Russ Harvey Consulting - Computer and Internet Services

The Surveillance Economy

Everyone's Collecting | Metadata | Data Breaches | COVID Tracking

Data breaches

Justified by terrorism, surveillance has been exploited by governments and businesses.

Governments allowed corporations unprecedented access to our private data, then demanded access to those resources based upon the rulings of secret courts.

Our private data has become the new currency of business. Increasingly companies collect everything about what we do online, supposedly in exchange for all the free information and products on the Internet.

The press has performed admirably in reporting on privacy violations by the National Security Agency and major internet companies. But news sites often expose users to the same surveillance programs and data-collection companies they criticize. — The New York Times

You Are the Product

Any time that you don't pay for a product or a service, your private information is the currency. You are the product.

Corporations like Facebook became wealthy by creating profiles on their users to be sold to advertisers using an open Web that they're now trying to lock down.

Microsoft changed their business model from selling operating systems and office suites to one which collects personal information and monetizes features that used to be free.

“Location information can reveal some of the most intimate details of a person's life — whether you've visited a psychiatrist, whether you went to an A.A. meeting, who you might date,” said Senator Ron Wyden, Democrat of Oregon, who has proposed bills to limit the collection and sale of such data, which are largely unregulated in the United States. — NY Times
Statistics Canada plans to build an enormous information bank with the real-time financial transaction data of 500,000 people in Canada. This “individual-level financial transactions data” would include SINs, account balances, cash withdrawals from ATMs, bills paid and credit card payments. And it sounds like our Internet activities might be next. — OpenMedia

Your Personal Privacy at Risk

Your personal privacy is at risk like it has never been before, yet most folks think they have nothing to hide and therefore there is no need for concern.

They are wrong!

It's not necessarily that you're doing anything wrong at all, or that you have anything to hide, but we all should have a sphere of our life where we're not on stage or being scrutinized. And we're just able to develop and grow relationships and make mistakes and do stupid but not illegal things. And if we get rid of our privacy it's going to have a massive impact on our ability to develop as humans. — Jenny Afia

Our information is being handled by an increasingly smaller number of powerful companies where your privacy impedes profitability.

It feels like every tech giant has been racing to update their privacy policies these days so we wanted to ask. What did we just sign up for? What is this bargain? — Mozilla
Tech companies like Facebook have mastered the art of distorting choice and consent. — EFF

More about this brave new world of one-sided transparency:

Safety of Children a Powerful but Flawed Argument

Imagine an Internet where the law required every message sent to be read by government-approved scanning software. Companies that handle such messages wouldn't be allowed to securely encrypt them, or they'd lose legal protections that allow them to operate. — EFF

Children's safety and the prosecution of child-based crimes is a noble action.

However, while we see this argument used to justify removing rights like the right to privacy or encryption, they are far less aggressive in fighting privacy violations involving children if it profits big business.

Mozilla's IRL podcast, The “Privacy Policy” Policy gives a great example of how a “free” game can collect information to monetize their product, even from kids.

Yet More Access is Demanded

Police and intelligence agencies are quick to point out the use of cell phones and encryption in terrorist attacks. They continue to demand new restrictions including special “back door” access.

Criminals and terrorists use many other services. Do we ban everything?

Criminals have used telephones and mobile phones since they were invented. Drug smugglers use airplanes and boats, radios and satellite phones. Bank robbers have long used cars and motorcycles as getaway vehicles, and horses before then. And while terrorism turns society's very infrastructure against itself, we only harm ourselves by dismantling that infrastructure in response — just as we would if we banned cars because bank robbers used them too. — Bruce Schneier

Back Doors Unsecure

Back doors inevitably are broken and become the tools of criminals. No one wants to share private data and financial information such as credit cards on the Internet without strong encryption (it would be like mailing cash).

