2020-04-07-on-not-caring-about-your-privacy.md (3361B) - raw


      1 <!-- title: On not caring about your privacy -->
      2 <!-- slug: on-not-caring-about-your-privacy -->
      3 <!-- categories: Miscellany, Privacy -->
      4 <!-- date: 2020-04-07T16:17:00Z -->
      5 
      6 When talking about violations of our privacy, I've found that most people don't
      7 care because it is a thing that happens "far away" (*who in that huge enterprise
      8 cares about me, my browsing habits, etc.?*). I can see where those people are
      9 coming from, it looks as if you are anonymous because there are just so many
     10 people whose data is collected.
     11 
     12 Let's bring it closer: if you are connected to your work WiFi, your employer
     13 can—and probably does—monitor your traffic. This sounds a lot "closer", but
     14 maybe not enough. What if a co-worker showed you a screenshot with all the
     15 connections that the devices connected to the WiFi were doing? That happened to
     16 me, I could see my phone in there, with the URL I was visiting a couple of
     17 minutes ago. I could also see other co-workers' phones ("Someone's iPhone",
     18 "Someone's Samsung Galaxy") also followed by URLs. Those URLs were harmless, so
     19 that particular screenshot wasn't particularly dangerous. However, my superiors
     20 knew everything I was doing on the work's WiFi[^https]. Not that I had anything
     21 to hide, but I also had no intention to give up my privacy, so I started using
     22 Tor when connected to the WiFi. They would probably never know I was using Tor
     23 (just that I was accessing a certain IP address), but even if they did, I didn't
     24 really care, there's nothing wrong with using it.
     25 
     26 [^https]: Not everything. When connected through HTTPS, traffic monitoring can
     27   only see the domain you are visiting, not the actual URL.
     28 
     29 It seems as people are fine with having their privacy violated when it's from
     30 someone "far away", but they are not okay when someone "closer" does it. Another
     31 example of this is email. Most people wouldn't give away their email password to
     32 anybody, but they are okay with the fact that their email provider is reading
     33 all their emails. The same happens with most internet services.
     34 
     35 One can have the feeling that they are anonymous because they are one in a
     36 million, but the reality is we are not. Thanks to technology and data analysis,
     37 we are able to process all that data and profile people based on it. It happens
     38 on such a great scale that [real-time bidding][rtb] is a thing. When you visit a
     39 webpage, there is a real-time bid between advertisers to publish their ad in the
     40 designated spaces, and companies bid more or less depending on the profile they
     41 have made of you. In less than a second companies retrieve your profile and bid
     42 for you, every time you surf the Internet!
     43 
     44 You are one of many, but you are definitely not anonymous because of it.
     45 Targeted ads might not sound too terrible. However, today companies are bidding
     46 for your attention, can you ensure tomorrow they won't use that information for
     47 other purposes? Today you may trust a big company, but the information they have
     48 will last for very long, can you trust the future leadership not to use it for
     49 other purposes?
     50 
     51 Just like you don't go around giving everyone access to your browsing history or
     52 emails, you shouldn't do the same with companies. You might have nothing to
     53 hide, but why would you give such private information away?
     54 
     55 
     56 [rtb]: <https://en.wikipedia.org/wiki/Real-time_bidding> "Real-time bidding — Wikipedia"