Monday, October 9, 2017

Privacy and Ethics

Security, Ethics, Privacy and Confidentiality. How's everything related on today's internet.

On a previous post we discussed Security and Ethics. Today we follow up on Ethics and Information Privacy.

We're living interesting times. Around 10 years ago, the biggest Ad Agency of all time started tracking and reading personal information. Now it has expanded from your browser to, basically, everywhere. In case you are not sure what I mean, let's examine where tracking is happening.

Tracking is Everywhere

Tracking today happens on:
  • E-mail providers: Gmail, Outlook, Yahoo! and everyone else is reading your email. What about you? Are you reading your own emails? 
  • Search Engines: where do you think that Google, Bing, Yahoo!, et al get their money from? But wait! We seem to have an option that does not track you. 
  • Social Networks: every social network these days tracks you and reads your data. And they make a lot of money. 
  • Companies:Google, Apple, Microsoft, Facebook, Amazon and everyone else is tracking you not only by using their services but, if you're using their gadgets, you're probably being tracked there too! 
  • TVs: smart TVs like Samsung TVs are spying on viewers. 
  • Smart devices: Smart devices like these, are tracking users:
  • Virtual Assistants are tracking us: virtual assistants are also tracking their users:

Tracking and Privacy

But people are starting to note that privacy invasion is becoming or will become an issue. And that is a good thing!

Maybe this change is happening due to the impacts of the recent very important data leaks on Equifax and Deloitte, or because their personal pictures leaked online or, because their Dropbox, Adobe, LastPass, personal e-mail, mobile operator, and so many other services suffered a leak and they lost confidential information and/or were victim of a scam/phishing/smishing, etc because of those leaks. Who knows? It doesn't matter.

What matters is that the society as a whole needs to be aware of how our privacy is being disrespected and start demanding for a change. Unfortunately, neither governments nor companies are doing their share and remain doing all that's possible to get access to your data - ethically or unethically. But why is that happening?

Remember: If a product is free, you are the product

As we already discussed that on the Security and Ethics post why is this all happening? Why now?

To understand that, we first need to reflect on why would a company give their products for free? Since the majority of them are not charities,  maybe this is happening because, they make tons of money out from your data and ads


For example, here's how Alphabet (Google's parent company) makes money (88% from Ads):

Source: http://www.visualcapitalist.com/chart-5-tech-giants-make-billions/

And here's how Facebook makes money (97% from Ads):
Source: http://www.visualcapitalist.com/chart-5-tech-giants-make-billions/

US$ 106 Billion / year in revenue from Ads

As show in the previous charts, advertising generates 88% and 97% of their revenues to Google and Facebook respectively. That's USD 106.36 Billion per year from your data. All from "free products" like Facebook, Gmail, YouTube, Instagram, Android, Google Docs, etc That's why they say thatif a given product is free you are the product.

All that said, we should be concerned. Not because we're doing stuff we're not supposed to do or because we're being injected too many adds but because your information is being scanned without consent or further notice.

This is not a financial but an ethical decision. It's not about stock prices or revenue per user.

Privacy concerns have reached a limit and people are starting to realize that. You can see by google searches decreasing (more on that later), or increase in utilization of tools like DuckDuckGo (which I recommend using), even by the increase in adoption of free/open software projects like LibreOffice or Firefox that do not track your data. Not because they are better but because they are safer and more trustworthy - If I can read the code, I can trust it.

Privacy - What are our options?


Then where should we be? What should our companies be doing? This is what would like to see: companies that explicitly care about your privacy and how the internet and our lives will be better if everyone cared about that.

Here are my humble suggestions.

Browser

My browser of choice is Firefox. Yes I know there are other options but for my daily use (including development) works very well.

Search Engine

I believe my search engine shouldn't track me. That's why I use and recommend DuckDuckGo.

Operating System

I want privacy in my desktop operating system. That's why I use Fedora Linux.


Phone

I wish a modern phone that respects my privacy and runs all the apps I like. Who knows the Librem 5 one day doesn't happen?
Source: https://puri.sm/shop/librem-5/

Final Thoughts

Think about it. Think about the necessity of protecting our privacy, our families' privacy. Think about the impact it can have in 20, 30 years from now.

Think how can we make the web and our lives safer for ours and future generations.

See Also

Security and development: how much is being done?
Security is only as strong as the weakest link
The Laws of security
Privacy and Ethics
Security Boundaries
Integrated security vulnerability alerts on GitHub - Why it matters

For more security posts on this blog, please click here.

References

Firefox Privacy Policy
Fedora Privacy Policy
Librem 5
DuckDuckGo



Update [Mar 13, 2018]: There is a very nice description on why you should consider migrating from LastPass here. 
Update [Mar 13, 2018]: Good News! Purism just showed some updates on the Librem 5 phone here