My Life Is An Open (Face)Book
But some things should be kept private
When the Internet was young and used mostly at research institutions and universities, there was a widespread notion that everything should be freely shared. I believe the open source movement has brought many benefits to society, but I no longer believe that all information should be publicly available. Access to certain information should be restricted if the owner of that information desires it.
There are different reasons why access to certain information should be restricted. It could be that making it public would cause financial harm to certain individuals. Identity theft can make many common financial tasks a real chore, and repairing a reputation is not always easy or inexpensive. Other data, if made publicly available, could put personal safety in jeopardy. Intimate knowledge of a person’s personal life could make it easier for a malicious individual to defraud them, by enabling the fraudster to more easily build a false sense of trust with their target.
Why do so many people like Facebook?
I first signed up for Facebook when a friend wanted to share pictures of her newborn with me. For a while facebook was actually somewhat useful, although I still don’t understand why I would have ever wanted to “poke” someone. Eventually, I made lots of “friends” on facebook, and the vast majority of them post unoriginal content or other drivel and now the whole experience has been reduced to a huge waste of time. Too many people posting too much information that, I think, should just be kept private. Do I really care what everyone eats at every meal? And thank you, but I can find videos I actually want to watch on YouTube without the help of my friends. The really dastardly thing about Facebook, though, is that they have become an expert at identifying who you truly are–not just by what you reveal to them, but by what those you’ve identified as friends reveal about you. It is almost impossible to hide your personal information from Facebook, even if you don’t use it yourself, as their trackers are all over the web. But there are ways and we’ll talk about them in the future.
Did you really just say that?
What got me the most was the announcements on Facebook of where people were going, and how long they’d be gone. The first thing that crossed my mind was that anyone who followed their Facebook “feed” now knew the best time to burglarize someone’s house. Often these posts were viewable by everyone in the world! Or if one were the stalking type, the “feed” contained enough information to follow people around through their daily routines. I found it disturbing.
So what is privacy anyway?
Internet privacy is the ability to restrict knowledge of certain information to certain people. Put another way, in the context of the Internet, privacy is to have control over your personal information and it’s distribution. When you think about it, maintaining control over your personal information online can be more difficult than you might think. Almost every website with a login asks for information that, if it weren’t properly controlled, could be detrimental to the user’s well-being. Most websites take information without explicitly asking for it. For example, location is derived from IP address and fingerprints associate you with information gathered at other websites. This information is then passed around to various third parties in order for the site owner to make a little money. It seems that it’s almost impossible to control the distribution of personal information without completely opting-out of modern society. That’s what this blog is about–maintaining some privacy while still enjoying the conveniences of the Internet and modern digital technologies.
Privacy is not anonymity
Many people online seem to equate privacy with anonymity. It may be true that by remaining anonymous, one would refrain from divulging personal information. But I believe complete anonymity to be a cowardly approach. I find a person or business without a reputation untrustworthy. Trust must be earned, so a certain amount of information must be made public in order to gain respect and trust. To have privacy on the Internet is to be able to control what aspects of your life are public and which are not. In future blog posts, we’ll touch on ways to become anonymous when you need or want to. (Tip: it’s virtually impossible to be anonymous on a mobile phone. And it takes effort, usually a lot of effort, to become truly anonymous online.)
Privacy is not security
Some people think privacy is synonymous with security. Privacy and security are related, but they are not nearly the same. You could build a house of bullet-proof glass and you may be secure inside it, but everything you do will be visible to anyone passing by on the street. However, security plays an important role in restricting access to personal information. We’ll talk about security in future blog posts when we talk about different ways to restrict access to personal information.
What needs to be kept private?
Determining which personal information must be kept private is a personal choice. Each person must examine the threats to their privacy along with the probability and severity of the consequences of a breach and decide how to deal with those risks. Mitigation costs will also play a role in these decisions.
Certain classes of people (e.g., journalists, dissidents, criminals, and others) may have very high costs (to personal or other liberties, reputation, etc.) associated with the leaking of certain information such as location or confidential communications to untrusted parties with big pocketbooks, like governments, mobs, or well-funded terrorist organizations. These types of people must take extreme measures to keep certain information private, often at great inconvenience or cost. For some people, simply using a celluar telephone may not be an option because the phone all by itself would divulge too much information.
The following are some types of personal information to which I want to control access:
- Information that could be used to commit identiy theft: Date of birth, mother’s maiden name, driver license number, answers to security questions, etc.
- My real-time location (past location is not as important unless it reveals places I might frequently be found or that I pass by and can be easily observed)
- Health records and information, and I’ll include fitness information here, too, since that can be used to deduce general health level. While illegal in many areas, knowledge of certain health conditions could still dissuade employers from hiring me, or insurers from wanting to insure me.
- Financial information: This includes salary, account balances, asset details, etc. There are ligitimate cases where this information should be shared, but I must be able to control when and with whom this information is shared and be reasonably assured that those holding custody of this information are competent to protect it.
I find it cost-prohibitive (either in dollars, opportunity, or convenience) to try to hide from a government, and at least currently, don’t have anything to hide from them. It is important to realize that all Internet traffic is being monitored, that information is being recorded long-term and that information might be used to your disadvantage in the future. So it’s important to be careful about what personal information you share, with whom you share it, and to consider the tustworthiness of the entities holding your personal information.
Where to from here?
In future posts, I’ll talk about things I do to protect the information I want to keep private. It will be an interesting and educational journey for sure, and I invite you to follow along and learn with me.