Russ Harvey Consulting - Computer and Internet Services

Your Privacy at Risk

A Basic Need | Domestic Spying | Surveillance
Devices Watching You | Resources | Biometrics

Your privacy is threatened like never before

A Lot to Absorb

This page has a lot of information on it. The issues are complex and have significant implications for our future as a free society.

Privacy is a multi-faceted concept. It's not one size fits all and is approached differently by governments, businesses, and consumers.

 

However, there are practical privacy standards that can and should be used as a foundation upon which we build our digital world. — Ghostery

People don't really understand privacy nor value what they've given away.

People often don't think about their rights until they need them -- whether it's when they're arrested at a protest or pulled over for a routine traffic stop. — ZNet

The purpose of this page is to open your eyes to what is happening.

Privacy in a Pandemic

COVID-19 has affected many areas of our lives, none more so than our privacy.

The COVID-19 pandemic has been unlike anything before in modern times, both in its scope and in its impact upon our everyday lives.

Restoring Privacy

There is little point in making people aware without providing solutions.

In the same way you protect your physical privacy with locks on your doors and curtains on your windows, you must protect your virtual privacy.

Return to top

Privacy a Basic Human Need

Privacy is a basic human right according to the UN:

No one must be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. — Universal Declaration of Human Rights, Article 12

Privacy is power over your own information, required for dignity and respect.

If we accept as normal and unavoidable that everything in our lives can be aggregated, sold, or even leaked in the event of a hack, then we lose so much more than data. We lose the freedom to be human. We deserve better. You deserve better. — Apple CEO, Tim Cook

Not About Hiding Something

Protecting your privacy doesn't mean you have something to hide.

The most common retort against privacy advocates — by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures — is this line: If you aren't doing anything wrong, what do you have to hide?

 

[This] accept[s] the premise that privacy is about hiding a wrong.

 

It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.
Bruce Schneier: The Eternal Value of Privacy

Instead, we should be examining the motives behind those using the “nothing to hide” mantra. What are they trying to hide?

Privacy isn't Secrecy

Privacy isn't about secrecy, which implies that citizens have no right to either.

Don't confuse privacy with secrecy. I know what you do in the bathroom, but you still close the door. That's because you want privacy, not secrecy. — Fábio Esteves

Privacy Laws Outdated

The laws that govern the ability of our government to collect this information are woefully out of date and severely inadequate to the task within a connected world.

The Privacy Act, which oversees the [Canadian] government's use of your data, came into effect in 1983 — years before the Internet, or cell phones. — OpenMedia

The right to check your computers and devices at the border depends upon a law intended for inspection of physical (paper) files.

Legislation surrounding personal privacy are outdated and regularly abused. Attempts at new legislation demonstrates how little our MPs and MLAs understand the concepts of privacy, especially when lobbyists seem to have more say than citizens.

EFF's transition memo discusses surveillance, encryption, broadband, copyright and other issues where privacy legislation has not kept up with technology and general practices.

Surveillance Threatens Freedom of Speech

Surveillance is commonly associated with dictatorships where open expression of opinions is harshly punished.

Unfortunately, this has become commonplace in “democratic” societies.

Governments and police agencies are demanding unrestricted access to our personal information and an end to encryption

No Exposure to Opposing Viewpoints

Too often our news and social media presents only one point of view, our selection of media based upon what we already believe.

We should be extremely careful before rushing to embrace an Internet that is moderated by a few private companies by default, one where the platforms that control so much public discourse routinely remove posts and deactivate accounts because of objections to the content.
Washington Post

It is this refusal to hear opposing viewpoints that is destroying democracy, not dissenting voices.

Creativity and Personal Expression Stifled

Surveillance stifles personal expression.

We don't feel as free to express our creativity when our conversations or Internet activities are being monitored.

Think of how you feel when your boss is standing behind you while you work or when a police car is following you in traffic.

I don't want to live in a world where everything I say, everything I do, everyone I talk to, every expression of creativity and love or friendship is recorded. — Edward Snowden

Society Needs to Choose

We can have security or surveillance but not both.

