Privacy? What Privacy?
Snoops abound from NSA to consumer-land
05 June 2014

by tmartin on June 5, 2014

HAPPY PRIVACY DAY! At least that’s what Google is shouting to the heavens and earth. Which is a little ironic when you stop to think just how much Google itself has done to erode our privacy.

This is, after all, the one year anniversary of the Snowden leaks, when we collectively learned the extent of snooping and spying the National Security Agency (NSA) does on its own citizens (http://www.huffingtonpost.com/2014/06/05/edward-snowden-nsa-effect_n_5447431.html) thanks to classified documents leaked by NSA contractor, Edward Snowden.

Snowden — who is either a patriot whistle blower defending freedom or a traitor to national security who has put the county at risk, depending your viewpoint (http://www.cnn.com/2014/05/28/us/edward-snowden-interview/index.html) — created a firestorm that made people pay attention to the complex issues of security and privacy.

With billions of dollars in global cloud-based business at stake – after all, if the US government is monitoring all, that kinda’ makes storing data in a US company’s cloud services a hard sell – the Internet industry leaped into action.

Google and its peers get points for responding and the industry has taken a solid political stand on government surveillance using its website, Reform Government Surveillance (https://www.reformgovernmentsurveillance.com) as its public platform. There, it sets forth five key very solid principles for privacy, including:

  1. Limit government’s authority to collect information
  2. Require oversight and accountability
  3. Make government requests for information transparent
  4. Respect the free flow of information
  5. Create a transparent framework for data requests that operates across and among all jurisdictions

Today an A-list of CEOs -– Google, Apple, Dropbox, AOL, LinkedIn, Yahoo, Twitter, Microsoft, and Facebook — sent and published their views on pending reform surveillance legislation to Congress (https://www.reformgovernmentsurveillance.com/USAFreedomAct), stating:

    Confidence in the Internet, both in the U.S. and internationally, has been badly damaged over the last year. It is time for action.

Very true. And important for loud voices to speak out and make the issue heard.

A larger group of industry sponsors lies behind Reset the Net (https://www.resetthenet.org) which urges you to download and use various encryption and security tools, to protect your traffic from government monitoring (https://pack.resetthenet.org)

However, equally disturbing is the erosion of privacy that comes from the myriad of Google, Facebook, advertising, analytics, and various other tracking applications that circle our webby wagons like so many metaphorical wolves.

No, they aren’t the elected government, but their control is perhaps greater, certainly less transparent, and all the more insidious.

I’ve been growing increasingly queasy about this whole privacy question for the past two years, ever since Google changed its privacy policies and I changed my default search engine (http://www.capeeyes.com/2012/03/big-data/).

I began divesting myself of Google products and mixing things up enough in a way that I (naively) hoped would confuse the privacy predators.

Of course, Google has a lot of company. Facebook, Twitter, CNN, MSN … you name a site and odds are it lies intertwined within a network collecting, crunching, and devouring your data for the benefit of the bottom line.

I certainly don’t begrudge companies a chance to make money. After all, publishing in all its formats long relied on aggregating eyeballs to generate revenue, since of course we consumers all want everything for free and content doesn’t grow by itself on trees.

At least in print and broadcast, the nature of the media created a gap between you and it; it couldn’t monitor and interact with you. The sophistication of the tracking technology and the pervasive use of all things digital in every aspect of our world has created an environment that is downright scary and – dare I say it again – creepy!

I don’t like the government spying on me. But I don’t like industry spying on me either.

When I started seeing ads and “sponsored links” on Facebook and within Skype for something I had browsed or bought mere hours ago – and worse (http://www.capeeyes.com/2013/01/faceboo/) , I considered opting out altogeher. Instead, I began exploring ways to dodge some of the snoopers.

Determined to learn more, earlier this month I installed a browser extension called Disconnect (https://disconnect.me). The company was founded in 2011 by former Google engineers and a consumer-and privacy-rights attorney. This little puppy opens your eyes … and make you shiver more than you ever had before when you realize how much monitoring goes on with almost every page you load.

I should have known better, but I was stunned to just how many things sniff around to find and follow my digital tracks. We’re not talking one or two or three trackers; nay, some sites I visited have literally dozens sniffing bits of code, little hidden privacy degrading gremlins lying in wait to record my pausing at that URL

With a nifty feature called “visualize this page” you can see who reports what. I just reloaded the previously mentioned Reform Government Surveillance page and Disconnect reports that this page — about the dangers of surveillance — reports my visit there to the following: tumblr.com, google.com, google-aalytics.com, github.io, twitter.com, and linkedin.com.

I don’t know what any of them do with the data – maybe as sponsors they just want to know who is visiting? – but they aren’t telling me I’m getting reported back.

Oh, and how exactly is this different from reporting back to the government?

