The fight of a generation: our privacy

The doorbell rings. It is an early Thursday-morning. Outside, people are hurrying to their work. Still groggy from a particularly bad dream, I stumble to the door and unlock it. A cheery mailman hands me a big package. “You seem to be quite the big shot” he says, winks and leaves.

I close the door behind me and put the parcel down. Nervously I fumble the letter from the attached envelope and read it. “Dear citizen,”, it starts. “Would you be so kind as to put the following devices in your home and turn them on. Thanks! Your friendly government”. Further down it reads “P.s. we’re probably not going to use the data we gather with these devices. But better safe than sorry, right?”. I open the box. It contains four webcams and a bunch of microphones.

Would you do this? Probably not, right?

And yet, this is exactly what’s happening with the increasing number of smartphones, smartwatches, self-driving cars, webcams, smart speakers, smart washing machines and the tens of thousands of other ‘Internet of Things’-devices that we keep adding to our homes and offices. Not to mention the usual suspects like your laptop, console or PC.

These devices are already collecting a lot of information about us. Our smartphones are already tracking our whereabouts and the things we say in their vicinity. Internet giants like Facebook and Google are already tracking in great detail which sites you visit and how long you stay on them. Smart speakers like Alexa and Echo potentially allow corporations to actively listen 24/7 to whatever happens in your home. Google’s Home Mini was recently discovered to do just that, although Google claimed that it was a bug (and conveniently closed it after a blogger discovered the issue). Some Smart TVs are already listening to everything that’s being said in your living room. Smart cars are collecting and sharing personal data with advertisers (and potentially insurance companies). Some toys have microphones in them that can be hacked with relative easeto monitor your children. Not to mention the smartwatches for children that are sending personal information about your kids (like location and what they do) to advertisers. Fitness trackers are frequently very insecure and can be used to track personal information related to health and location. These are just a handful of examples of personal information that is being passively collected, often only (if at all) mentioned in the fine-print of mindbogglingly large ‘user agreements’. All this data augments the vast amount of data that you leave in your wake whenever you browse the internet. Like the products you purchase online, the financial transactions that you do, the kinky videos that you watch on PornHub, the flirtatious emails you (married) send to a collegeau, the things that you search for on Google and the e-mails or text messages you send.

And this is only the beginning. With the onset of biological implants, devices that can translate brainwaves into words, ever more internet-connected devices and smart sensors in our houses and bodies, more and more personal information can (and will) be collected. And there’s no incentive to stop anytime soon because your personal data is worth a lot of money.

Your personal data as ‘digital gold’

When the Internet first emerged, it was new and exciting. The Internet promised worldwide, unrestricted communication with whomever you wanted. It promised free access to information at a whim. Although few anticipated the advent of social media, and how that changed how news travels the world, many knew that the Internet would bring great things.

Since its idealistic start, the Internet is increasingly transforming into a massive marketing platform. We helped it become this way by trading ‘free use’ for our personal information, pictures, and files. Corporations like Google, LinkedIn, Twitter have taken notice and found ways to monetize this personal data. By doing so, your personal data has become ‘digital gold’ — a product that can be sold to advertisers and corporations. Increasingly, your personal data is requested by governments in their growing hunger for data to identify potential threats to our society. Increasingly — and even more worryingly — your personal data is compromised and sold by criminals through underground marketplaces.

Aside from using your data to know certain things about you, your data is also ‘mined’ by algorithms to identify patterns in your behavior. These patterns can be used for marketing purposes; to recommend products or content that you might like. This may seem harmless at first glance. But similar algorithms can also be used to predict sexual preferences, religious convictions, political attitudes, health risks, intelligence and medical conditions. They can also be used to predict how likely it is that you are a terrorist (and put you on a ‘no-fly list’), commit predatory behavior or commit crimes. We are only steps away from a future where algorithms use our personal data to determine insurance coverage, credit rating, the degree to which you should be proactively monitoring, the ability to enroll for a certain job or being able to get a loan.