It really never comes into play as being a personal issue or a real big factor for you personally until that information is either weaponized, used against you, or it feels personal. — The Grand Bargain

Return to top

Everyone is Collecting Information

Everyone is collecting vast amounts of information about you — governments, businesses and the sites you visit on the Internet. “No big deal, right?”


The practice of compiling and selling individuals' personal information by data brokers for marketing or other purposes raises privacy concerns. These concerns result, in part, from a lack of transparency and openness and the challenges individuals face in trying to exert control over their information. — Privacy Commissioner of Canada

Your Personal Data Valuable

Your personal data has become the currency of the Internet and is worth $130 billion per year!

Digital advertisers are making approximately $250 annually — roughly twice the cost of a Netflix subscription — off you and your browsing data. — Jeremy Tillman
Right now, our data is worth a lot of coin to a lot of companies. But privacy, it's priceless. It's a necessary part of a healthy functioning society. — Manoush Zomorodi
“Privacy is often framed as a matter of personal responsibility, but a huge portion of the data in circulation isn't shared willingly — it's collected surreptitiously and with impunity. Most third-party data collection in the US is unregulated,” said Cyphers. “The first step in fixing the problem is to shine a light…on the invasive third-party tracking that, online and offline, has lurked for too long in the shadows.” — EFF

ISPs Wanted in on the Action

No wonder the US ISPs were pressuring the government to allow them to cull user data like Facebook and Google do. However, their premise is flawed.

President Trump signed the bill allowing ISPs to collect and sell their client's surfing data on April 3, 2017.

Not only have [US lawmakers] voted to repeal a rule that protects your privacy, they are also trying to make it illegal for the Federal Communications Commission to enact other rules to protect your privacy online. — Bruce Schneier

ISPs are Different

ISPs charge for their services but also have access to all of your surfing.

I wonder how many of these ISPs would be so keen on the idea if they now had to provide free unlimited Internet access to users?

ISPs Can Record Everything You Do Online

ISPs see everything you do online (not just when you're logged into Facebook or another service) and can create a much more accurate profile that will be worth much more than Facebook's profile of you (which is so detailed that advertisers can focus their message to a user base more precisely than virtually any other medium).

This isn't just your browsing history or cookies. It's geolocation data, financial info, passwords, health info, even your Social Security Number. Anything you do, any data you enter, any online video you watch, any email you write. Your ISP could store it all and sell it for their own profit if Congress throws out the FCC rulings. —

Remember, this is much more than what you're typing into your browser. More and more our applications have moved from our computer to become Software as a Service (SaaS) — software running on the Internet. Even our operating systems (e.g. Windows 10) are moving that direction. If this trend is allowed to continue, we'll soon have even less control (ownership) of our own data in the future.

Facebook Tracking

You're vulnerable to Facebook when

Using common factors, Facebook will attempt to link up the anonymous account with an actual account or combine multiple anonymous accounts into one profile.

Facebook wants Apple to change its business model so Facebook doesn't have to. Think about that.


It's like Ford Motor asking Tesla to build gas-powered cars so it can compete. Or Dell asking Apple to go back to Intel so their notebooks can compete. — ZDNet

Google Tracking

You're providing data to Google when you use their search facilities directly (instead of an intermediary like or use a Google product like Gmail, Chrome, YouTube, Google Maps, etc. or when you visit the 86% of sites that use Google Analytics.

You're particularly exposed when you're logged in to your Google account while using Chrome, YouTube or Google Search.

Tracking Mobile Device Users

The choices for mobile users is even more distinct based upon the mobile operating system:

  • Android users a always being tracked except by following a complex process.
  • iOS users can disable tracking by going into the Privacy settings, then Location Services then selecting “While Using” or “Never” for Google apps like Google Maps.

In my opinion, it is unfortunate that a very capable company like Google (Alphabet) did not continue to “do no evil” (their original motto, since replaced with “do the right thing”).

