Too many of my friends recently in light of the latest privacy scandal have asked my opinion/view on the matter, so I figured to share my take on it.
To make sure that we’re on the same wavelength let’s agree that :
- mishaps with security and/or privacy happen on regular industry cycles for paid and free services
- when the masses notice an issue with those services the problem has been going for a while
- a tipping point occurs either through a whistleblower or other forms of leaking. Rarely proactively and publicly mea culpa by the provider
- A very narrow set of people reads the terms of services or pays attention to those trick full ways of gathering consent
- Almost all consent requests from paper to electronics are so big and complex that it is not possible to engage with a service without legal support or a large investment of time
For the sake of simplicity, I will be focusing on privacy only even if a ton of overlap exists for the security world.
The awful truth
Let’s address the storm of pigeons in the room right away because it is so big that you can’t see the elephant. You want an awesome experience, fast, easy to use, and that “just works” for YOU!. To do that, when the provider of the service is competent, it needs precise data that can be triangulated in order to “read your mind” about your next step(s), anticipates it, and gives you that wow moment that will make that service viral.
Privacy complications grow exponentially in a digital world along with a hyper-connected lifestyle. They exist on paper as well and they are bigger than the digital world, however, their leakage is confined to the stupidity of who exploits it. So there’s no massive scale like digital services.
Your bar and expectations for free services, in regards to that wow factor, are extremely high when it comes to free services. Facebook is a good example.
When it is a paid service, you complain, you threaten managers and boycotting but in the end, they got so ingrained into your lifestyle that you just can’t live without it. So you end up just accepting the minimum common bar, hopping from one provider to another when the opportunity arises. Credit cards, banks, and telecom companies are a good example.
If you don’t need any of those services, you have no bar and therefore this post is useless to you. – Go away my life condom-free man. ^_^
Are you a private person?
Say that you live in a village, where everyone knows everyone. If you do something that is uncommon or not well accepted, they make you aware. Some with clear messages some with innuendo. Therefore, you end up having two lives. One with the people that don’t see anything off with your choice and the other where you wear a mask. One of these you call it privacy the other public life.
Take that example and move it to a city. Your fear of being judged is limited to who knows you in your surroundings or to whom eventually will know about you. Neighborhood and spots of locations among the city.
Take that a move it a vacancy place around the world. A temporary place of staying. Likely you won’t give a shit and you don’t care much about the next person's opinion about you.
Based on that logic, it is fair to assume that your sensitivity to freedom and its boundaries is linked to your acceptance of what others will think of you or of your actions/dress/shoes. You get it…
A private person is someone that cherry-picks his closest connections in life and shares in drops and different measure to each one. He or she controls the message and the speed of the information. More than anything else, a private person is someone that without external stimuli (environmental or people) doesn’t change his perspective/position of what is OK to share or do. There’s one rule, less is more and if you know me well I don’t have to say much anyway.
Everyone else is a village person. Most technology prone folks are village people by DNA and the environment where they grew up just add/removes side effects.
Smartphones, low cost, and unlimited data plans for the Internet have led to a social crisis of values because the time lag between a cultural shit and its ramification is so fast that our brain doesn’t have time to accept and our conscience enough cycles to internalize. Therefore, we end up processing a lot of those “trends” in an ephemeral way until the shit hits the fan in a fashion or the other. Before the Internet, the lag was long enough to have time for a chattery, mockery, cry, shame, a punishment of some sort (loss of sales or image), and then back to a good time again until the next cycle. No more.
When shit hits the fan? Sometimes, is because they listen to your phone calls, other times is because they want to influence your opinion for buying or agreeing to something. For the greater good (charity orgs) or for dollar greater good.
With the power of the devil’s combo (Phones, Unlimited Data, Free Services) the entire planet has become a village with a twist and rocks based on your geopolitical views.
Don’t open the curtains…
We are all about privacy and security until we run into a situation where those twos are preventing us from getting the job done or enabling us to get to the next step of whatever quest we are on.
A few examples of real-life tragedies:
You have enabled parental control on your child’s device. You are troubleshooting an issue with a technician that is helping you out. After a few courtesies turning away while you type your password, you end up just open wide the system for practical reasons. Two things happened, you will not put it back where it was, your secrets are out and next time before building Alcatraz you will remember how painful that one time was so you just skip carelessly every step of good digital practices for you and your children. Grandma is safe, she still using dumbphones. Which are only monitored by NSA 1.0
You call a call center, you go thru a long list of security checks. The operator is reading aloud your information at 2 feet away from another person which could easily take notes.
The developer of service is trying to debug why that cat picture you posted is crashing his server. To do that he skips all privacy hoops because without it would take forever to investigate.
If there’s a bug in the privacy settings you will never know unless it becomes mainstream. Bugs in software are very normal you can’t avoid them. Privacy settings are software.
They look like security issues until you realize that loss of privacy (aka I have something that I don’t want some people to know about it) is accessible only when the same principle behind security is not honored. By you and the service provider.
More than a list of things that are broken, it’s a graph of broken parts.
Forcing that graph into a list is not possible. Let’s make the impossible happen.
