Lost but not forgotten: an obituary for online privacy
Privacy is surprisingly hard to define. Different countries and social groups have vastly different ideas on what separates the public from the private. Even at home, someone born into a large family will have lower privacy expectations than someone who had their own room growing up. That makes it impossible to define privacy as an expectation.
However, it’s pretty easy to define as a social function. No matter what your idea of privacy is, it involves setting boundaries and expecting others to respect them. These boundaries might differ from person to person. They might even be unreasonable. But they are set — and controlled — by you.That is not the case with any modern social network. For tech giants such as Facebook, privacy is but an afterthought.
Early social networks were a different, much simpler breed. Like old-fashioned address books, they were built to let us keep track of our former classmates and stay in touch with our loved ones. But it didn’t take long before we started using them for other, less casual purposes. Dating, networking, job hunting, and even business — all the sensitive information the networks weren’t designed to handle began pouring out there in great amounts. In the event of a breach, all this data, including payment information, ID scans and potentially embarrassing photos, can be accessed and leaked online. At best, it can endanger one’s reputation. At worst, it can lead to identity theft.
Accidents waiting to happen
We blindly trust social networks with our data and only think about the risks when it’s too late. Reputations ruined for no reason and rampant bullying is the price we pay for this. Hackers frequently target social networks to profit off other people’s data. Some seek to expose the private lives of celebrities like Justin Bieber or Taylor Swift by selling the information to tabloids or simply putting it out there.
But you don’t have to be a celebrity to get hacked. A hundred thousand ordinary users were hurt by a recent attack on Snapchat. Regular people’s private correspondence, photos and videos were leaked online, with no regard for their privacy. And it wasn’t even the first time Snapchat was hacked. 4.6 million more users’ passwords and phone numbers were stolen earlier that same year. Snapchat’s user base consists primarily of teenagers, who use it to exchange sensitive content they want to keep away from their parents. While their friends might keep their secrets, there’s no guarantee Snapchat will.
InfoSec researchers from Checkmarx found a Tinder vulnerability letting users on the same Wi-Fi network browse and manipulate each other’s photo streams. Breaches like these are often only fixed after they’ve already been exploited, meaning that your data could be in danger right this moment.
The ghosts of our dead accounts
It is often deliberately hard to delete your social media accounts. Even if you succeed, the data can be anything but gone. Social networks make you agree to this when you sign up. Facebook keeps your data for 90 extra days, after which it is wiped from their backup storage. However, some of it is stored indefinitely with the personal identifier removed.
Any messages you sent are kept by at least one other party — the person you sent them to. And to top it off, social networks get to keep the ad profile they built when you were a user. Your likes and dislikes, habits and behaviour patterns — your personal dossier.
Judith Duportail of the Guardian was suprised to find out that Tinder stored about 800 pages’ worth of information about her on their servers. Her private messages, Instagram photos, places she frequented, and likes were all neatly catalogued for internal use. All the data she’d given them over the course of four years — including what she thought she deleted — was there.
The world to come
Mainstream social networks routinely put us at risk. We have no control over the data we ourselves provide. Cyberbullying and identity theft will continue thanks to the recklessness of those we entrust it to. These aren’t mere security issues. A single such hack can ruin an innocent person’s reputation. The way businesses treat our data has a profound effect on our society. We need changes and we need them now.
Real privacy is the power to set your own rules. Centralised systems like the social networks most people use simply lack this kind of functionality. Our data needs to be encrypted and decentralised.
It is clear that most tech companies have no regard for us regular users. We are being shamelessly taken advantage of again and again. You wouldn’t trust a postman who admits to sharing your mail with third parties, why should you trust Facebook? We leave our rights at the door upon signing up — how is this sensible?
That’s why we need to push for new privacy standards and popularise the tech that puts users first. The internet could’ve already been more secure if we had the guts to demand fair treatment. Instead of further depending on multi-billion corporations to guard our data, we need to stand together, united by our love for goodness and basic human decency, and do something about it.
