Worried about PRISM? How much would you pay for better privacy?

June 30, 2013
21 21 65 8
    Image credit:

    Image credit: Shutterstock

    Privacy has been a big issue in the news lately, with the disclosures of whistleblower Edward Snowden that the US government, through the NSA, is actively running a program that eavesdrops on communications within the country and abroad. And while it’s debatable whether this is a patriotic act, or if it’s a criminal offence, the fact is that companies like Google, Yahoo! And other service providers are giving government what is usually direct access to our information.

    But even without the NSA eavesdropping in the picture, it’s a known business fact that if you’re using a free service that millions of other users enjoy, then you are most likely the product. Google, Facebook, et al, are earning big money from big data, analytics and advertisements, among others.

    For consumers, it’s a choice between convenience and lack of privacy. Do we just stop using online services for fear of being tracked or eavesdropped upon? The problem with complaining about Google’s practice of tracking users is that the company has a clearly written privacy policy and terms of service that implicitly ask users to waive their reservations of being tracked.

    There are services and applications that we can use to minimize the risk of being tracked – or at least minimize the information being gathered about us. Would you be willing to pay not to be tracked? How much should be the fair amount? Or, would you be willing to stop using Google services altogether? What will be the opportunity cost?

    What Google knows about you

    Google collects various information about its users. These include search queries, telephone log information, IP addresses, device event information, location information, and unique application numbers. The company uses cookies and anonymous identifiers to know more about its users. There maybe nothing concerning about having all these information collected, especially if it is aggregated (as opposed to personally identifiable). The issue is in what the company does with these data. Google offers a statement on how they use the information they collect. Unfortunately, the statement can be interpreted to mean myriad possibilities many may not find acceptable.

    Consider this excerpt from Google’s Privacy Policy:

    We use the information we collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect Google and our users.
    Google
    www.google.com/policies/privacy/‎

    The last line is akin to NSA’s justification for PRISM. They want to protect the users – in PRISM’s case, the citizenry or national security. How do you argue against such a noble intention? As Google’s former CEO, Eric Schmidt, once said: “If you have something you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.” Makes sense? Or does it make you wonder?

    However, it’s quite difficult agreeing with these justifications when you hear disappointing news about the government’s discriminating ways, like the recent revelation that the IRS specifically targeted the incumbent administration’s political opponents. Similarly, US government officials claim that they have quelled dozens of terror attempts because of their systematic spying, but there’s just no way to verify such claims as these are classified.

    Some would argue that we users of free services like Gmail, Google Talk, and various free Android apps are not really entitled to complaining about Google’s tracking schemes. After all, we take advantage of reliable services that only require us to become part of an extensive ad network through which Google makes money. Still, offering free products is not an excuse for the intrusion of privacy, a basic right. This is definitely not an excuse because if we were to use this logic, customers who pay for premium online services should not be included in the government’s spying. Regrettably, this is not the case.

    And with the advent of wearable and connected computing technologies like Google Glass and the myriad of smart glasses and smart watches that manufacturers have in the pipeline, we might soon find ourselves in a world where companies and the authorities can easily spy on us through the “eyes” and “ears” of our devices. If you watch Person of Interest, you would know what I mean.

    Is there anything you can do to avoid tracking?

    Fortunately, there are ways to avoid many of Google’s tracking mechanisms. For example, you can use a script-deactivating add-on on your web browser like NoScript and NotScripts. There are many browser add-ons that can prevent Google from doing its regular web activity tracking practices like Disconnect and Ghostery (both available for Firefox and Chrome users). You can also mask your IP address by using anonymizing tools, which can be installed on a device or used as web-based applications. For Android devices, these tools come in various forms. They can be anonymous web browser apps themselves, browser filters, or virtual private network (VPN) apps. Their main purpose is to conceal your IP address, to prevent Google from identifying your device and tracking your every action on the Internet.

    It is also possible to use encryption tools like the WebPG or GNU Privacy Guard. These tools protect transmitted content or data from being read by parties that are not the intended recipients. Encryption tools are useful in protecting emails or documents from being read by unauthorized parties.

    Some would suggest using disposable email addresses and phone numbers to ensure complete protection from tracking. Since the addresses and numbers used cannot be traced to a particular user, tracking will be unlikely. These include apps like Hushed or Burner or services like Airmail. However, using these would be rather impractical and inconvenient because they are only temporary.

    If you spend a lot of time using an Android device, you can use apps like Silent Phone from Silent Circle, which lets you send messages and make calls that are encrypted and supposedly secure from spying. For a monthly fee, you can share files, texts, and locations securely and avoid prying eyes through encrypted video and voice. The app is free to install from the Google Play store, but you need to pay for a monthly (at $24) or annual (at $120) Silent Circle subscription to be able to use it. Silent Phone uses the ZARTP encryption protocol that employs ECDH-384 and AES 256 encryption algorithms.

