Today I took the public transport to the office. On my way, I had breakfast at a coffee shop and until I reached the office, I met several individuals: a bus driver, the person seated next to me, and a waiter.
What would have happened if the bus driver had kidnapped me and asked for a ransom or the person sat next to me on the bus had threatened me and tried to steal from me or had tried to kill me?
On the other hand, what if the café person had poisoned my food? Society does not work like this, society works on trust. The nature of society requires some measure of trust and humans are a trusting species.
Trust is a complicated concept, and this word is overloaded with many meanings. All complex ecosystems require cooperation. This is true for biological ecosystems, social systems and sociotechnical systems. Also, in any cooperative system, there also exists an alternative parasitical strategy. A tapeworm in your digestive tract, thieves in a market, spammers on e-mail, and people who refuse to pay their taxes.
These parasites can only survive if they are not too successful. That is, if their number gets too large or too powerful, the underlying system collapses. If there are too many tapeworms in your digestive tract, you die and they die. If there are too many thieves in a market, no one will visit the market anymore and the thieves will starve. If too many people stop paying their taxes, you get economic collapse.
If everyone decides to act in an antisocial way society soon collapses. Most of us recognise this; that it is not in our long-term, best interest to act in our short-term self-interest. Sadly, not everyone does and that’s why we need mechanisms to induce trust and why we need security.
Nowadays we hear lots of terrorising news: cyber terrorism, cyber war and cybercrime. Cyber war; it is not a military action; there are no guns, bombs or people dying, but we love to use the word ‘war’ even where there is no war. The war on terror, war on drugs and war on crime. Although we hate using the word ‘war’ when there is an actual war! We will say anything else other than war. In a real war, you know who is attacking and why they are attacking. However, in the case of cyberwar, you do not know when, why and who is attacking. To control cyber threats, we need lawful surveillance. Once again ’lawful’ is a convoluted word.
The number 3000
This is the number of times a single citizen is caught on camera, within a 24 hour period, in the UK, by some of the 5 million CCTV cameras we have here, in the most heavily surveillanced country in the world.
Have you ever questioned yourself: ‘How much does Google really know about me?. It probably knows more about you than your partner! We have lost our privacy.
What does privacy mean and why is it important?
Privacy is the right to be left alone, or freedom from interference or intrusion. Information privacy is the right to have some control over how your personal information is collected and then used.
Privacy and security... isn’t it the same thing? Not really, but they are ‘kissing cousins’. Security and privacy are not opposite ends of a seesaw - you don’t have to accept less of one to get more of the other.
Data privacy is focused on the use and governance of personal data. On the other hand, security focuses more on protecting data from malicious attacks and the exploitation of stolen data for profit.
When Edward Snowden leaked massive troves of information about the National Security Agency’s collection of electronic data, he started a debate over the tradeoffs between security and privacy. Unfortunately, the security vs privacy debate is largely over. As cyber-technologies pervaded our daily lives, we surrendered privacy, usually voluntarily.
Consequently, framing the decisions before us as a contest between privacy and security is misguided; privacy died with the information age.
Are we surrendering our privacy for technology?
The answer is: Yes. Information and communication technologies make life better. They improved productivity, efficiency and economic growth. However, these benefits come at a price. Simply look at your cell phone. This cute, sleek, incredibly powerful tool has become so central to our lives that we take it for granted.
It seems perfectly normal to pull this device out of your pocket, no matter where you are on the planet, and use it to talk to someone else, no matter where the person is on the planet. You are making an implicit bargain with the carrier: ‘I want to make and receive mobile calls; in exchange, I allow this company to know where I am at all times.’ A cellphone can’t work unless the cell phone companies know where you are, which means they keep you under their surveillance.
Your cell phone tracks where you live and where you work. It tracks where you like to spend your weekends and evenings. It tracks how often you go to church (and which church), how much time you spend in a bar, and whether you speed when you drive. It tracks - since it knows about all the other phones in your area - who you spend your days with, who you meet for lunch, and who you sleep with.
Explaining in simple terms: in a public place, whatever the place you think of, an unknown person approaches you and asks for your personal details (it can be your name, age or mobile). Will you give them that information?
Nearly 99.9 per cent will say ‘No’, because the person is unknown to you and why should you give it to an unknown person? When the enemy is a known threat, we defend ourselves, if unknown, we often expose more than the enemy actually wants; this is what happens in this information age.
How many of you have social network accounts (Facebook, LinkedIn)? Do you know how much of your personal details are being uncovered? On the other hand, social networking plays a bigger role in our lives. We need this, to be connected with our friends, to businesses for marketing and for exposure. However, technology advancement comes with a price, and we have to bear it.
