While the death of privacy may seem like a far-fetched concept, particularly in the United States, it really is an idea that we should be paying attention to. To be perfectly honest, it was an idea that even I dismissed just a few months ago, but it has slowly been beginning to scare me a little more as I pay more attention to the generational differences.
What really sparked this paradigm shift in my line of thinking about the security of privacy was a conversation I was having with my good friend John a few months ago. We were walking through our local Kroger late at night as college students tend to do and discussing the uselessness (or usefulness as my friend argued) of Facebook Chat (since then you can now integrate FB Chat with clients so I use it all the time… They were listening to my complaints). I was explaining how I never use it because it requires me to be locked in the browser, and there is no way of really being notified of a new message if I happen to be on another desktop or window etc… I’ve always been a big fan of clients for services.
My friend responded to me that younger generations find tremendous value in it due to the fact that they do not see any reason anyone would ever use a “Screen Name” to talk to their friends. For those of you reading this wondering what I’m talking about, it was a trend made popular by AOL’s chat service from back in the 90s. I brought up the anonymity on the net argument, and his response was a simple one that caught me off guard: “People don’t care about that anymore”. I was unable to respond to that mostly because after thinking about it for a few minutes I realized it was true. Even back in my high school days, I had friends who would post everything about their lives on the internet without thinking about potential repercussions.
The Social Networking Problem
The whole idea bothers me really. With all these social networking sites like MySpace and Facebook, and blogging on the rise, people have this tendency to share everything. Then we have Twitter and now you have people constantly posting about their lives. Don’t get me wrong, these tools are great, but is it really okay… is it really safe for us to be so willing to share everything about ourselves to the world?
I personally hide myself as much as possible on these sites. I use them for keeping in touch with people that I know. Not for meeting random people on the internet. You still can’t trust that the person on the other end is who they say they are. Even with me only adding or sharing information with just my friends, I still limit that for several reasons: 1) My prior statement remains true – I can’t verify that my friend’s account hasn’t been hacked, or if it’s being used by a friend that they shared a password with (another point we’ll come back to), 2) By putting information on these sites, I’m putting a lot of trust in the site that is hosting the information. Facebook openly sells information. At a point, any Facebook employee had access to information for ANY user. That’s too much trust.
Another little known fact about Facebook - they literally track and keep a history of everything you do while on the site. Every page view, picture view, wall post, message sent, even attended, group started, ad clicked, chat conversation had is logged and stored. With the right kind of analysis on this information, you could generate a pretty accurate profile of a person. To be honest, I wouldn’t be surprised if Federal agencies aren’t already doing such things. Big brother isn’t the government, it’s Facebook.
Location Based Services
Facebook isn’t the only criminal here though… Let’s talk about Twitter, Google, and the iPhone for a minute. Perhaps it’s just me, but Location Based Services seem like the most unsafe idea ever. Yes they provide a level of convenience and context to situational events, but there is one major problem with the implementations that we’ve seen with the applications that have been produced – They give people the ability to stalk you. Think about it. Google Latitude is built for broadcasting your location to your friends (or the world if you want). Twitter has location based services so when you tweet, your location can also be shot off (don’t worry it’s an opt-in system… which is even scarier considering the number of people who use it). The biggest criminal, however, has got to be Foursqaure.
Foursqaure, for those of you that don’t know, is an application that asks users to share their location. The real crime is the way in which they convince users to do this. If you share your location, every time you go back to a particular store or spot, you “check-in”. If you check in more times at a particular location than anyone else you can become the “Mayor” of that location! How fun! Except for now that you’re broadcasting your location, and where you spend most of your time, if I want I can build a nice profile of when you’re not at home so I can rob you, or stalk you without ever having to leave my home. Grats!