We need to choose between security and surveillance. It's just not possible to build electronic devices that keep data secret from everybody except, say, government officials trying to track the movements of terrorists. Everybody gets to spy or nobody gets to spy. — Bruce Schneier on BBC

We don't have to choose between security and privacy. We can have both.

Learning More

More about why privacy matters:

Return to top

Domestic Spying

We're being spied upon constantly. By our governments and by businesses.

Governments seek to collect and store virtually everything about their own citizens including their online activities. Everyone is considered guilty.

A lot of people assume that those who are under surveillance are quite deserving of that surveillance. That is not true. — Mailyn Fidler

Protection from Terrorism

The “official” purpose of NSA (and Canadian) collection of personal phone records is to prevent future terrorist attacks.

Following the attacks on September 11, 2001 we've been faced with unprecedented attacks on personal freedom by governments worldwide.

Although poorly understood at the time, one of the biggest long-term impacts of the September 11 attacks was expanded surveillance in the United States and other democracies, by both public and private sectors.

 

The stakes are high. If democracies fail to turn the future of global surveillance in their favor, digital authoritarian competitors stand ready to offer their own model to the world. — Nicholas Wright

We're No Safer

The resulting surveillance is incredibly invasive to our privacy.

[A] federal court in the Eastern District of Virginia held that individuals have no reasonable expectation of privacy in a personal computer located inside their home. — EFF

This abuse of privacy cannot be justified by any improvements in public safety from terrorist threats since it was introduced

No serious, verifiable evidence has been produced by the proponents of compulsory suspicionless [bulk] data collection to show that the data mining and profiling by means of the bulk data in general… is even suitable to the ends supposedly being pursued — let alone that it is effective. — BCCLA

Secret Courts

Collecting information based upon a warrant issued by a judge in a public court can be seen as justice.

However, collecting information on innocent citizens based upon warrants issued by secret courts just in case it may be useful in the future is hard to justify.

All this access has a very low threshold, partly because of a U.S. court decision that stated that if third parties have access to your information, a warrant shouldn't be needed for the government to access it.

I doubt our governments would be amused if we used the same argument to obtain non-public government documents.

Protection Against Terrorism Undeliverable

Unprecedented government spying on their own citizens has resulted in NO significant reductions in terrorism that could not have proceeded otherwise.

Democracy and privacy are the victims, not terrorism.

We have not yet seen any evidence showing that the NSA's dragnet collection of Americans' phone records has produced any uniquely valuable intelligence. — Senator Ron Wyden

The loss of our privacy is unacceptable.

If you're willing to sacrifice some freedom to feel safe, you deserve neither. — Thomas Jefferson

Return to top

The Surveillance Economy

The traditional marketplace of buying and selling using a set price has been replaced with a surveillance economy where access to private data is exchanged for goods and services.

Unlike the up-front cost of purchased products, this new model simply collects information without revealing either the value or the cost in terms of privacy. It is a very one-sided bargain.

Social Media

Social media is one of the most obvious examples.

Personal information is collected and monetized by social media companies using facial recognition software, comparative and linked data (such as the Facebook "Like" button) and more.

Most, if not all, social media data is being stored outside Canada and doesn't have the protections afforded by Canadian law (minimal as that legal protection currently is).

The Email Connection

The fact that users login using their email address provides a strong link to other data about that user.

Most Canadians now use webmail which is stored on servers in the US or other countries. Your emails are scanned to profile you to serve ads, alter search results, and other purposes based upon the emails you send and receive if you're using Gmail, Yahoo! mail and similar services.

Even if they claim not to view your emails, the metadata (information needed to transport and store emails) will tell them a great deal. How is Gmail sorting your emails into categories without viewing at least some aspects of your emails.

The Cell Phone Connection

Your cellular provider is collecting and sharing personal information.

Cellphones provide very precise 24/7 location data. While it is extremely handy to know where the nearest coffee shop or grocery outlet is located, that same information is provided in reverse. The cell company always knows where you are.

