commit b3ba2c0826b76b8d6f6181457b17fba9d06ff833
parent c3ed7e73dd58ef0ede10a0a5c12cef6f00b93bca
Author: oscarbenedito <oscar@oscarbenedito.com>
Date: Tue, 7 Apr 2020 18:17:58 +0200
New entry: on not caring about your privacy
Diffstat:
1 file changed, 56 insertions(+), 0 deletions(-)
diff --git a/content/blog/2020-04-07-on-not-caring-about-your-privacy.md b/content/blog/2020-04-07-on-not-caring-about-your-privacy.md
@@ -0,0 +1,56 @@
+---
+title: "On not caring about your privacy"
+categories: incidental
+tags: ["Privacy"]
+date: 2020-04-07T16:17:00+00:00
+---
+When talking about violations of our privacy, I've found that most people don't
+care because it is a thing that happens "far away" (*who in that huge enterprise
+cares about me, my browsing habits, etc.?*). I can see where those people are
+coming from, it looks as if you are anonymous because there are just so many
+people whose data is collected.
+
+Let's bring it closer: if you are connected to your work WiFi, your employer
+can—and probably does—monitor your traffic. This sounds a lot "closer", but
+maybe not enough. What if a co-worker showed you a screenshot with all the
+connections that the devices connected to the WiFi were doing? That happened to
+me, I could see my phone in there, with the URL I was visiting a couple of
+minutes ago. I could also see other co-workers' phones ("Someone's iPhone",
+"Someone's Samsung Galaxy") also followed by URLs. Those URLs were harmless, so
+that particular screenshot wasn't particularly dangerous. However, my superiors
+knew everything I was doing on the work's WiFi[^https]. Not that I had anything
+to hide, but I also had no intention to give up my privacy, so I started using
+Tor when connected to the WiFi. They would probably never know I was using Tor
+(just that I was accessing a certain IP address), but even if they did, I didn't
+really care, there's nothing wrong with using it.
+
+[^https]: Not everything. When connected through HTTPS, traffic monitoring can
+ only see the domain you are visiting, not the actual URL.
+
+It seems as people are fine with having their privacy violated when it's from
+someone "far away", but they are not okay when someone "closer" does it. Another
+example of this is email. Most people wouldn't give away their email password to
+anybody, but they are okay with the fact that their email provider is reading
+all their emails. The same happens with most internet services.
+
+One can have the feeling that they are anonymous because they are one in a
+million, but the reality is we are not. Thanks to technology and data analysis,
+we are able to process all that data and profile people based on it. It happens
+on such a great scale that [real-time bidding][rtb] is a thing. When you visit a
+webpage, there is a real-time bid between advertisers to publish their ad in the
+designated spaces, and companies bid more or less depending on the profile they
+have made of you. In less than a second companies retrieve your profile and bid
+for you, every time you surf the Internet!
+
+You are one of many, but you are definitely not anonymous because of it.
+Targeted ads might not sound too terrible. However, today companies are bidding
+for your attention, can you ensure tomorrow they won't use that information for
+other purposes? Today you may trust a big company, but the information they have
+will last for very long, can you trust the future leadership not to use it for
+other purposes?
+
+Just like you don't go around giving everyone access to your browsing history or
+emails, you shouldn't do the same with companies. You might have nothing to
+hide, but why would you give such private information away?
+
+[rtb]: <https://en.wikipedia.org/wiki/Real-time_bidding> "Real-time bidding — Wikipedia"