Big Corporations Hijacked the Internet

The Internet was made for everyone but is being hijacked by big corporations that are turning people into products without their knowledge or consent. — The Hidden Business of the Internet
The data market is massive, how big? Well the going estimate puts it at over 130 billion dollars now and maybe as much as 200 billion in the next three years. Those in the business of buying and selling data, we call them data brokers. — Veronica Belmont

And it is probably going to get worse. Like sharks smelling blood, corporations are after any data they can cull. They keep it insecurely (remember, it cost them little to obtain) just in case it comes in useful later.

Trade deals like TPP, TISA and TTIP have all been open to input from industry but closed to input from both non-profit groups that look out for the public interest as well as many of our elected government representatives.

It appeared that we'd defeated the TPP then the US negotiation team began making the same demands within NAFTA. One example: they are seeking to invalidate Canadian laws protecting privacy and copyright so that US cloud providers face no restriction on doing business here.

Currently, policies in British Columbia and Nova Scotia require public-sector information — data from universities, hospitals, and government institutions — to be stored in Canada with the intent to prevent public information from being accessed elsewhere. However, that protection no longer applies if that data is stored in the US, and its own protections don't extend to non-citizens. — MotherBoard

Canada has bowed to US pressure to approve the new NAFTA agreement which contains many of the worst aspects of the TPP. Expect to pay more for US services and to have fewer protections.

Big Data: Tracking Your Every Move

Big Data is the current mantra of organizations. How to obtain it, store it, process it.

Big data has been promoted as saving you time, personalizing your experience and a number of other positive concepts.

The Dark Side

However, big data has its dark side: the development, buying and selling of profiles (data about individuals).

The modern ad industry is about the buying and selling of individuals, says Jeff Chester, executive director at the Center for Digital Democracy. All the investments is aggressively pushing toward much more granular personalized targeting.The Verge

“Personalized” Experiences

“Personalized” experiences is a euphemism for profiling. Its purpose is to make advertisers more effective in targeting you in their advertising; more likely that an ad will appeal to you.

Our unprecedented ability to collect and store data is revolutionizing the business world and giving companies predictive insight that they have never dreamed of before. Motor companies can now anticipate breakdowns, credit card companies can apply personally tailored rates for their clients, and mega-retailers like Costco and Wal-Mart can track sales with accuracy that almost seems psychic. — Moran Shimony

The concept of “personally tailored rates” may sound appealing until you realize that means that you'll pay more if you live in the wrong neighbourhood, view the wrong sites (or your friends do).

There is only one word that can be used to describe this practice: sleazy.

Web Tracking

If you're using privacy software like Ghostery on your web browser, you've probably noticed that most sites now use invisible web beacons, analytics services, page widgets and other third-party page elements that are secretly tracking your every move.

[W]eb tracking has become so pervasive that approximately ten percent of websites send the data they've collected to ten or more different companies, and 15 percent of all page loads on the internet are monitored by ten or more trackers. — Jeremy Tillman

These sleazy practices are very profitable — but at the expense of your privacy. Corporations would sue you if you were to return the favour (they'd call it hacking).

Videos and Comments as Marketing Tools

Videos on many sites serve as more than information. Comments on the bottom of an article or post also have a hidden purpose.

Both are marketing tools.

If you use ad blockers and other privacy software, you quickly learn that if you block tracking elements, you can no longer view embedded videos nor see the comments left by other site visitors.

Creepy Recording of Your Surfing

Many of today's largest websites are not only storing generic analytics data, but individualized recordings of visits to their site, including keystrokes, mouse movements, clicks and the pages visited. These scripts even record keystrokes that aren't submitted (including your typed passwords).

They claim that they are only collecting anonymous meta data, but are doing everything they can to identify users.

"Session replay scripts" can be used to log (and then playback) everything you typed or clicked on a website. — Motherboard

The information shared on some sites is much more personal and should be protected. It isn't.