Your cellular provider already tracks your physical location at all times: it knows where you live, where you work, when you go to sleep at night, when you wake up in the morning, and — because everyone has a smartphone — who you spend time with and who you sleep with. — Bruce Schneier

We've voluntarily provided governments and corporations with massive amounts of private information that used to be cost-prohibitive to collect — and we pay some of the highest prices in the world for that privilege.

We love cell phones. We love them to death. For all kinds of reasons. I mean, can you imagine?

 

Suppose twenty years ago Congress had proposed a law saying every citizen had to wear a radio transponder around his neck, all day and all night, so the government could track him wherever he went. Can you imagine the outrage?

 

But instead the citizens went right ahead and did it to themselves. In their pockets and purses, not around their necks, but the outcome is the same. — Lee Child, A Wanted Man
If the government said you have to have a tracking device, for certain you would rebel. But the government doesn't have to say that because you do it willingly and they just get a copy of the data. — Bruce Schneier on BBC

Capturing Private Data without a Warrant

Geofencing, stingray and other cell-tracking technologies reveal a lot about individuals that have nothing to do with the warrant (if one is even obtained).

The Canadian government raised a stink when cell-tracking technologies were used near federal facilities in Ottawa. They obviously are more concerned with their privacy than ours.

Return to top

Your Devices Are Watching You

Can anyone really have total confidence in what these machines overhear and where those recordings might appear? Sometimes, such speakers have deliberately recorded your conversations. To help create a better product for you, of course. — ZDNet

The problem of privacy is only going to get worse as the Internet of Things evolves. Already there are more connected devices than people in the world. There is an imminent explosion of devices that will track every aspect of our lives.

Any bed that monitors your heart rate, breathing, and movement could allow people with access to that data to determine when you get up in the morning, when you go to bed at night, or even when and how often you have sex. — Mozilla
The reason I smartened up my house was to find out whether it would betray me. — The House That Spied on Me

“Consented” Eavesdropping

Virtually every “smart” device is gathering information on you (perhaps including your private conversations). From connected baby monitors to smart TVs to video cameras, everything is being connected — the majority in a very insecure manner that can be hacked.

…[W]e learned that Samsung televisions are eavesdropping on their owners. At some level, we're consenting to all this listening. A single sentence in Samsung's 1,500-word privacy policy…. — Bruce Schneier

This isn't an isolated incident. Vizio surrendered to a lawsuit charging them with collection viewing data on 11 million consumer TVs.

Apple Airtag Trackers

Apple Airtags are very small tracking devices that you can attach to items like your purse, your keys, etc. so you can find them. It works on the same principle as Find My Phone.

Airtags track things out of normal Bluetooth range by being part of Apple's huge network of phones.

The problem is, they can also be used to surreptitiously track non-consenting people. This is personal surveillance on a scale never before possible.

As a Bluetooth tracker, AirTags are extremely accurate in terms of location tracking, but that's also their downfall. Safety alerts or not, I shouldn't be able to track anyone or anything beyond Bluetooth range. — Mashable

While Airtags only work with Apple devices (an Android app is planned), The Tile is a similar third-party product that can be tracked on iOS, Android and Windows devices or by using Amazon's Sidewalk.

Amazon Sidewalk

Amazon Sidewalk is an opt-out feature for Amazon devices (e.g., The Ring or Alexa). Starting June 8, 2021, devices are automatically enrolled.

[O]dds are good most people purchasing Amazon gear will have no idea what Sidewalk is, nor stumble across it in their device's options and disable it. — Lifehacker

How to Opt Out of Amazon Sidewalk

  1. Open your Alexa app (if you have a Ring, but not an Alexa, go to your Ring Control Center in the app to opt-out).
  2. Open More. Open Settings.
  3. Select Account Settings.
  4. Select Amazon Sidewalk.
  5. Turn Amazon Sidewalk to OFF.
— Mozilla

The Ring

If you've seen the commercials for the Amazon Ring camera, you'd think crime was rampant in your neighbourhood.

The Ring is a door bell/video camera that allows you to see who is at your door even when away from home. Sounds like a great security tool, right?

