Thursday 27 June 2013

Keeping Your Data Private Denies You Access to the Latest Tech


Photo: Luiz Gustavo Gurant/ Flickr
It’s fun to think the recent federal snooping scandals will usher in a new era of mass counterintelligence: Ordinary Joes scrambling their emails, securing their phone lines, obscuring their web surfing, and generally encrypting everything. And indeed, some small security startups say theirbusiness is booming.
But, honestly, do you know a single person who has started using a phone scrambler like Silent Circleto thwart freshly revealed NSA aggressiveness, or a single person who sent a PGP-encrypted email because Gmail has been turning over messages to the feds? Even the reporter who broke the email snooping story, Glenn Greenwald, never bothered with PGP. It’s telling that the most popular system for obscuring your internet activity, Tor, has seen traffic fall since news of government internet monitoring exploded. Tools like Tor and PGP can be invaluable to certain global dissidents, and low-level encryption is in constant use to secure the transmission of bank balances, Facebook chats, and everything in between. But the masses continue shunning tools that would secure the most sensitive archives of private data against the best-placed snoops.
The unpopularity of personal data encryption isn’t a problem in itself but a symptom of a bigger issue: The increasingly social, distributed and proscriptive nature of computing means that if you want to use the latest software and services you simply cannot keep your personal data to yourself.
So yes, you can encrypt your emails, but then you might as well go back to using a 1990s email program like Eudora, because Gmail can’t make a full text index of those encrypted messages, it can’t spam filter them, and it’s going to have a harder time figuring out which ones to put in the high-priority section of your inbox. Giving Google access to every last bit in your inbox is baked into the whole value proposition of Gmail.
Likewise, if you want to encrypt your files so no one can read them, you can still sync them over the internet in a completely locked fashion. But you will necessarily be left behind as file sharing becomes more social. Dropbox now has, or is building, its own music locker service, online photo organizer, and email processing engine. It lets you preview documents from the website. It is moving from being a simple file sync utility of the sort that could easily have come bundled with Windows 95 to becoming a full fledged cloud platform that lets you organize and edit information on Dropbox’s servers. None of that new stuff can happen without giving Dropbox’s servers access to the contents of your files.
Digital helpers like Google Now and Apple’s Siri intertwine private information and remote servers even more deeply, uploading details about your contacts, movements, location, and past activity to corporate data centers in order to nudge you to appointments on time, recommend restaurants, and infer the meaning of your information queries. Like any assistant, Google Now or Siri must know some the most intimate details of your daily life in order to be of real help. And if Google Now and Siri know those intimate details, so do Google and Apple, since neither service can operate without help from the cloud.
The list goes on and on. Photos on an encrypted hard drive are positively quaint; we share our raw pics with Flickr and Facebook so that Flickr and Facebook can share them with our friends and family, because otherwise what’s the point? Ditto for video. Phone calls and online voice chats can be encrypted, but that’s for the increasingly rare case of speaking to another human with your voice; these days people tend toward text messages, which can be well protected right up until the moment you use a sync engine to copy them to a bunch of far-flung devices or use a cloud service to back them up or make them searchable.
None of this is to say that people should give up on the idea of privacy. Indeed, the growing distribution and socialization of data via cloud services would seem to underline the need for stronger laws and enforcement to restrain corporate and government snooping. Indeed, laws and other norms are basically the only option users will have left for securing their data as it is increasingly placed and manipulated on remote servers. Shared software and shared data used to be the exception in the world of personal computing, now they are the norm. You used to be able to make your own independent decisions about securing your private information, and now, increasingly, you cannot.

No comments: