Why You Should Care About Your Online Privacy
Edward Snowden's recent SXSW talk highlighted ongoing mass surveillance by governments. Here's what you can do to protect yourself.
It reads like something out of a Tom Clancy novel, and it would be fascinating if it wasn’t so damn scary. The ‘Snowden files’ — the infamous series of documents leaked by 30-year-old former National Security Agency employee Edward Snowden last June — have revealed a number of mass surveillance programs put in place by international intelligence agencies including the USA’s NSA, the UK’s GCHQ and our own ASIO, all in the name of ‘security’ and ‘counter-terrorism’. These agencies, working on behalf of their governments, are able to access your personal information — often without individual warrants — and undermine the security standards upon which our internet, commerce and banking systems depend, via back-door deals and hacking techniques.
But why should you care? You don’t have anything to hide, right? Apart from a few credit card details, some super sexy Snapchats, and that receipt from Domino’s that proves you did indeed order three large pizzas and garlic bread for one person. Right?
Well, you should care. Fundamental to our democracy is the right to communicate freely, and a threat to your online privacy would affect not just that Game Of Thrones episode you want to download but also your identity, your right to protest or assemble, and your right to not get spammed into oblivion. There’s a telling saying that goes, ‘If you’re not paying for it, then you’re the product’, and The Onion’s recent viral video ‘CIA’s Facebook Program Dramatically Cut Agency’s Costs’, as all good Onion pieces, hit pretty close to home.
At SXSW last month, Snowden appeared via a Google Hangout session — with the American constitution as his background — and told attendees that mass surveillance was failing the people, and that security agents like the NSA are “setting fire to the future of the internet”. “Many of the communication tools that we all rely on are not as secure as they could be,” he said. “Security is often an afterthought, if it’s a thought at all. And really what that’s done is enable global passive surveillance by the U.S. [and] other governments, too.”
“I really think, for this audience, one of the things that we should be thinking about and hopefully taking home is the fact that we need to lock things down. We need to make services secure out of the box, and that’s going to require a re-think by developers,” he added. “It’s going to require that developers start to think about security early on, rather than later on down the road.”
Fighting for your digital rights
While much mystery and intrigue still surrounds the kinda sexy Snowden, the debate has thankfully shifted away from the personality to the role of government and whether it has a right to monitor our every tweet, ‘like’, and booty call text. One day, the whole thing will make a really good movie, but for now, you should basically hide yo kids, hide yo wife.
“We’re quietly sleepwalking into a mass surveillance state”, says Jon Lawrence, head of Electronic Frontiers Australia, one of a few local groups fighting back against the government’s surveillance agenda. “The Australian government here — and this is before and after the election, so both sides of politics — have very much hidden behind the ‘we don’t comment on security matters’ line, which just doesn’t wash when there’s so much information on the public domain from the US and UK. The Australian government needs to come clean.”
“We’re opposing this untargeted mass surveillance which we think is not useful, not effective and basically subverts the presumption of innocence, invades everyone’s privacy and, at the end of the day, is potentially quite a serious threat to democracy,” says Lawrence.
At least some politicians agree. “We urgently need to raise the IQ of the debate here,” Greens Senator Scott Ludlam, who has initiated a Senate inquiry into the Telecommunications (Interceptions and Access) Act, wrote in The Guardian. “Australians have a special role to play in the campaign for strong digital rights: we are one of the ‘Five Eyes’ countries that forms the core of the US Government’s invasive and unnecessary global spying program… The legal protections that apply to agencies wanting to listen in on your phone call are completely void when it comes to mapping your social networks, financial habits, medical conditions, and precise location everywhere you take your phone. ”
So, we know there’s a problem. The government is probably tracking a lot of what we do every day, as part of a broader security regime to weed out terrorists and protect its citizens. But what can we do to protect our privacy, as daily internet users? Jon Lawrence suggests a few basic things…
1. Encrypt your data
BitLocker encryption is built into the Enterprise and Ultimate versions of Windows 7, as well as the Pro and Enterprise versions of Windows 8. What it does is encrypts all the data kept on a storage volume, and it continues working in the background to protect the contents of a Windows PC from unauthorised access.The US equivalent of the EFA, the EFF, also has a browser plugin called ‘HTTPS Everywhere’, which will force an encrypted connection.
“It’s important to remember that if you are thinking, ‘Well, I’ll just encrypt the important stuff…’, then you really are creating a big flag that says, ‘This is the important stuff!’” says Lawrence. “So there’s an element to that where encrypting everything in some ways makes more sense.”
2. Disable GPS and WiFi wherever possible
“If you’re just walking around, I’d recommend people turn GPS off at all times unless you actually really do need to use it,” Lawrence advises. “It’s potentially giving a whole bunch of app developers access to your location, as well as your telco, who can get it regardless. And, of course, when you’re walking around with your WiFi on, you’re broadcasting lots of information about your device to all sorts of people in the area.”
The most efficient fix is to install a battery manager, says Lawrence. “The simple way to disable it is an app like Juice Defender, that turns everything off while the screen is dark so that when your phone is in your pocket, it’s not communicating with anything except for the GSM or 3G network.”
3. Use ‘Tor’ for anonymous browsing (nope, ‘Incognito mode’ in Chrome isn’t enough)
Using the Tor anonymous network helps prevent your traffic from being intercepted, stopping someone from identifying which websites you’re visiting or who you’re communicating with. Tor is free to use, and uses an encrypted network to route your browsing. Plus, it’s popular with Edward Snowden, who’s pasted a Tor sticker on his laptop.
— Kurt Opsahl (@kurtopsahl) June 9, 2013
Using it for anonymous browsing is simply a matter of downloading the Tor Browser Bundle, which is a version of Firefox for Windows, Mac OS X and Linux. ‘Incognito mode’ in Google Chrome just means your history doesn’t get saved to your computer, but it doesn’t mean your data is any more secure.
4. Tape over the webcam, and disable your microphone
Webcams are a lot of fun, but they’re also pretty useful tools for hackers to spy on users. You might not even know you’re being watched, because hackers have now found ways to disable the ‘camera on’ light in certain laptop models. One low-tech solution is simply to tape over your webcam, or, if you’re scared of damaging the lens, use tape to secure a small piece of paper over the lens.
Another issue, though, is your laptop’s microphone, which is generally enabled by default — it too can fall prey to remote hijacking. In order to stop someone from listening in to your clandestine conversations, launch the ‘Sound’ setting from the ‘Control Panel’, click the ‘Recording’ tab, select your laptop’s built-in microphone, and disable it.
5. Get political
Show that your concerned about your online privacy. Write to your local MP, sign a petition, or spread the word via social media (which may or may not be completely ironic). According to Lawrence, the EFA is also ramping up its campaign called ‘Citizens Not Suspects‘ in “the next month or two”.
David Swan is a Melbourne-based writer and is the Associate Editor of tech news site iTWire. He also writes for FasterLouder and used to work in a bird costume at kids’ birthday parties. Follow him on Twitter here.