Crime Rates Dropping

The commercials are intended to increase your anxiety to sell devices. Crime rates have been dropping for years. Instead, Amazon is creating a network of video cameras used by police everywhere without obtaining a warrant.

By sending photos and alerts every time the camera detects motion or someone rings the doorbell, the app can create an illusion of a household under siege. It turns what seems like a perfectly safe neighborhood into a source of anxiety and fear. — EFF

Unwarranted Surveillance

Ring owners can share video from their Ring's camera with other Ring owners as well as provide that footage to local police without a warrant. Even if you don't have a Ring, your neighbour's Ring shows everything going on at your house.

Gizmodo calls Ring a “quasi-surveillance network” that has exposed users' real-world locations in the past and questions the safety of Amazon Sidewalk.

Issues with facial recognition complicates matters. It isn't as straight forward as TV crime dramas would have you believe.

[E]ven when facial recognition works as expected, it's often used to surveil people of color. Amazon's Ring doorbell cameras pose similar risks, because Ring shares its footage with law enforcement through its Neighbors Law Enforcement Portal, which has been called the "perfect storm of privacy threats." — Mozilla

Partnerships with Police

Many local police departments have been working with Amazon to increase the number of cameras to gain access to footage. But there are issues.

In just a year and a half, Amazon's Ring has set up more than 500 partnerships with law enforcement agencies to convince communities to spy on themselves through doorbell cameras and its social app, Neighbors.

 

The company is moving recklessly fast with little regard for the long-term risks of this mass surveillance technology. These partnerships threaten free speech and the well-being of communities, vastly expand police surveillance, undermine trust between police and residents, and enable racial profiling by exacerbating suspicion and paranoia. — EFF
Law enforcement partnerships with @ring don't make neighborhoods safer—they turn our front doors into vast, unaccountable surveillance networks. — EFF on Twitter

Printer Tracking

Many people feel safe with a printed document, assuming it can't be traced.

The US government made a secret deal to place yellow dots onto every page printed from many (perhaps most) colour laser printers, ostensibly to track counterfeiters.

We've found that the dots from at least one line of printers encode the date and time your document was printed, as well as the serial number of the printer. — Electronic Frontier Foundation

Smart Meters Reveal Much About You

Analogue meters simply recorded the total amount of electricity used between readings.

Smart meters do more than simply remove the need for meter readers to visit your home or business a few times a year. They record the timing, duration and quantity of electricity you use.

Like any collected data, it reveals much about you, including highly marketable data using technology with significant health risks as discussed in this YouTube video.

Privacy information begins at the video's 24:24 mark but I strongly recommend watching the entire presentation.

Apple Treating Privacy Differently

It doesn't have to be like that. As we move into an era where more and more personal data is required in order to provide services that require personal data like map services, health information tracking, etc. Apple wants to have your trust. They make their money on products, not by monetizing the data required to operate these devices.

[S]ome of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. They're gobbling up everything they can learn about you and trying to monetize it. We think that's wrong. And it's not the kind of company that Apple wants to be. — The Washington Post

Current trends in the US are contrary to this protection and it will be an uphill battle.

Not only is this culling of data extremely profitable, but these companies spend a great deal of money lobbying for a relaxation of existing laws. Even politicians that should be protecting our rights want to know the demographics that will get them re-elected regardless of the threat to our privacy.

There are bound to be abuses by law enforcement of any tracking system.

No Privacy for Canadians in the US

Trump's 'no privacy for non-Americans' order is not encouraging but don't be fooled into thinking that other governments are benevolent.

Private data for citizens of Lithuania, Estonia, Malta and the Netherlands receive greater legal protection from the US than Canadians' data does. Canada is NOT designated as a “covered country” even though we share a huge common border and they are our largest trading partner and have some of the toughest copyright laws.

Fight for our Privacy

To make matters worse, a great deal of Canadian Internet traffic flows in and out of the U.S.

OpenMedia runs campaigns around specific privacy issues where you can add your voice in calls for government officials to act.