Dating sites collect sensitive personal information like drug usage habits and sexual preferences. They also have dozens of trackers that can collect profile information, as well as information on where a user clicks or looks. — Axios

Browser Fingerprinting

As users became more aware of cookies and other tracking technologies they have begun to use ad-blockers and other privacy extensions including Ghostery and Privacy Badger.

Sites use a number of sneaky tactics to track your movements on the Web including browser fingerprinting which looks for a number of trackable identifiers.

A digital fingerprint is essentially a list of characteristics that are unique to a single user, their browser, and their specific hardware setup. This includes information the browser transmits inherently, like in an HTTP request, as well as a host of seemingly insignificant data (like screen resolution and installed fonts) gathered by tracking scripts. Tracking sites can stitch all the small pieces together to form a unique picture, or "fingerprint," of the user's device. — EFF

Fingerprinting is much more difficult for users to combat because, unlike cookies, it's use can't be detected. Nor can the user easily change the characteristics that general a unique fingerprint.

Cover Your Tracks is safe to use as part of EFF, dedicated to fighting for your privacy.

Why Tracking is a Privacy Issue

While these sites claim the purpose is to improve their website, much more information is obtained which allows sites to create a precise profile about you.

Collection of page content by third-party replay scripts may cause sensitive information such as medical conditions, credit card details and other personal information displayed on a page to leak to the third-party as part of the recording. This may expose users to identity theft, online scams, and other unwanted behavior. The same is true for the collection of user inputs during checkout and registration processes. — Freedom to Tinker

This data has tremendous economic value and may be shared without your permission (or be revealed in a data breach) and this could have significant repercussions for your privacy in the future.

PayPal Shares Your Data

The 600+ companies PayPal shares your data withview the graphic.

While much of this may have to do with ensuring your identity, that is a lot of sharing.

More About Big Data

There's more about Big Data on these pages:

Return to top

“We're Only Collecting Metadata”

Many organizations indicate that they are “only collecting metadata” yet are very vague about what they do with our data and who they share it with.

[M]etadata is characterized as data used to describe other data. As a result, an assessment of whether bulk collection of telephony metadata violates a reasonable expectation of privacy seems to have been rooted in three constitutionally relevant dichotomies, namely content vs. non-content data, private records vs. business records held by third parties, and hard-to-obtain information vs. information “in plain view.” — Kift & Nissenbaum

Significant is our inability to determine how those collecting our information will aggregate, store, combine and analyze that data, and the extent to which we, the data subjects, assume the risk of metadata being shared beyond the purpose for which it was provided.

The number and size of data breaches demonstrates how little regard these organizations have for the consequences of their failure to protect our data. The implication is that we allowed them this information so they are no longer responsible.

That's like blaming you for how your credit card was used following its theft including its use in the commission of a crime after you've reported it stolen.

Why Metadata Matters

Research has shown that using only call metadata, the government can determine what your religion is, if you purchased a gun or got an abortion, and other incredibly private details of your life. Former director of the NSA and CIA, Michael Hayden, recently admitted: We kill people based on metadata. And former NSA General Counsel Stu Baker said: metadata absolutely tells you everything about somebody's life. If you have enough metadata, you don't really need content.
Electronic Frontier Foundation

How revealing metadata can be is demonstrated in these three (rather obvious) examples presented by Kurt Opsahl at CCC on December 30, 2013:

  1. They know you rang a phone sex service at 2:24 a.m. and spoke for 18 minutes. But they don't know what you talked about.
  2. They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
  3. They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don't know what was discussed.

Why metadata matters further expands this concept and helps you to better understand what metadata is and how it affects us.

Anonymous No More

A more intensive look at telephone metadata reveals much more. Your privacy could be compromised by linking the timing of anonymous data to data that directly identifies you via credit card, hotel stays and more.