Grocery stores are also adding to the privacy problem. Particularly in this current economy, it is really easy for grocery stores to get you to sign up for these free cards that give you absolutely great discounts on items you buy in stores. It is very uncommon to find a grocery store that doesn’t offer these. It wasn’t really apparent to me what kind of implications this had on privacy, however, until about a year ago. I received a phone call from my local Kroger informing me that Nestle Toll House had recalled a number of its products (cookies) due to some issue with them (I don’t remember specifics) and that I was receiving the phone call because I had purchased these products in the past few months. My train of thought went something like this: “Oh wow, that’s awesome that they called me to let me know… I hope I don’t get sick… wait a second how did they know I bought those cookies and how did they know how to get in touch with me…”
Then it hit me. I signed up for one of those cards when I moved into the area because I wanted to get those discounts. Part of signing up is providing your phone number (which they say is so you can not have the card and still receive the discounts), but it actually serves multiple purposes. They want to be able to contact you. You receive ads in the mail because you also provided your address. They’re also selling your information to advertisers. We don’t care though, because we get those discounts.
For starters, this isn’t my label. This is the label you were given based on when you were born. Generation Z refers to all of those born between mid-1990s through 2009. There’s a reason the theme at last years Defcon was blame the 90s. It’s funny… I have younger siblings that were born during this time frame that (at least for the moment) seem to know better than to share everything about themselves on the internet. That know better than to give a boyfriend or girlfriend their passwords. That could also be due to the fact that I shove security down their throats on a regular basis, but that can’t be proven.
Fact of the matter is, a lot of these Gen-Zers are out there doing exactly those things that I mentioned. They do so without thinking about the repercussions of sharing everything about yourself with the world. Without thinking about the damage that can be done by some disgruntled friend or ex. They’re being led by bad models of privacy and just accepting them because they simply do not know any better. Is this due to a lack of education by my generation? Generation Z is following along with these bad models of privacy which are essentially killing the concept slowly, but surely.
CEOs and Privacy
Know what’s really scary? When CEOs don’t think privacy matters. Especially CEOs who run companies that pretty much own every piece of data that is shared on the internet. I’m looking at you Eric Schmidt and Mark Zuckerberg. Let’s start with Zuckerberg… Mark is a young twenty something CEO who started the most used social networking site ever. The site has exploded since its inception and now gets more traffic than even Google. The site I’m referring to of course is Facebook. Facebook has been under a lot of heat in the past (and even today) about their privacy policies. They keep changing the policy so that information is shared, and can be sold. As I said in another post, this is nothing we shouldn’t expect from Facebook as a company because it is just that - a company. My issue comes when CEOs such as Zuckerberg say things like “We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are” when his views of those social norms are slighted towards the benefit of his company.
Even worse than Zuckerberg, however, would have to be Eric Schmidt. Schmidt is Google’s CEO, and in an interview earlier this year in response to a question about whether or not people should trust Google as much as they do he says “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.” Now, that would almost be a valid statement except for the fact that it just isn’t. There are a million and one different ways I could blow that statement out of the water, but we’ll save time and skip that. [Insert your own example here]. I gotta give Schmidt credit though – at least he doesn’t lie. “But if you really need that kind of privacy, the reality is that search engines – including Google – do retain this information for some time.” When the CEO of the company that literally owns every piece of your life (think about it – maps, e-mail, chat, code, everything…) is bold enough to just tell you, “we keep your information, your privacy doesn’t exist as far as we’re concerned”, maybe this whole notion of privacy is becoming a novelty.
Is Privacy Dying Before Our Eyes?
I would like to think that at some point, people will begin to realize how much they are really exposing to the world and how dangerous it is. I would like to think that these past few years will be something that we look at as a quick slip in the future. What scares me the most is the fact that I know what I personally can do with the information people share out their on these sites… And I’m no Kevin Mitnick. I’m just some guy who happens to think about things from a security standpoint. If I were a worse person, lives could be destroyed and identities stolen very easily.
By all accounts, privacy does seem to be slowly dying. I hope – for all our sakes – that there is some major awakening that reminds people why privacy has existed in the past. Why it is not always best to share everything about your life with the world. I am not saying we need to “fight the power” and destroy Facebook, Google, Twitter and the like. They are all great tools – but only when used in safe manners. If privacy dies, we’re welcoming a world of chaos with open arms.