while you kind of forget the cameras are there maybe.