While there might be a lot of people who are in their thirties, male, and living in New York City, far fewer of them were also born on 5 January, are driving a red sports car, and live with two kids (both girls) and one dog. — Dr. Luc Rocher
One investigation of "anonymized" user credit card data by MIT found that users could be correctly "de-anonymized" 90 percent of the time using just four relatively vague points of information. Another study looking at vehicle data found that 15 minutes' worth of data from just brake pedal use could lead them to choose the right driver, out of 15 options, 90% of the time. — TechDirt

All this can be used to build a profile of you that may make judgement calls which are then processed as “facts” by other parties. Metadata IS surveillance.

Even something like Alfred Kinsey's sex research data from the 1930s and 1940s isn't safe. Kinsey took great pains to preserve the anonymity of his subjects, but in 2013, researcher Raquel Hill was able to identify 97% of them. — Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World by Bruce Schneier

Much more data is collected today. We can no longer blindly provide access to all our personal data assuming it is truly anonymous.

Hacks and Security Breaches

While organizations are happy to collect your private data, they aren't committed to protecting it as carefully as they do their own private information.

Instead, much of this data is protected only with the least effective (and least expensive) technology and some companies leave the information unprotected and available to anyone that can locate the server it is stored on.

These companies seldom report the loss until much later (often years later) and are not financially responsible because of their vague terms of service and poor privacy policies.

You only need to look at the way Facebook, Hotmail and others so quickly changed their privacy policies to enhance their profitability. You're on your own when it comes to protecting your identity.

Have You Been Hacked?

Find out if your email address has been in a known breach. If so, change passwords for those accounts (and any others using the same user names and/or password).

If the service is free, then you are the product. — The Day We Lost Everything

Governments Collecting More

[K]now that every border that you cross, every purchase you make, every call you dial, every cellphone tower you pass, friend you keep, site you visit, and subject line you type, is in the hands of a system whose reach is unlimited but whose safeguards are not. — CITIZENFOUR documentary

Everything We Know About NSA Spying is an excellent YouTube video about NSA spying. It shows just how extensive the reach of this program is and how easy it is to become a target.

In the “new propaganda era” we are entering, where the frontier between information, communication and propaganda becomes blurry, the world needs independent journalists, who engage in the pursuit of the truth, who respect standards of ethics, and whose mission is to give citizens of this world tools to understand what surrounds them. That is to say, in a word, free journalists. — Defence Handbook For Journalists and Bloggers

Governments Collecting More Personal Information

Governments are collecting more about you and your Internet activities.

Never in history has a surveillance state and a representative form of government existed side by side. A free society and a surveillance society cannot be reconciled. Biometrics is the linchpin to a surveillance society. — Constitutional Alliance
Never give a government a power you would not want a despot to have. — John Gilmore

Canadian Government Double Standard

The Canadian government will not allow its data to be stored on servers outside Canada. However, the government is much less concerned about your privacy.

They continue to share data about their own citizens with the U.S. and other Five Eyes partners — even unconfirmed data that has cost innocent individuals their freedom.

Overseas Privacy Threatened

Microsoft successfully fought a December 2013 federal search warrant demanding that the company release emails stored in Ireland. Governments seeking access to data stored on overseas servers should concern everyone. The U.S. is not the only country doing this.

The revelations of NSA searches on U.S. servers has cost American tech companies, forcing them to build servers overseas rather than hosting them all in the United States. This case clearly had implications for these companies being abandoned if foreign customers felt their privacy was threatened even with servers hosted in their own country.

You can find out more about governments collection of personal information at:

Other reports about privacy and surveillance:

Return to top

Data Breaches Reveal Personal Data

Most large companies now make at least some of their income by collecting and analyzing personal data from people on social media, websites and more. Companies like Facebook are based entirely on abusing that trust.

Because they paid virtually nothing for it, these companies seldom provide decent protection.

