Saturday, 18 June 2016

Who's Watching the Watchers?

 Everyone is Spying on Everyone

It's the age of ubiquitous surveillance, fueled by both Internet companies and governments. And because it's largely happening in the background, we're not really aware of it.

Most people are unaware of the threat and, if they do, they don't understand their part in ensuring that privacy laws are enacted and enforced.
The only thing necessary for the triumph of evil is for good men to do nothing.
— Edmund Burke

Spying is Big Business

Spying is big business, whether it is the collection of "meta data" or the information we provide to join Facebook or to register a product. All of this is valuable information being used to sell to us more effectively.

There are two reasons for this:
  1. the technology to do it is much cheaper to use; and
  2. people are completely unaware of how valuable this information about them is or the dangers that it creates.

The Technology

At one time it was very expensive to employ surveillance, whether in a criminal investigation or for commercial purposes.

For example, the police needed to send a team or two to follow an individual around the clock. Current technology allows them to place a simple tracking device on a vehicle or individual and one person can follow several suspects from a central location (or simply get access to their cell phone).

Corporate Bulk Data Collection

Corporations collect huge amounts of information about what we click on when we visit their site. Facebook collects information not only on their users but on those that visit any site with a Facebook "Like" icon. Target was able to tell that a customer was pregnant before she knew, based simply on the data about buying habits and other data they'd collected.

It originated in the electronic collection of information by corporations, then the government wanted in on the deal and pressured Internet companies like Yahoo, Google and AOL to provide the information they held.

Your Smart Phone is Reporting Your Location Constantly

The ubiquitous smart phone continually reports its location to the cellular provider in order to be able to be able to deliver text messages, phone calls, etc. This information can be used for other purposes, even some that completely remove our privacy. Many of the apps on your phone want this location information and use it to monitor other apps.

The police would love to have free access to your phone records.

You don't think the FBI request for Apple to unlock a suspect's phone was only about that one incident, do you? It is about the ability to view everyone's phone.

Don't believe me? How about a change in the law that assumes that anything encrypted should be investigated. Rule 41 regulates the official holidays for court sessions and similar routine tasks, yet is being used for something far more sinister (I strongly recommend you follow the link for the details).
The Department of Justice is using an obscure procedure to push through a rule change that will greatly increase law enforcement’s ability to hack into computers located around the world. It’s an update to Rule 41 of the Federal Rules of Criminal Procedure. If Congress does nothing, this massive change will automatically go into effect on December 1. -- EFF Report on Rule 41
As well, police forces have used devices like the StingRay to capture cellular data, often including innocent parties data. This created a stink in Ottawa when government officials wondered if they were the target.

Information Can be Beneficial or Hijacked for Profit

That Fit bracelet you're wearing could provide information that would allow for huge breakthroughs in medicine or could simply be used by your medical insurance company to raise their rates.

Even though the payment structure for health insurance and services is designed so that everyone pays for the collective risk, it would be much more profitable to identify the high-risk users and charge them more. If past experience is followed, it is unlikely that the overall group would benefit as much as the high-risk users would lose.

Protection from Terrorists?

Our governments are spying on their citizens (not to mention the citizens of other countries such as the Five Eyes). The U.S. government has built a huge new facility in Utah to store this data. They used the incident in 9/11 to tell their citizens that it is the only way to protect them from terrorists (or child pornographers or hackers).

Paul Joseph Watson notes that Americans are just as likely to get struck by lightning as they are to be killed by terrorists. If the risk isn't as significant as we're led to believe, then why would the government exaggerate the risk and promote the huge expense of anti-terrorist measures?

Fear measures are being used to justify a hidden agenda.

Other governments have done the same, often getting around the rules that prevent them from spying on their own citizens by having other governments do the spying then sharing the results. The Americans spy on the Canadians and British. The British spy on the Canadians and Americans. The British and Canadians spy on the Americans.

Reinterpreting Old Regulations

They've reinterpreted old laws in new ways that avoid the legislation that restricts this collection without a warrant. They argue that the information isn't "collected" until viewed.

There is a huge difference between getting a warrant to begin surveillance and having collected that information for 20 years then obtain a warrant because someone is a suspect.

Technology moves too fast for the courts to act.

For example, an old U.S. law that allowed mail to be searched only until it was delivered (i.e. in transit) was reinterpreted for email in a much more liberal and inappropriate manner.

The interpretation that the email on the server was "in transit" rather than delivered is a much broader use and clearly not what was intended by those that drafted that old law.

Most people now use IMAP protocol for their email. This protocol leaves a copy of everything on the server as well as on all their computers and devices.

People are Unaware

People using technology have given up a great deal in terms of privacy. If they only knew the value of what they're giving away. When the service is free, you are the product.

Have you every searched for something only to suddenly see ads everywhere for that same product?

There is a big difference between seeing a generic ad for treating hemorrhoids on TV and one on your phone or computer immediately after the doctor sends you an email indicating you have this condition.


Gmail provides free email service, but scans your email to better know what sort of ads are likely to interest you. Yahoo! and Microsoft do the same in varying degrees.

Windows 10

Microsoft wants in on this huge bonanza. The free upgrade to Windows 10 took you from a relatively-secure independent computer to one that is essentially a super-Facebook where your information is collected and used to help Bing advertise items based upon your personal information.

Windows 10 introduced ad-filled apps rather than applications that simply did what you installed them to do.

Unlike the simple local search Windows 7 conducted for a document on your computer, Windows 10 sends that same search request to Bing.

Cortana works by learning enough about you such as knowing who you mean with you ask it to call your sister.

Misusing Legislation for Commercial Gain

Digital Rights Management (DRM) technologies are locking us out of the use of our own data and restricting what we've purchased.

The U.S. Digital Millennium Act was  intended to stop the illegal duplication of DVDs and music CDs.

It has been used to keep researchers from looking at the data generated by Volkswagen emissions and owners of John Deere tractors are unable to service their own equipment.

Disney wants you to re-buy content you already have purchased in a new format. From VHS to DVD to Blue-Ray, Snow White provides a tremendous income for Disney even though there is no new creative content.
"If consumers even know there's a DRM, what it is, and how it works, we've already failed." -- Peter Lee, Disney Executive in 2005.

Learning More

If you're interested in learning more about this I'd recommend Bruce Schneier's book, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. It looks at the collection of personal data and how it is being used to manipulate us.

9/11 was used to convince us to give up privacy for security, but the additional information hasn't helped. Schneier describes this exercise as looking for a needle in a haystack of needles.

John Mueller Terrorism Since 9/11: The American Cases (PDF) shows how misleading the use of the term "terrorism" is and how difficult it is to track actual cases. It is worth scanning if only to better grasp this term that has been used to scare ordinary and innocent citizens into giving up their rights.

See also the resources on my website including Your Privacy at Risk and Social Media: Are You Sharing Too Much?