Our personal data has not only become a valuable item to be traded, it has also become a source of power. In today’s world, “Data has become power”. But can we trust the people wielding this power? Can we trust their intentions? Can we trust the precautions they have taken to protect our data? Can we trust the accuracy of algorithms that mine our data for patterns? We might in a perfect world, where intentions are free from politics, biases and personal convictions. But we shouldn’t be naive.

Your personal data is not safe

We don’t live in a perfect world. Personal data is compromised and lost with an ever-increasing frequency and impact due to technical issues, security problems or simple mistakes by employees. Take the recent loss of extensive personal details of 143 million Americans and 700.000 Britons by Equifax. These are not harmless hacks where “you have nothing to hide”. The data includes dates of birth, SSNs, addresses, financial records and even drivers licenses. Everything that is needed for criminals to sign up for credit cards, to register for insurances on your behalf and to send in tax reports with your name (which is already happening on a significant scale). These are not isolated incidents. Take the 427 million accounts lost by Yahoo. Or the 412 million accounts lost by FriendFinder. Or the personal details (including passwords) on 32 million membersthat the extra-marital affair site Ashley Madison lost to hackers. Or the leak of personal records of 30 million South Africans. Or how Sweden exposed personal details of millions of Swedes in its driving license database. Or the 60.000 credit cards that Pizza Hut lost. Or the 1.025 Wendy’s locations that got compromised. Or the lax security standards that caused employees of the Dutch taxing agency to leak extensive details on tax submissions of thousands of companies and individuals. The number of leaks is increasing exponentially. It is becoming increasingly easier for criminals to get a hold of your personal data. In their hands, it can be used to impersonate you for the registration of credit cards, to start companies, slander your name online, to withdraw money from your account or to file tax returns on your behalf.

So even if you trust the intentions of your government and the intentions of the corporations you do business with, you certainly can’t trust the people that illegally get a hold of this data. Can we trust our personal data to organizations (corporations and governments alike) that are time after time shown to be incapable of keeping it safe?

But I have nothing to hide…

“But I have nothing to hide” is a thought to might cross your mind. In that case, what is stopping you from installing those webcams and microphones from the introduction? There’s obviously something more fundamental to privacy than “being able to hide stuff”. The right to privacy is about not having to share personal information with people you don’t know, in the hope that they’ll treat it with respect and dignity. The right to privacy is there to protect people from over-curious governments and corporations. Not just you, but also minorities, dissidents and the underprivileged. The right to privacy is a fundamental foundation for freedom.

Are you a free person in a society where everyone is monitored under the guise of ‘having nothing to hide’? Are you a free person if your house is cluttered with microphones and webcams, and a bunch of people monitors what you do to see if you’re doing anything (potentially) illegal? Are you a free person when every envelop you send is opened along the way to make sure that you’re not doing anything that’s illegal? Are you a free person when someone is following you wherever you go, making notes of the stores you visit, the people you meet and the things you say. Are you a free person when there’s someone sitting behind you when you’re browsing the internet, taking note of the sites you visit and what you do on them.

The thought that “you have nothing to hide” sounds appealing only when the idea of being monitored is an abstract, distant one. But the reality is that its quickly becoming reality if we continue to give away our privacy in the ways we currently do.

Descending the slippery slope

The amount of data that is being collected today is happening on a scale and in ways that would have been inconceivable ten years ago, let alone before the Internet came into being. Increasingly, governments are passing laws that allow blanket monitoring of citizens, like the Dutch ‘dragnet law’, similar initiatives in Germany, the UK, Austria, Poland and Switzerland or the “Collect it all” programs exposed by Edward Snowden.

If we continue down this road, especially considering technological advances that are coming our way, we need to have a clear and meaningful debate about who owns this data and who can access it. If we don’t, or if we simply resort to ‘I have nothing to hide’, we will eventually lose all our privacy and — by extension — our freedom. The fight for privacy will be a defining fight of our generation.

“Arguing that you don’t care about privacy because you have nothing to hide is like arguing that you don’t care about free speech because you have nothing to say.” — Edward Snowden