Everyday we hear about another undisclosed data breach. Private information being collected, sometimes sold, and given away without our knowledge or consent. CEOs sit before Congress saying they will "do better" while stories continue to break about negligence and wrong-doing. — Mozilla
There have been at least 200 documented data breaches since 2005, and the number of records exposed is only on the rise as more folks move their lives online. It's impossible to know the impact and extent to which data breaches are occurring as many almost certainly go unreported. —

Each year the number and severity of data breaches, compromised accounts is becoming increasingly frequent and more severe.

New Privacy Breaches

A new study looking into data breaches in 2019 found that on average, a US citizen had their personal information leaked to the public at least four times. This is only based on publicly reported data and leaves out hundreds of other breaches that may have occurred behind closed doors. — TechRepublic
This is unprecedented: almost half of all people in Canada had their sensitive, personal information from a medical testing company hacked and stolen. And it took over 6 weeks for the public to be informed.

See if you're affected then sign the OpenMedia petition for action.

Be sure to read the resource links at the bottom of the OpenMedia petition to understand the scope of the problem and why action must be taken to stop this loss of personal data.

Over 75% of Canadians Affected

In the first year that reports are mandatory under PIPEDA ending October 31, 2019, the OPC received 680 breach reports affecting more than 28 million Canadians, six times as many as the year before. Clearly breaches of private businesses has been greatly undereported.

Type of breach
Type of incident Total breach reports
Accidental Disclosure 147
Loss 82
Theft 54
Unauthorized Access 397
Grand Total 680


Where is the Accountability?

Would you simply shrug your shoulders if your bank “lost” your life savings because of lax security? Why should mass data breaches be any different?

Many of these companies either are unaware that the breach took place (indicating technical incompetence) or have opted not to report the breach to those affected (essentially fraud).

Probably the only thing that will slow down the rate of these security failures is to place the company executives in jail for not providing sufficient security resources to protect the information in their care.

First, as consumers we need to stop shrugging and accepting data leaks as business as usual. Security should influence our buying decisions: the organisations we deal with won't take security seriously unless customers and the public do, too. — ZDNet.

Canada's businesses and employees need to understand that this is not acceptable and that the consequences for businesses and employees involved could be significant.

Government Agencies and Political Parties

It should start with our government representatives. It is shocking that our federal parties totally ignore privacy laws and that our governments not only spy on us but share that information widely both internally and externally.

Responding to Privacy Breaches

Responding to such shocking numbers is important. A recent meeting of privacy leaders are calling for a revamping of Canada's privacy laws which are 35 years old and greatly out of date, especially compared with other countries.

A large number of breach incidents were the result of individual phishing attacks or phone scams which means that public education needs to be stepped up. It also calls for a look at how technology can be used to catch criminals or remove their access to Canadian phones and email accounts.

Employee snooping, whether malicious or simple curiosity, needs to be stopped. A “need to know” should be a first line of defense backed by severe penalties for failure to protect privacy.

Similarly, if companies faced massive fines for failing to protect the data they collect “just in case” its useful, they would be far more likely to not collect it and to secure it more effectively if they did collect it.

Probably the most effective

If You've Been Affected

These large numbers indicate that most individuals in Canada have already been affected. We need to stop unsafe practices and start treating ignorance as a public menace.

Legislation is Probably Required

Too often we try to tell folks how to protect themselves, but how to you protect yourself from credit card and other information stolen from retailers other than by strictly using cash and refusing any personal details such as requests for your email address to “email your receipt.”

You should receive a printed receipt with your transaction, so you're providing information with little return value to yourself compared to the future value of your email address to the retailer.

Corporations must be held legally and financially accountable for security breaches that affect customers. There need to be fines, investigations, and court-ordered consequences. Money needs to be spent on lawyers—a lot of money. The current model where customers have to spend their own money and energy to bring lawsuits to bear is unreasonable. — PCMag

The Motive: Financial Gain and Espionage

The primary purpose of hacking these sites is financial gain, although other factors such as espionage are likely factors.