I loaded one of my own CapeEyes pages and to my great surprise discovered that according to Disconnect, my visit there gets reported to: gstatic.com, googleusercontent.com, google.com, facebook.com, twitter.com, and akamahihd.net.

I host on GoDaddy, using WordPress. Is one of these triggering the report backs without my knowledge as both users and creator? I don’t know enough (yet) to understand, except to know that I never knowingly asked for this.

Chilling, isn’t it?

But to really see it in action, I visited a typical mass media site: CNN. I’m not singling out CNN; it merely typlifes commerical websites. Disconnect reports 6 advertising request, 2 analytic requests, and 37 content requests. Disconnect blocked most of them, as it tells me:

    When you visit this site, the following sites are informed:

      twitter.com
      googleanalytics.com
      turner.com
      rubiconproject.com
      ugturner.com
      krxd.net
      googlesyndication.com
      optimizely.com
      outbrain.com
      disqus.com
      github.io
      dl_rms.com
      insighexpressai.com
      revsci.net
      visualrevenue.com
      cleanprint.net
      doubleclick.net
      facebook.com
      facebook.net
      chartbeat.com
      scorecardresearch.com
      meatads.com
      disquscdn.com
      2mdn.com
      serving-sys.com
      adsonar.com
      reformgovernmentsurveillence.com

Uhm, what was that last one again?

Reformgovernmentsurveillence.com?

I’ve also adopted a new web search engine: Duck Duck Go (duckduckgo.com) It doesn’t track and seems blazingly fast – possibly because it doesn’t track.

Turns out, not only do all of these tracking packages record your life in disconcerting ways, but they also require processing time. Little wonder every click seems to lag bit.

Remember how fast AltaVista used to be? Remember how fast Google flew? Duck Duck Go is that fast.

We’re talking nanoseconds, but they are nanoseconds you can feel. Try it. Do a search on Duck Duck Go and then on Google. Close, but the overhead of tracking shows.

Just think about that CNN page again – each of those tracking snippets might delay the page load just a tiny bit, but with 45 tiny bits, no wonder we can feel the lag!

Duck Duck Go also brings you a way to overcome the “bubble filter” – you know, when you start seeing search results pre-filtered based on all that data folks have been collecting about you. Suddenly, you’re limited by paid placements and your own habits. Maybe it makes search results more relevant … or maybe it simply makes them more narrow and cuts you off from some of the more interesting options in the digital galaxy.

I’ve been comparing Bing, Google, and Duck Duck Go … and Duck Duck Go consistently brings back better matches faster.

When you lay in mobility and location positioning, the whole privacy erosion grows more chilling. Now not only WHAT we do but WHERE we are and where we go become trackable — all in the name of “delivering a better user experience” and “offering more relevant advertising.”

Don’t you feel “better” for that?

A woman named Jane Vertesi is an assistant professor of sociology at Princeton University. She studies big data. Oh, and she had a baby recently.

This last fact makes for an extremely alluring target – according to Vertesi, data market value of a pregnant woman rings in at a whopping $1.50, versus $.10 for the average person.

Bringing home baby creates one of those life inflection points where you not only buy a lot of stuff, but you also create new commercial relationships that last long beyond midnight feedings.

Vertesi decided to try and avoid becoming a target. (http://thinkprogress.org/culture/2014/04/29/3432050/can-you-hide-from-big-data/ ) She and her husband asked their friends to avoid all mention of the upcoming baby, not even saying a generic “congratulations” on social media, where folks like Facebook blithely take every bit of conversation and turn it into grist for profitable data. ($1.50 x how many pregnant women?)

In a presentation at Theorizing the Web last April (https://www.youtube.com/watch?v=aUDwyBYbWjM) Vertesi described how she and her husband made online purchases via an anonymizing server with pre-bought gift cards, and how they used cash instead of credit cards in bricks and mortar stores.

“Consumption outlets and technology that underlies them make us produce data in a particular way” she said, “and opting out is not really an option,” noting that if you try, you appear immoral or even criminal.

Ah, how the spirit of making money can trump almost anything, including privacy!

And what do we get from it? Slower software. Cluttered pages. A cacophony of commercial messages chanting and shilling products. A profile that shows what we do, what we read, what we say, who we talk to, what we buy, where we visit in both real and cyber space, all collected in a way that normalizes this state of affairs. And that’s just from our friends in industry – who aren’t even part of the NSA!

OK, so with that cheerful thought … Happy Privacy Day again!

Hmm, why not celebrate by trying out a few privacy protecting tools or a no-tracking search engine. Or, just for kicks, install Disconnect and watch how your actions could report back via a decidedly non-transparent channel. Baby steps, yes. But the road to reclaiming our private lives begin with that simple one foot in front of the other.

Leave a Comment

Previous post:

Next post: