Smartphone users are unwitting participants to widespread surveillance effort, says security expert
The ubiquity of mobile devices has prompted government agencies to piggyback on corporate efforts to collect our information all in the name of marketing, says security expert Bruce Schneier.
Depending on which study you reference, smartphone penetration in the US reportedly ranges from 62 percent to 71 percent, according to analytics firms like comScore and NPD. Regardless of the actual figures, one thing is for sure: smartphones, tablets and wearable devices like smartwatches and smart glasses are gaining ground among consumers.
The convenient fact is that these devices offer an unprecedented level of connectedness among users, that we are plugged into the cloud almost our entire lives — at home, at work, at play, and on the move. With applications like Gmail, Facebook, Twitter and other services, we can keep connected with each other, collaborate, share content, gain access to information and much more.
Surveillance: the business model of the Internet
In many cases, these are offered for free. And there’s the saying that if something is given for free, then you’re the product. This is the sentiment of security researcher and author Bruce Schneier, who gave a keynote at the SOURCE Boston Conference earlier this week.
“Surveillance is the business model of the Internet,” said Schneier in his Keynote, adding that the Internet today is built on an ecosystem of spying. Information is the most valuable currency in this scenario. “We build systems that spy on people in exchange for services. Corporations call it marketing.”
Schneier says the data economy is not really bad in itself. However, it has become an amplifier of human intent and activity. For example, political dissidents have used social media services like Facebook to converge and act on their collective will. However, governments are also using the same media to enforce their own agenda. According to Schneier, governments are already powerful in the first place, but their power is magnified by technology.
Because of advantages in data architecture and infrastructure, service providers can now afford to offer almost-unlimited storage for free. Gmail users no longer have to delete messages to make way for new ones — we just use search to sift through years’ worth of emails to find the right information. The same goes with other content, like photos, IM conversations, social media comments and the like. This vast ocean of information is now being mined by corporations, all with the intent of profiting from the marketing capabilities that targeted messaging can offer.
At a most fundamental model, we are tenant farming for companies like Google. We are on their land producing data.
Corporations do the spying for government, sometimes unwittingly
The result is that we have become the metadata that we generate, says Schneier. It’s not so much about the content of our conversations and information sharing, but rather whom we share these with. “I like to think of this as a feudal model,” Schneier quips. “At a most fundamental model, we are tenant farming for companies like Google. We are on their land producing data.”
The interesting part here, says Schneier, is that governments have started piggybacking on the efforts of corporations to track our data. “The NSA woke up and said ‘Corporations are spying on the Internet, let’s get ourselves a copy,’” he says.
The cost of technology has been drastically lowered, especially since we mobile users are buying into the whole thing by subscribing to cellular service, sending SMS and IM messages, connecting to WiFi hotspots, exchanging emails, and sharing on social media. Schneier even said surveillance is no longer just “follow that car” — in reference to how the stereotypical spy or detective does surveillance and tailing. Rather, with metadata and tracking, it’s now “tell me everywhere the car has been for the past month.”
If surveillance previously involved several people actively following just one person, now individual intelligence agents can keep track of thousands. Interestingly, with the recent disclosure that even our supposedly secure SSL connections are not free from eavesdropping with the “Heartbleed” bug, we are likely to have been targets of government spying and surveillance for some time now.
But perhaps as mobile and Internet users, we’re already aware of the likelihood that we’re being tracked. The question is this: what do we do about it? “I think this is the issue by which we will be judged when our grandchildren read the history of the early days of the Internet,” concludes Schneier.