- You want an awesome tailored experience for free
- You don’t want to spend the time to read long legalese intense terms of service and privacy
- There is no legislation (besides the newly GDPR) that legally forces services in explaining to the user, in extreme plain terms what are the consequences of “I accept” or another verbiage of consenting
- If a company fails you, lawyers and people in the known (so to speak) are the ones getting a real $$$ compensation. You get either an update EULA or a few articles in the press about “I knew it” feelings.
- Before a scandal, you don’t even know that the village is talking about you
- When you find out that the village is looking at yours, you are outraged and yell privacy, picketing in the streets and call your congressman. Likely using another service to find their number, that does similar things for which you are calling in…
- After a scandal is over, everyone is back on post thoughts and prayers mode
What should you really do?
If you are not a private person, then you have to decide if you live in a village, a city or you are a citizen of the world. The latter is what I call DOGIAF = DOn’t GIve A #%$@%.
Make a permanent lifestyle decision. Be a private person or a village random individual. If you choose the latter your privacy tolerance must be proportional to your desire of being connected for free in a tailored experience. If you think you should have a spot in between these two extremes, you are living in fantasy land. Which is a completely different village in its own right.
If you want to be a private person then your expectations of a tailor experience are close to non-existing and because you cherry-pick your list of connections and what to share, chances are that no matter what the terms of any service are, you won’t be affected by another Cambridge Analitca. That is because, unless the service you use is evil by design in every aspect, you turn everything off, and auto-naturally you are golden. That is because viral software by design is not built for private people.
If you are not a private person, then you have to decide if you live in a village, a city or you are a citizen of the world. The latter is what I call DOGIAFO = DOn’t GIve A #%$@% Option
Based on your choice, you have to change your habits in what and where you share it. What friends you add and routinely clean up those lists. Visiting privacy settings is a must. Those services monitor everything you use, just visiting those pages raise the bar on their side and claims that users do care.
What do I do?
I use Facebook as my Italian plaza, you don’t shit in the plaza unless you have the shoulders to own such a stunt. You assume that no matter how small the plaza is, you still in a public plaza. I don’t use the phone much because I hate telcos as they do way worse than Cambridge Analytica, you just never find out. In combo with banks, they are the tobacco industry of the communications. Pure privacy cancer protected by the (NSA) law.
I decided that I want to be in a city, with occasional vacations around the planet.
I know that because masses don’t value privacy unless there’s a scandal, I am on my own.
I acknowledge that even the most hi-tech president to date (Obama) was forced by the system in using fax to transmit docs and other archaic tools of exchange and share information. That means that before any meaningful, down to Earth legislation can see the light, I might be dead by then.
Companies think of privacy during a pitch to an investor for the SECOND round of financing or when they are in trouble. That means that the only way for me to shift their agenda is to take my time elsewhere. However, because they ALL do the same thing. I can go wherever I want and I will trade one lack of privacy setting for another.
So, I have become my own privacy cop.
I routinely clean things up and keep photos and topics in albums so that I won’t dump and forget but I can set visibility per cluster of things rather than randomness. I limit my friends to people that I have met in real life. I don’t accept co-workers unless are really special from my unique disgusting POV.
I don’t trust any service by default when I create an account on any provider here is what I do:
- Generate a password using 1Password
- Go to settings and see if they offer a delete account option
- Set my pix profile and my default privacy and security settings
- Dual factor authentication is a must to have if there’s personal data
- If they have sharing features, rather than read their shitty useless policy I do a quick search for scandals, privacy, security issues that occurred in the past.
#4 doesn’t happen on the spot but it does happen and if #2 is not offered, they won’t see me again using their service in any meaningful way. It is work but my City life says that is a little hassle for my ass. I dearly protect my ass, therefore worth it.
“You know something is wrong when the government declares opening someone else’s mail is a felony but your internet activity is fair game for data collecting.”
Because of that status quo, we are in a situation like gun control in the US. Most people want to do the right thing but “the system” and “the interests” are not allowing the change. I doubt that my privacy needs will go higher in priorities than the lives of children murdered because the 2nd amendment allows shitheads to purchase a gun. Therefore, I am not holding my breath for change hence I am not switching off of anything Facebook this time unless the impact on my life preservations instincts or family is at risk.
I do so but you will probably just do what you have always done in the last 10 years of innovation on the web and smart devices. Fire, forget, and complain?
Happy illusions of privacy.
Ah! One more thing, if you are also a stickler, some of the languages in this post might irritate you. When that legit personality treat exists, your privacy perception is directly linked to your understanding of technologies and your job type. The bottom line for that type of combo is that every and anything can “offend people” and those people are going pitch, forks and fire in the name of “good decor” until their path of life doesn’t uncover roots that make them trip and eat their own logic. We are all great at judging others with a pinch of bias and in those cases, privacy becomes just fuel for an already going on fire. It’s another big can of worms so I will address it at the next scandal and link back to this post. One thing for sure, there will be another mega data scandal at some point and history will repeat itself :-)
disclaimer: I own stocks in several companies that do more or less a f-up now and then when it comes to privacy or security. I hate that but they are also great companies that make me money and give me services in exchange for my data. I think it’s fair. As long as they don’t mess up with people’s dick pictures. (YouTube)