Today, there was an Ask Slashdot Story called: “Did We Lose the Privacy War?” In the story, the user was trying to do things like use NoScript and block Google Analytics, disabling third party cookies, and encrypting IM “to keep data-miners at bay”. While I think some of these things are a good idea and individually protect against potential threats that may reside on the Internet, in the grand scheme of things, they do not help to protect your privacy on the Internet. The story and the comments on Slashdot that followed remind me of a great talk that was presented by Steve Rambam at the The Last Hope conference in 2008.
Steve Rambam is the Founder and CEO of Pallorium, Inc. Pallorium is a licensed Investigative Agency with offices and affiliates worldwide. In 2008, at The Last Hope conference, Steve Rambam gave a talk called “Privacy is Dead – Get Over It”. I originally heard this talk in 2008, as a podcast that is distributed on The Last Hope website. This talk is by far one of the best talks I’ve ever heard on the topic of privacy on the Internet. The talk contains information about how an individual person’s information is retrieved, gathered, and correlated to obtain everything about an individual. Even more of a disturbing trend, the aggregation of social networking sites with other data stored by government and other private entities. It’s not so disturbing that the aggregation occurs, it’s disturbing that people don’t seem to understand just how “public” the Internet really is. The amount of information given away on Facebook, MySpace, Twitter, etc. is absolutely amazing. To top it off, an individual has no recourse against an entity collecting information about them. To quote the talk, “the genie is out of the bottle and you can’t stuff it back in.” The talk aims to spread awareness of data gathering on the Internet and how it is used in the past, present, and future.
From the talk: “This is the current state of affairs. There is no more sense of privacy. Not because it’s been ripped away from you in some Orwellian way, but because you flushed it down the toilet”. It’s not just private investigators that use this information, it’s also corporate entities that profit from your information. Take Amazon.com for example, from the talk: “think for a second what Amazon knows about you: they know where you live, where you work, they know about your finances, they know what you like to read, what music you like to listen to, they know every interest of yours, every like, every dislike… all of things that make you, you. Essentially, they’ve got a database of everyone in America’s soul.” Rambam points out that EBay, Paypal, and Skype (which is all one company now) have a very similar database of information. Satellite TV/Cable TV/DVR/Tivo all know what you watch on TV, and Tivo is actually selling elements of your data. Furthermore, you don’t know what they have and there is NOTHING that you can do about it.
From the talk: “What you need to know is that these are “private” companies. Freedom of information does NOT apply. And you’re screwed 2 ways. You go to Choicepoint and you say ‘What’s in your files about me?’. ‘None of your business. It’s our business records. Tough.’ You go to the government and you say ‘This is my Freedom of Information Act request. I know you pulled a Choicepoint report on me. I want to know what was in that report.’ ‘Sorry, we can’t give it to you. It’s a private business record.’ FOIA is dead, buried. It tried to come back to life. Choicepoint hammered a big stake in it’s heart and now it’s gone…”
So, what does this all mean? This isn’t just about people or entities knowing everything there is to know about you: what you do, what you like, where you go, who you talk to, what you buy, what you are interested in buying, interests that you have, etc., etc., etc… It’s how those entities are using the data that they gather. You don’t have to be paranoid to be interested in this. Companies are profiting from the data that they are collecting on you, and you pay them for it. You are paying for their services, but they are still collecting the information and selling it to someone else. In essence, they are “double-dipping” into the profits from selling consumers a product or a service and then, aggregating the data and selling it to advertisers behind the scenes. The advertisers selling you information know more about you then you could ever imagine.
From the talk: “If you don’t take anything else from my talk today, here’s what I need you to take away. Google is a private company that you have no control over. You have no right and no ability to influence what they gather about you and what they do with that information. And the truth is, most people when they think of Google, they think of a great utility that solved all the problems of finding things on the Internet a few years ago. … Google is photos, blogs, media … Gmail, how many people here use Gmail? … Do you know that your email is searched by bots? … How many of you know that your email is searched, indexed, and categorized? … How many of you care? None of you! Now the same people, how many would be running out and hiring a lawyer if somebody was opening the mail at your mailbox, reading it, pasting it back shut, and putting it back in the box? Every single one of you. Much worse, but you don’t get it or you don’t care.”
One last quote from the talk that I feel really sums up all of the data collection, mining, and aggregation that many of the Internet Web Services companies do on a daily basis: This quote comes from the EFF, but is referenced in the talk: “This is analogous to AT&T listening to your phone calls all day in order to figure out what to sell you at dinner.”
Steve Rambam does a great job in conveying the current state of affairs. He states the case as to why much of this information can be used in a good way by law enforcement and private investigators to do their job efficiently, but also how the information obtained can and is being abused. The aim of the talk is to make people aware of what data is gathered, what you can do about it (which is not much), and what those entities that are gathering the information are doing with it. The talk is just over 3 hours. The video is nice so you can see the slides, but you can always download the audio and listen to it on your portable music player.