Return to top

Resources

Recommended Reading

“Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World” by Bruce Schneier

Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World by Bruce Schneier is an imperative read for everyone. Read the introduction.

The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we're offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.

 

Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making.

 

But have we given up more than we've gained?

 

In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day.

 

You'll never look at your phone, your computer, your credit cards, or even your car in the same way again.

Recommended Documentaries

Frontline: ‘United States of Secrets’

Frontline's United States of Secrets is a powerful look at the dangerous spying by the NSA on their own citizens and the revelations following the release of the Snowden documents.

Frontline investigates the secret history of the unprecedented surveillance program that began in the wake of the 9/11 attacks and continues today.

Episode 1 (Transcript) shows how the dangerous plan to greatly increase the power of surveillance on the American (and international) public was secretly authorized with the stated goal of finding unknown terrorists within our midst.

Several members of the NSA and other government bodies opposed the plan on the basis that it overstepped the requirements and undercut civil liberties enshrined in the US Constitution without any real oversight.

Episode 2 looks at the increasing commercial surveillance by companies like Google and later Microsoft, Facebook and others to generate massive advertising income.

This information was later co-opted by the NSA and, in the process, further eroding every citizen's privacy.

There is no evidence that any of this surveillance has made us any safer (think of the Boston Marathon attacks — the sort of event this program was supposed to prevent).

 

Fix Bill C-11

Fix Bill C-11 and privacy in Canada.

Fix Bill C-11: Make it work for us. Tell your MP to fix privacy in Canada by closing the loopholes in Bill C-11.

Why Bill C-11 needs fixing

Stop Bill C-10

Stop dangerous Bill C10. Follow to take action.

Why Bill C-10 is dangerous.

Return to top

Biometrics

Biometrics involves the use of unchangeable but unique physical identifiers such as fingerprints, retinas, facial recognition, DNA, etc.

We're just seeing the beginning of the use of such biometric identifiers. If you're using facial recognition to open your iPhone or a fingerprint scanner on your laptop, you're already doing so.

Unlike many other methods of identifying people, their compromise is also impossible to fix.

Unlike your credit card numbers, biometric identifiers such as thumbprints, retinas, irises and faces can't be changed if the information falls into wrong hands through dark web sales or data breaches.

 

Once the information is out on the web, stalkers or others with evil intent can use facial recognition, for example, to gain access to your full electronic profile, including your home address, birth date, phone numbers and any other information that might been scattered online through endless data breaches. — Chicago Sun-Times

Biometric Technologies Threaten Privacy

There has been a massive growth of technologies that are threatening personal privacy.

These include artificial intelligence, facial recognition, stalkerware and camera systems like The Ring.

The legal framework to protect your privacy has fallen far behind the technology.

We need to have controls over these sorts of identifiers, including clear permission to use them as well as the use intended for them.

Much like other surveillance technologies, there is a lot at stake, both for consumers and for the corporations that hope to make billions by gathering and marketing this very personal information.

DNA

DNA is another area where unique personal identifiers are involved.

DNA tests have become popular ways to determine your family history and these companies are not being up front with what is being done with your DNA.

Unless you specifically opt-out, your DNA information is marketed for profit.

In this case, you're not the only one that is potentially compromised. All those related to you may find they are being identified or tracked because of that DNA test you submitted.

Artificial Intelligence

Artificial intelligence (AI) has been seen and promoted as having huge potential for good.

It also has the ability to work against humanity. Machines don't suffer a conscience like humans do unless it is programmed into the machine.

The reality is, AI is everywhere.

 

AI helps diagnose our diseases, decide who gets mortgages, and power our TVs and toothbrushes. It can even judge our creditworthiness.

 

And the impacts — touching on issues of fairness, privacy, trust, safety, and transparency — will only get more profound as our reliance on AI increases with each passing day.
Mozilla Foundation

AI Manages Masses of Data Quickly

AI allows for rapid manipulation of massive amounts of data.

Commercial and government entities have been collecting more data than they could possibly sift through. The failure to recognize the signals preceeding 9-11 proves that.

AI gives them the ability to make use of that collected data.