    Silent Circle claims that the application is already being used by human rights organizations that fear for the lives of the persons under their protection. Even the federal government uses Silent Circle for their secure communications.

    Should you pay for your privacy?

    The different privacy solutions offered online are not cheap. You can find free tools, but not all free apps and services are that easy to use. If you get enterprise or professional solutions, expect to pay hundreds or even thousands of dollars to keep your computers and communication lines from being tracked and surveilled. But are you really willing to pay for all of these to ensure protection against a problem that should not exist in the first place?

    The Android community is active in working on protecting users’ privacy. This includes efforts by CyanogenMod’s creator to incorporate an Incognito mode, as well as encrypted messaging.

    If it were up to me, I’d say my answer to the question is “zero.” I am not willing to pay any amount for something I am entitled to get as a right. Ideally, no entity has the right let alone the responsibility to spy on private citizens without a court order. I shouldn’t be spending any dime just to claim my rights.

    This is just me being idealistic, though. In reality, Internet and telecommunications companies have unlimited access to all sorts of information that pass through them. What they do with these massive amounts of information is anybody’s guess. It’s virtually impossible not to be tracked especially when you are using free services that have now become essential communication tools, like emails and SMS. Companies inevitably have to deal with information about their customers or users as a part of the service delivery process.

    Sadly, authorities cannot do anything about these. Worse, these authorities themselves are even collaborating with companies to make use of the collected privacy-intruding information. And how do we weigh the argument that this very intrusion of privacy is itself protecting us from potential harm from terrorist or criminal threats?

    Should companies be held liable? What about government?

    The solution here is probably not to barricade yourself with paid privacy solutions. If you look at the development of the Snowden scandal, the issue started when it was revealed that the government has been getting customer or user information from major service providers with these companies’ consent or cooperation. Haven’t we realized that companies have already been obtaining information from us eons ago? If the concern is government access to supposedly private data, the solution is to make the government accountable for accessing such data and to prevent government officials from doing the same again in the future. If you are worried about companies that intrude on your privacy, perhaps the solution is to prevent them from doing so through a class action.

    Maybe if you’re using an Android phone or even an iPhone, it’s not so much of a burden spending a few dollars on apps that promise privacy protection. If they don’t turn out to be effective, you’re not going to lose so much. However, are you really addressing a real problem by doing this? If you don’t like Google’s ambiguous policies, why not leave them? If you think they’re violating your privacy, then sue them!

    If you happen to have read about the news of China’s alleged hacking into the US intelligence databases or Uncle Sam’s alleged hacking into China’s confidential files, you should realize that almost every paid privacy and security solution available can be futile once you become the target of aggressive tracking and spying attempts. Don’t you think you’re better off spending your money on more useful productivity apps? Or games? Perhaps Eric Schmidt’s advice makes sense: don’t do something you’d rather not have anyone else know. Taking it in a more positive light, if you’re not doing anything wrong, then what is there to fear?

    21 21 65

    Via

    Source

    Comments

    • http://www.martian-imperium.com/ Lokifish Marz

      Your carrier knows who, when, how long, general location, ESN/MEID, phone make/model and then hands that to the intelligence community. Server based services fail because they can be access via man in middle and server hacks.

      You need realtime, on device (de)encryption but that requires that everybody you call/text has the key. No key means they can’t receive your encrypted calls or texts. This still leaves on device snooping to deal with, like we saw with Carrier IQ.

    • AndroidShiz

      It’s strange and ironic that Huawei was backlashed by the US for possible phone spying, (they did get kicked out of India for just that btw) They obviously didn’t like the Huawei Prism.

    • leedo

      How much would you pay for air to breath?

      • Luka Mlinar

        F’in A!

    • Luka Mlinar

      Pay? Really? I shouldn’t have to pay FFS!

    • rain0

      One thing that I hate, even with all this NSA & privacy matters, most mobile OS maker still didn’t take encrypted communication seriously.

      Google, Apple, MS, should make encrypted communication (call, sms, etc) built-in in their mobile OS, and enable it by default.

      That way encrypted communication will be easier for smartphone users, hopefully will make it a general habit.

      • APai

        what use is encryption of if NSA compromises the encryption makers themselves ? NSa is like a see-all monster – sauron.

    • Mikel Martin

      It’s not the information about me that I worry about being used.

      What it’s to stop the abuse of using all this information to blakmail politicians or police ,security guards, or judge to reach some end?

      But, don’t worry.

    Popular

    Latest