Russ Harvey Consulting - Computer and Internet Services

Your Privacy At Risk

Everyone is Collecting | Safer Browsing | Take Back Your Privacy

Your privacy is at risk like it never has been before.

Protecting your privacy DOESN'T mean you have something to hide.

“If you aren't doing anything wrong, what do you have to hide?” accept[s] the premise that privacy is about hiding a wrong.
 
It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.
 
Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that's why we should champion privacy even when we have nothing to hide.
Bruce Schneier: The Eternal Value of Privacy [emphasis mine]

More about privacy:

YouTube Video: EFF/Greenpeace/Tenth Amendment Center airship over the NSA's sprawling Utah data center. Click to view

The NSA surveillance program [Section 215 of the Patriot Act] collects hundreds of millions of phone records daily. One federal judge criticized the program as beyond Orwellian and likely unconstitutional. And even the government-appointed Privacy and Civil Liberties Oversight Board has said this program doesn't make us any safer, stating that they couldn't find a single example of a threat to the United States where this program made a concrete difference in the outcome of a counterterrorism investigation.
Fight 215 [emphasis mine]

Section 215 expired on June 1st but the U.S. Senate passed the USA Freedom Act the next day by 67–32.

The Act did place some restrictions on surveillance, but not enough given the wholesale abuses by the NSA. See USA Freedom Act passes: what we celebrate, what we mourn, and where we go from here.

Everyone is Collecting Information

Everyone is collecting vast amounts of information about you — governments, businesses and the sites you visit on the Internet.

Even if we think we have nothing to hide, all of us, whether world leaders or ordinary citizens, have good reason to be concerned.
TomDispatch

Your Devices Are Watching You

Virtually every “smart” device is gathering information on you (perhaps including your private conversations).

It's the age of ubiquitous surveillance, fueled by both Internet companies and governments. And because it's largely happening in the background, we're not really aware of it.
 
…[W]e learned that Samsung televisions are eavesdropping on their owners. At some level, we're consenting to all this listening. A single sentence in Samsung's 1,500-word privacy policy….
Bruce Schneier on CNN

Smart Meters

Smart meters do more than simply remove the need for meter readers. Analogue meters simply recorded the total amount of electricity used between readings. Now your electrical company knows the timing, duration and quantity of electricity you use. Like much data collected, it could reveal much about you.

The IoT is Almost Here

The problem of privacy is only going to get worse as the Internet of Things evolves. Already there are more connected devices than people in the world. There is an imminent explosion of devices that will track every aspect of our lives.

“We're Only Collecting Metadata”

Many organizations indicate that they are “only collecting metadata.”

Research has shown that using only call metadata, the government can determine what your religion is, if you purchased a gun or got an abortion, and other incredibly private details of your life. Former director of the NSA and CIA, Michael Hayden, recently admitted: We kill people based on metadata. And former NSA General Counsel Stu Baker said: metadata absolutely tells you everything about somebody's life. If you have enough metadata, you don't really need content.
EFF [emphasis mine]

Why Metadata Matters

How revealing metadata can be is demonstrated in these three (rather obvious) examples presented by Kurt Opsahl at CCC on December 30, 2013:

  • They know you rang a phone sex service at 2:24 a.m. and spoke for 18 minutes. But they don't know what you talked about.
  • They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
  • They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don't know what was discussed.

Anonymous No More

A more intensive look telephone metadata reveals much more. Your privacy could be compromised by linking the timing of anonymous data to data that directly identifies you via credit card, hotel stays and more.

All this can be used to build a profile of you that may make judgement calls which are then processed as “facts” by other parties. Metadata is surveillance.

Even something like Alfred Kinsey's sex research data from the 1930s and 1940s isn't safe. Kinsey took great pains to preserve the anonymity of his subjects, but in 2013, researcher Raquel Hill was able to identify 97% of them.
Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World by Bruce Schneier

There was much less information collected in those days than we routinely and blindly provide today.

Your Privacy at Risk Like Never Before

Your privacy is at risk like it has never been before. Most folks think they have no need for concern. They are wrong!

How would you feel about every document, photo and file on your computer being printed and posted in a public place? You have even more at stake.

[K]now that every border that you cross, every purchase you make, every call you dial, every cellphone tower you pass, friend you keep, site you visit, and subject line you type, is in the hands of a system whose reach is unlimited but whose safeguards are not.
CITIZENFOUR documentary

The Everything We Know About NSA Spying video is an excellent overview on the NSA spying and shows just how extensive the reach of this program is and how easy it is to become a target.

Avoid Giving Information Away

Everyone that asks you to fill out a form — whether a paper form or on-line — is collecting personal data.

Once you provide that information, it is no longer in your control. While everyone is diligent in collecting your information, they are less likely to be as careful in protecting that information — particularly if an opportunity to profit comes along.

Privacy Policies are Changing

You only need to look at the way Facebook, Hotmail and others so quickly changed their privacy policies to enhance their profitability. You're on your own when it comes to protecting your identity.

If the service is free, then you are the product.
The Day We Lost Everything

Who Has Your Back?

EFF 2015 report on the track record of companies in protecting your privacy

Who has your back? 2015 track record for social media, communications and other companies in releasing private information to the government.

Learn how to avoid giving information away (including protecting other people's email addresses) and how to remove spyware (software on your computer that reveals information about your surfing habits — including toolbars).

Governments Collecting More Personal Information

Governments are collecting more about you and your Internet activities.

Never give a government a power you would not want a despot to have.
— John Gilmore

The Canadian government will not allow its data to be stored on servers outside Canada. Canadians should be similarly concerned about the loss of privacy and protection.

  • Most, if not all, social media data is being stored outside Canada and no longer has the protections afforded by Canadian law.
  • Most webmail is stored on servers in the U.S. or other countries.
  • Your emails are scanned to profile you to serve ads, alter search results, and other purposes based upon the emails you send and receive if you're using Gmail, Yahoo! mail and similar services.

Microsoft is fighting a December 2013 federal search warrant demanding that the company release emails stored in Ireland.. This demand that data stored on overseas servers be made available should concern everyone. The US is not the only country doing this.

StartMail ($59.95 per year) provides an alternative to ‘free’ email services that aren't free — you pay for them by sharing the most intimate details of your life with corporations and marketers. StartMail's privacy policy.

You can find out more about governments collection of personal information at:

Other reports about privacy and surveillance:

“Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World” by Bruce Schneier

Recommended Reading

Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World by Bruce Schneier is an imperative read for everyone. Read the introduction.

The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we're offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.
 
Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we've gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day. You'll never look at your phone, your computer, your credit cards, or even your car in the same way again.

Recommended Documentaries

Frontline: ‘United States of Secrets’

Frontline's United States of Secrets is a powerful look at the dangerous spying by the NSA on their own citizens and the revelations following the release of the Snowden documents.

Frontline investigates the secret history of the unprecedented surveillance program that began in the wake of the 9/11 attacks and continues today.

The two-part series is available on Netflix:

Episode 1 shows how the dangerous plan to greatly increase the power of surveillance on the American (and international) public was secretly authorized with the stated goal of finding unknown terrorists within our midst.

Several members of the NSA and other government bodies opposed the plan on the basis that it overstepped the requirements and undercut civil liberties enshrined in the U.S. Constitution without any real oversight.

Episode 2 looks at the increasing commercial surveillance by companies like Google and later Microsoft, Facebook and others to generate massive advertising income. This information was later co-opted by the NSA and, in the process, further eroding every citizen's privacy. There is no evidence that any of this surveillance has made us any safer (think of the Boston Marathon attacks — the sort of event this program was supposed to prevent).

Return to top

Safer Browsing

Cookies Report on Your Web Habits

People have become more aware of the amount of information that is collected about them while they are on the Internet using such devices as cookies. You can deal with cookies using some of the many utilities available on the Net or by using the tools provided by modern browsers (Firefox recommended).

Help is Pending…or is it?

Current browsers have the capability of telling a site that you don't want to be tracked. But that assumes that a site will bother to respond. There are few, if any, such mechanisms in place.

Opt-Out Cookies

Another option is to use the services of a site such as the Network Advertising Initiative which offers to place an opt-out cookie on your computer for certain ad servers such as DoubleClick.

Flash Cookies

Many sites use flash cookies (Local Shared Objects or LSOs) that are not deleted when you remove traditional cookies. Adobe provides information on how to manage or disable LSOs, but ignorance makes most users vulnerable to exploitation by sites that use them.

CCleaner is capable of cleaning LSOs, but this is not enabled by default.

Flash is listed as one of three programs that make Windows vulnerable to malware (as well as Linux and Mac if Flash is installed). As technology moves away from Flash, the risk of LSOs should diminish.

Have a look at my listing of Firefox add-ons. Some allow you to manage or remove LSOs but status can change quickly so I won't duplicate the listing here.

Your Choice of Browser Matters

Firefox Recommended | Internet Explorer | Google Chrome

The browser you use to surf the Web will make a different in not only what tools are available to you or how convenient the browser is, but also in terms of how much information you share in the process and what those gathering that information do with it.

Ixquick's StartPage privacy page has information about how simply using a search engine can leave behind a history that can last for years.

The problem is made even more dangerous as companies like Google become more powerful, purchase companies in areas they traditionally didn't have access, then combine data about their users between these companies. Running their free Gmail and Chrome browser will provide even more information about yourself, helping to create a more accurate profile to serve ads to. Google never forgets!

Firefox: A More Secure Browser

Firefox is my recommendation. Not only is it more secure, but it more closely follows web standards, making your experience a better one.

Firefox is made under the principle that security and privacy are fundamental and must not be treated as optional. Firefox is the only major browser not targeted by the NSA scandal and we're fighting to reform government surveillance for you.
Mozilla

Share what kind of Web you want. A human face is placed onto technical concerns in the related Firefox video.

Clear Private Data

Clear Private Date dialogue box

You should clear your privacy data (cookies, saved form information, cache and authenticated sessions) before and after on-line banking (or similar sites where there is the risk of revealing personal information of greater value).

These settings are on the Privacy tab in the Firefox Options settings. Firefox Options is located different ways:

  • Firefox 29 or newer: the Firefox menu is on the top right (3 horizontal lines).
  • Firefox 4–28: the orange Firefox button on the left contains the Options menu..
  • The Firefox Menu Bar (turned off by default starting with Firefox 4) has Options in the Tools menu.

Once the Options dialogue box appears, click on the Privacy tab and check Clear history when Firefox closes. You can choose which items get removed by clicking the Settings button on the right (see dialogue box above).

Internet Explorer: Simply Too Vulnerable

Internet Explorer (IE) is a major security vulnerability within Windows and therefore should not be used as your primary browser when surfing the Internet.

When the CVE-2014-1776 vulnerability affected IE versions 6–11 the US-CERT team (U.S. Homeland Security) recommended moving to an alternate browser. This is good advice even after the vulnerability is patched.

Microsoft made IE a key component of the Windows installer — a significant security vulnerability when surfing the Web. You can help reduce the risk by enabling the following settings:

  • Current versions of IE can check sites for forgeries (sites looking to exploit your trust of the real site) if you authorize it during installation.
  • Check "Prevent programs from suggesting changes to my default search provider" in IE's addons.

Security risks are not unique to Internet Explorer but its reach is deep into the Windows operating system, making it more vulnerable to security issues than any other browser.

You may need to use IE for some legitimate tools:

  • Microsoft Fix it solutions need to run in Internet Explorer.
  • Symantec's AutoFix Tool must run in Internet Explorer in order to be able to make the necessary changes to Windows files.

Windows XP used IE to run Windows Update, a program that makes significant changes to your system and requires access to key Windows components. Microsoft Update is now built into Windows Vista and 7 making IE more secure.

Microsoft's Windows Update plug-in for Firefox as an alternative to using Internet Explorer is not recommended because this makes Firefox more vulnerable. It is better to use Internet Explorer only where necessary (and safe).

Move to Firefox and use the IE View addon to launch Internet Explorer ONLY where it is absolutely necessary. If a normal page won't load properly except in IE, you're probably better off going elsewhere for your information.

Google Chrome: Privacy? What Privacy?

Google Chrome (initially based upon the open source Mozilla code) has become very popular because it is much smaller and potentially faster than other browsers (at least as long as you don't use addons).

Collecting, Collecting, Collecting…

Chrome does this, in part, by keeping the user's data on their servers rather than on the user's computer. This is part of what is referred to as "being in the cloud" so people have access to their data from any number of computers, phones and tablets. This is convenient but eliminates your ability to fully control your own information.

Gmail Difficulties

Gmail has made it more difficult to simply download your Gmail to a standalone email client (an email program that stores your messages on your computer rather than on Google's servers). Google wants you to leave a browser windows open with Gmail running. By knowing the sites you're visiting they can present “more relevant” ads (i.e. ads that you're more likely to click on based upon your surfing history). Of course, with Chrome, they already know this.

Return to top

www.RussHarvey.bc.ca/resources/privacy.html
Updated: July 17, 2015

NSA taking all your data -- click to visit the Electronic Frontier Foundation (EFF illustration).

Restore Privacy

Take Back Your Privacy

As we saw in the introduction to this page, everyone is collecting information: governments, corporations, search engines and social media.

Google Analytics provides detailed information to website owners about who comes to a site, where they land, how long they spend there and where they go afterwards.

Google Analytics are only one of many such invasive tools.

Ghostery's “alert bubble” displays a list of 27 trackers found on forbes.com

To the right, 27 trackers are listed in Ghostery's alert bubble while visiting the Forbes website.

Most websites you visit are probably collecting information of some sort.

These exploits are crippling the Web's ability to transform information. This has a strong echo of McCarthyism in the 1950s. The fear of surveillance is realistic and stifles personal expression.

People Becoming Concerned

Recent surveys regarding Americans' attitudes about privacy, security and surveillance show that people have little confidence that their data will remain private and secure — particularly in the hands of government:

Just 6% of adults say they are ‘very confident’ that government agencies can keep their records private and secure.

Reset the Net

But we're not powerless. There are things you can do.

Reset the Net. Take back your privacy and freedom.

Start by signing the Reset the Net pledge:

Mass surveillance is illegitimate. I'm taking steps to take my freedoms back and I expect governments and corporations to follow in my footsteps and take steps to stop all mass government surveillance.
Reset the Net

Resources

Return to top

Social Media

Social media is a very important aspect of privacy because so much personal information is collected including facial recognition software, comparative and linked data (such as the "Like" button) and more.

Are you sharing too much on social media?

Return to top

Related Resources

Related resources on this site:

or check the resources index.

Return to top


If these pages helped you,
buy me a coffee!