No Privacy Protections

AI is being rapidly deployed and not everyone is ensuring that our privacy is being protected.

Extreme Results

We see YouTube video suggestions that reflect the extreme rather than the norm, leading many down a rabbit hole that can be destructive.

Other online resources have similar issues where choices are being made by formulas managed by machines rather than people.

Recommended Reading

Mozilla's approach to trustworthy AI is strongly recommended if you wish to further understand this issue.

Facial Recognition

Facial recognition is often portrayed in a positive light on TV shows where the police use camera footage to identify and arrest the perpetrators of crime.

Facial Recognition Technology (FRT) has emerged as a powerful tool of significant interest to both law enforcement and commercial entities.

 

Used responsibly and in the right circumstances, it has the potential to offer great benefits to society.

 

At the same time, facial recognition can be a highly invasive surveillance technology fraught with many risks. — Privacy Commissioner of Canada

The Dark Side

Unfortunately, the truth is much darker. Not everyone tagged by facial recognition is guilty.

Technologies like Clearview AI avoid the “inconvenience” of judicial oversight, never mind that these images were collected without our permission.

[F]ace recognition may seem convenient and useful, but is actually a deeply flawed technology that exposes people to constant scrutiny by the government…. — EFF

There has been an explosion of the number of cameras in public areas — often accessible via the Internet.

The British security industry association figures there are nearly six million CCTV cameras in the UK. That's one camera for every 11 people. — Veronica Belmont

Using your photo for a profile picture or avatar may personalize your experience, but facial recognition software can relate the information to data found on other sites with the same photo.

The Technology is Nearly Perfect

Facial recognition is nearly perfect and is now being deployed in businesses and government services around the world.

Chinese scientists have developed an artificial intelligence (AI)-enabling 500 megapixel cloud camera system able to capture thousands of faces at a stadium in perfect detail and generate their facial data for the cloud while locating a particular target in an instant. — Global Times
A report by Georgetown Law Center for Privacy and Technology estimates that about half of US adults — more than 117 million people — have their images logged in a facial recognition network of some kind.
BBC

It's bad enough that you can be recognized in photo and documents everywhere. But this capability has been used to enlarge and improve the massive profile advertisers and governments have on you.

Combining seemingly innocuous information with trackable information (your IP address, email address, etc.) can create a profile that can be used to direct advertisements or for sale to information brokers.

Facial Recognition Errors

Facial recognition technology is often biased along the lines of age, gender, race, and ethnicity.

IRL episode 10 discusses the problems with facial recognition.

Serious Consequences

What if there are serious errors?

In 2014, Steven was living an ordinary life as a financial broker in Denver.

 

In the month's before a couple of bank robberies had taken place in Denver. There was a video clip from a security camera and it played on the local news.

 

Three people who thought it could be him phoned in a tip…so the cops came for him.

 

Steven spent months in jail before his lawyer proved it wasn't him. Proved he was at work when the robberies took place. They let him go.

 

A year goes by and then he's arrested again.

 

This time, the cops were sure it was him. They were wrong. More evidence proved he wasn't the suspect.

 

Again, he was a free man, but the damage was done. You can't keep a job in the finance industry when you've been accused of robbing a bank.

 

Because of what's happened Steven Talley is currently homeless.
Veronica Belmont

Stalkerware

Stalkerware sold as a method of monitoring your child or your employee's use of a company-owned phone (the only legal uses).

It is more commonly used to track your spouse (nicknamed “spouse-ware”).

Invasion of Privacy

Whether your motives are pure or otherwise, this is an invasion of privacy.

The fact that the data is often stored on insecure servers should cause you to rethink its use.

It is Spyware

Stalkerware is spyware and is now marked for removal by Kaspersky and other security software vendors.

More about stalkerware on the Malware (Spyware) Detection & Removal page.

Return to top

Related Resources

Related resources on this site:

or check the resources index.


If these pages helped you,
buy me a coffee!


 

Return to top
RussHarvey.bc.ca/resources/privacy.html
Updated: June 14, 2021