“You have zero privacy anyway. … Get over it.”
So said Scott McNealy, chief executive officer of Sun Microsystems to a group of reporters. Privacy concerns about computer software and the Internet, he added, are a “red herring.”
He said this in 1999.
At the time, McNealy’s comments were both condemned and praised as realistic. The intervening 14 years have only confirmed the accuracy of his assessment. The threats to privacy by private companies collecting the your data, by the government listening to your communications and by criminals hacking your accounts seem endless.
Data breaches
Let’s begin with the criminals. A common way your privacy gets compromised is by a “data breach” – a release of confidential information. In 2011, 77 million users of Sony’s PlayStation Network had their personal information (perhaps including credit card data) stolen. Also in 2011, Citigroup had data on over 200 thousand of its card holders hacked. Millions of records were stolen in 2012.
There are several such incidents a year. Some are publicized, some are not.
The danger of a data breach goes far beyond the direct loss. It is common for accounts to use an email as identification, and people often use a given password on multiple accounts. So when a criminal obtains a file of user IDs and passwords, they will then try that data on all sorts of other accounts in the hopes of being able to gain access – and the consumer will have a difficult time proving the access is illegal, since a proper user ID and password combination was used.
As a side note: one of the most useful things you can do to protect yourself is to insure that electronic access to your bank account, your credit cards and your main email account all use distinct passwords and that you never use any of those passwords on any other account.
The dangers of metadata
The concept of metadata — data about data — came to the fore in the NSA snooping scandal. At first it seems that metadata is a low level of intrusion. Someone knows you accessed a bank website, but doesn’t know you withdrew money or what your bank account number is – that doesn’t seem so bad. We readily tell strangers what bank we use.
However the aggregation of metadata reveals much about a person. Take an archaic example from a previous generation. Imagine that a newspaper in London announces that a certain battleship has left port. Then, a few days later, a newspaper in New York announces that the same ship has arrived. The newspaper information is public, the ship is visible to all, what could be the issue?
Put those two bits of information together, however, and you can determine how fast the ship can sail, and in a military situation, that certainly ought to be classified information. A set of data reveals things not discernible from a single data point.
Close examination of when and where you were when you used your cell phone, who you called, and so on, can reveal your friends and the places you might be found. It can reveal your hobbies, what stores you were in, or how many hours you worked. The time of day of your calls can show your sleep patterns or if you are in the habit of going to church on Sunday.
Bring together this kind of data from a group of phones used by employees of a company and you could figure out the real hierarchy and networks of influence. The customers of the company could be identified as well as how many tech support issues they are dealing with, and if sales calls are increasing or decreasing.
New forms of data collection
More than the revelation of existing data, new forms of data are being created and collected all the time. We have a few photos of our grandparents and perhaps only one or two formal portraits of our great grandparents. Today, 200,000 photos get uploaded to Facebook every minute.
Google is developing glasses that include a small camera. Now you can film yourself in real time and post that online. Add in facial recognition and voice recognition software and now you don’t even need to be tracked via your cell phone – someone will gaze around the coffee shop and then post online the names of everyone there.
Until recently, the Internet had been mostly a network of general purpose computers. Then, phones became enmeshed with the Internet. In the years ahead, many other objects will become connected to the net. Vehicles are slowly becoming doing so. Companies have long since had their aircraft, long-haul trucks, railroad locomotives and ships indicate where they are. Onstar does it for private cars and it’s safe to assume that every single vehicle soon will be uploading its location, status and activities to some server on the Internet.
Your house will soon follow this path as companies are already trumpeting the alleged benefits of adjusting your thermostat from your cell phone.
There are benefits to this. Many will appreciate the day when their lost set of keys, glasses or wallet will be able to broadcast their location, perhaps to a tiny sensor embedded under your skin.
But it’s not just science fiction to contemplate that within a short time the medical sensor that is uploading your heart rate and blood pressure to your doctor will be hacked by your business competitor or client, who will use the data to assess how stressed you are during a face-to-face negotiation — let alone how your insurance company will use this to know every instance you cave to your old smoking addiction, and they raise your rates.
These problems do not require that there be criminal activity. If your insurance company is owned by or has agreements with your business competitor, the sharing of this data may be legal.
Governments also share
If the CIA only collects data on foreigners, than Americans can think that’s not a problem for them. But intelligence agencies share data, notably including French, British and German organizations. So its same to assume the U.S. obtains data on Americans from foreign agencies, without any clear way to verify its accuracy.
The discarded Constitution
As Mint Press News has reported (also here), don’t look to the courts to stop any of this, or even slow it down. While the Supreme Court did decide all the way back in 1965 that there was a right to privacy implied by other provisions in the U.S. Constitution, this idea has not been developed or extended into a robust doctrine. Indeed, the court has even acted to force the release of more data collected by pharmacies on the prescribing habits of doctors, overruling a state law prohibiting it.
Get over it?
Maybe McNealy was right, if a bit premature, and privacy is gone, lost forever. Perhaps attempts to live “off the grid” and avoid detection will soon be cause for suspicion and we will get to the point where preserving our privacy will be blocked by law.
A solution
Next week, this writer will discuss possible approaches to preserving our rights in a world where access is open to all.
The views expressed in this article are the author’s own and do not necessarily reflect Mint Press News editorial policy.