Cyber criminals have placed 617 million hacked accounts for sale on the dark web, stemming from 16 separate data breaches. — Independent

2017 Equifax Data Breach

Probably the most glaring of the many reported (and unreported) data breaches is the 2017 Equifax data breach. Not only was the data was particularly sensitive, including credit reporting information on the majority of American and Canadian citizens but there was a delay in reporting the breach while the company executives cashed out.

A company like Equifax that has sensitive, personal information on most Americans should have the best data security in the industry. Instead, it has the worst. — US Senator, Elizabeth Warren

The data stolen in the Equifax breach provides more than enough information on over half the American adult population to commit identity theft, yet if you use the site set up to check if your personal identity has been compromised, you give up the right to sue. Seriously?

Equifax settled a lawsuit with the FTC by agreeing to provide either 10 years of credit monitoring or $125 settlement fee. But Equifax gamed the system by not providing enough funds for this settlement:

Equifax earmarked only $31 million for claims, meaning that if all 147 million people affected by the breach filed a claim, everyone would get just 21 cents.— The New York Times Editorial

The lack of quick action by the company's executives should have resulted in firings and severe financial penalties for the company. 21 cents provides no incentive to corporations to provide security for the information they hold about private citizens.

The Mystery Resolved

For quite some time there was a mystery of what happened to the data because it didn't show up on the dark web like such breaches usually do. Equifax blamed it on an employee's error.

The Equifax data breach, which exposed the sensitive personal information of nearly 146 million Americans, happened because of a mistake by a single employee… — Richard F. Smith, Former Equifax CEO in October 2017

The theory that a foreign government was behind the attack was the most logical conclusion, later confirmed.

The great Equifax mystery: 17 months later, the stolen data has never been found…. Most experts familiar with the case now believe that the thieves were working for a foreign government and are using the information not for financial gain, but to try to identify and recruit spies. — Kate Fazzini, CNBC

In February 2020, it was revealed that four Chinese officers of the People's Liberation Army…were responsible for carrying out the largest theft of sensitive personal information by state-sponsored hackers ever recorded.

Breaches Go Back Years

Breaches have been progressively reported for several years in a row. Often initial reports understate the actual number of affected accounts.

One example is the Yahoo breach which initially reported 500 million accounts were breached in 2013. Now we know that all 3 billion Yahoo accounts were affected including Yahoo Mail, Tumblr, Flickr and Fantasy Football. Here's what to do.

We're Becoming a Police State

We've seen a series of laws and rules that greatly increase the power of the government and police to gather information on their own citizens and use it without the traditional requirement for warrants or probable cause.

This is the very definition of a police state.

Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that's why we should champion privacy even when we have nothing to hide. — Bruce Schneier: The Eternal Value of Privacy

Current trends show increased surveillance and a corresponding loss of privacy:


Fix Bill C-11

Fix Bill C-11 and privacy in Canada.

Fix Bill C-11: Make it work for us. Tell your MP to fix privacy in Canada by closing the loopholes in Bill C-11.

Why Bill C-11 needs fixing

COVID Tracking

COVID-19 has affected many areas of our lives, none more so than our privacy.

The massive growth of privacy-invading technologies in the last decade are being re-ignited as the demand for control of the COVID-19 pandemic grips our world and proponents of 24-7 universal surveillance are hard at work.

Although poorly understood at the time, one of the biggest long-term impacts of the September 11 attacks was expanded surveillance in the United States and other democracies, by both public and private sectors.


Similarly, one of COVID-19s most important long-term impacts will be the reshaping of digital surveillance across the globe, prompted by the public health need to more closely monitor citizens.


The stakes are high. If democracies fail to turn the future of global surveillance in their favor, digital authoritarian competitors stand ready to offer their own model to the world. — Nicholas Wright

There are many examples. Few of these have limits on the lifespan of the collected information or its uses.

Related Resources

Related resources on this site:

or check the resources index.

If these pages helped you,
buy me a coffee!


Return to top
Updated: January 5, 2021