In 2013 Edward Snowden, the whistle blower, sacrificed his freedom and exposed NSA’s secret surveillance. The whole world was shocked that we are under surveillance; subsequently a US official said that they are not collecting personal information (content), but collecting only ‘meta-data’ (context). The intended point was that the NSA wasn’t collecting the words that we spoke during our phone conversations; instead, they collect only the phone numbers of the two parties, and the date, time and duration of the call.
Collecting metadata on people means putting them under surveillance. Imagine that you hired a private detective to eavesdrop on someone. The detective would plant bugs in that person’s home, office and car. He would eavesdrop on that person’s phone and computer. And you would get a report detailing that person’s conversations.
Now, imagine that you asked the detective to put that person under surveillance. You would get a different, but a nevertheless comprehensive report: where he went, what he did, who he spoke with and for how long, who he wrote to, what he read, and what he purchased. That’s metadata and metadata is still surveillance data.
Telephone metadata alone reveals a lot about us. The timing, length and frequency of our conversations reveal our relationships with others: our intimate friends, business associates and everyone in-between. Phone metadata reveals what and who we’re interested in and what’s important to us, no matter how private. It provides a window into our personalities. It yields a detailed summary of what’s happening to us at any point in time.
Over the period of time, accumulated personal data can probably paint a better picture of how you spend your time, because it doesn’t have to rely on human memory. Most of us have at least one or more social network accounts, and do various activities. Adding friends, new postings, status updates, chatting, and many more activities.
Web search data is another source of intimate information that can be used for surveillance. (You can argue whether this is data or metadata. The NSA claims it’s metadata because your search terms are embedded in the URLs.) We don’t lie to our search engine. We’re more intimate with it than with our friends, lovers or family members.
We always tell it exactly what we’re thinking about, in words as clear as possible. Google knows what kind of porn people search for, which old lovers we still think about, our shames, our concerns and our secrets. If Google decided to, it could figure out which of us is worried about our mental health, thinking about tax evasion, or planning to protest a particular government policy. I used to say that Google knows more about what I’m thinking of than my wife does. But that doesn’t go far enough.
Google’s CEO, Eric Schmidt, admitted as much in 2010: ‘We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.’ You may ask how do they do this? One way to think about it is that data is content, and metadata is context. When you have one person under surveillance, the contents of conversations, text messages and emails can be more important. But when you have an entire population under surveillance, the metadata is far more meaningful. Metadata can be much more revealing than data, especially when collected in aggregate.
Think about the day-to-day activities; shopping at supermarket. How many of you have privilege cards? Think of a simple activity, at the supermarket cash-till you hand over a privilege card in order to gain points that gain points so that we can redeem one day. Do you know how much personal information can be gathered by this?
When we register for a privilege card, we give our name, address, contact number and much more to the supermarket. When we do our shopping, this loyalty card and credit cards are associated with our bill. By doing this we share our shopping pattern, our personal information, and our banking information. Moreover, our shopping pattern can be matched by the product companies and the special discounts.
Not only that, now we also have get wearable devices (for example, Google glass, biosensors), and internet of things devices picking up in numbers. All these devices generate data about you and surroundings. Recently Google claims their quantum computer is 100,000,000 times faster than a classical computer. In simple terms, an instruction can be executed in a hundredth of a second; with a more classical computer, it would take about 100 days.
The human cost
Sunny Kim, an economics student from State University of New York, Albany, returned to South Korea to take up a job after graduation. However, she stayed connected with her US friends on Facebook and by using the messaging app KakaoTalk. In South Korea, she met a man who would become her boyfriend. She would regularly share snaps of them together on Facebook. Kim also regularly posted pictures of her friends, crafts, food, and her puppies to Facebook. A friend told BuzzFeed News: ‘It seemed like she was happy, eating and living well.’
Kim went missing on 2 May, according to reports. On 18 May Kim’s body was found in a suitcase buried in a hill. Her boyfriend confessed to her murder. Kim’s sister said she didn’t realise that Kim was dead at first, because Lee impersonated her for two weeks by responding to texts sent to her phone.
If Lee can impersonate his girlfriend for two weeks, it begs the question: what can a super computer do? Another question springs to mind: ‘When you go out of the house and try to call home, are you really talking to your loved ones?’ Such a day is not too far away...
- NSA Surveillance and What To Do About It - Bruce Schneier
- Bruce Schneier and Edward Snowden @ Harvard Data Privacy Symposium 1/23/15
- TalkingStickTV - Bruce Schneier - Data and Goliath
- The Guardian - A digital revolution
- Obama about NSA
- The Battle for Power on the Internet: Bruce Schneier at TEDxCambridge 2013
- Bruce Schneier’s Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World
- Behind the Scenes: How Technology Turns Consumer Data into Actionable Insights