Privacy, we say, is about to come roaring back. No, it’s not too late. Yes, we know that Google monetizes both our emails and our search histories. It’s true that data brokers market our personal dossiers, listing everything from our favorite blogs to our old parking tickets (identity thieves must love it). And NSA leaker Edward Snowden really did prove the paranoids right: The United States government spies on everyone. Now, we agree that security agencies have a vital responsibility to track terrorists, but that mission can’t require all citizens to live in a surveillance state. Feel you have nothing to hide? That assumes the data will always be used to defeat terrorists, not to monitor activists, let alone to stalk ex-girlfriends—yes, NSA employees have done that. Here’s the other side to the privacy-is-dead argument. You can fight the privacy erosion that technology has enabled using tools that technology provides. And when you protect your data—using encryption and other tools—you incidentally bolster the argument that security is the norm. At least it should be. Privacy is not dead but simply suffering from neglect. It’s your job to revive it.
TECH: WEB BROWSERS
TO DO: DEFEAT TRACKING SOFTWARE
Web browsers work in two directions: You use them to learn about the world, and snoops use them to learn about you. The sheer number of identifying files, or cookies, downloaded onto our computers can surprise even jaded digital natives. Many cookies are helpful—keeping you logged in to a service, for instance—but others exist purely to help marketers target their sales pitches. An online tool maintained by the Network Advertising Initiative can reveal who is collecting information on you; a browser we tested was being tracked by 82 firms, with names such as AppNexus, Criteo, and Datalogix.
Cookies can be cleared, but new methods for tracking online use will be harder to circumvent. For instance, some companies use browser fingerprinting, which looks for distinctive patterns of computer settings, such as installed fonts and time-zone details, to home in on a user’s identity. Google and Microsoft are also working on a new form of cookie-less identification: unique IDs with tracking that reaches beyond the desktop and into the user’s browsing activities on smartphones and tablets. Google’s system potentially could be used to tie together data across all its products—Gmail, the Chrome browser, and Android phones. In addition to tech firms, the U.S. government can monitor your digital trail through your browser. Among last year’s revelations: The NSA has tapped into the fiber-optic cables that make up the Internet’s backbone, and, through the Marina metadata application, the agency can track an individual’s browsing history, social connections, and, in some cases, physical locations.
Routine Fix: To practice good browser hygiene, regularly clear your cookies and your browser cache. There are a number of browser add-ons that can shrink the deluge as it pours in. For instance, AdBlock Edge blocks ads and third-party trackers. The Disconnect add-on lets you see and prevent otherwise invisible tracking of your browsing history. (Both add-ons work with Firefox and Chrome; Firefox is preferable because it’s an open-source browser.)
Extreme Fix: Organizing resistance to a totalitarian state and need real anonymity? Download the Tor Browser Bundle. Tor has become famous as a secure way for activists, journalists, and, yes, some criminals to browse the Web. Tor bundles your data into encrypted packets and directs it through a worldwide volunteer network of more than 3000 servers, hiding your location and making your data more difficult to read along the way.
There are two downsides to Tor: First, it’s slow, because your data is sent through at least three relays, with each relay donating different amounts of bandwidth to Tor users. Second, merely downloading it can draw government scrutiny. The NSA has reportedly developed a system called FoxAcid to insert eavesdropping applications into the machines of Tor users. However, the agency admitted in a leaked Snowden document, “We will never be able to de-anonymize all Tor users all the time.” A virtual private network (VPN) adds a different kind of protection by encrypting all outbound computer communications. Combine Tor with a VPN and you’ve got even tighter security.
TECH: SOCIAL NETWORKS
TO DO: RAMP UP PRIVACY SETTINGS
In 2011 an Austrian law student named Max Schrems asked Facebook to provide all the data it had collected on him, taking advantage of an obscure provision in a European data-protection law passed in 1995. Schrems initially received only a fraction of his data. He protested, and eventually a CD showed up at his door that held a 1222-page PDF, which included employment information, relationship statuses, pokes, old chat conversations, and geotagged photos—most of it information that Schrems thought he had deleted. Such data is being monetized by tech companies in increasingly invasive ways. Google’s Shared Endorsements feature, for instance, allows the company to include a Google Plus user’s name and photo alongside ads being shown to his social contacts, if the original user had indicated some interest in the product. And potentially such data could also be pored over by recruiters, cybercriminals, and stalkers.
Routine Fix: Use strong privacy settings on each of your social networks, placing limits on who can see your posts. To block tracking software associated with the Share buttons on many websites, install Disconnect, an extension that disables such widgets. Also, log out of social networks when you’re finished, and routinely clear cookies.
Extreme Fix: Opt out of social media—invite your friends to a barbecue.
TECH: AUTOMOBILES
TO DO: GET USED TO IT
In early 2012 a tinkerer with the Internet alias Puking Monkey hacked a plastic “moo cow” toy to sound an alarm every time his E-ZPass was read. This RFID-enabled device is used to pay bridge and highway tolls throughout much of the East. But during a test drive in July 2013 the cow lit up and wailed in Manhattan, even when the car was nowhere near a toll plaza. The unseen E-ZPass readers had been installed to help monitor traffic flow—but that didn’t pacify the hacker. “If nontoll tracking is benign,” asks Puking Monkey in an email, “why is it not disclosed when you sign up for an E-ZPass?”
There are ways to avoid that kind of tracking. But you can’t do too much about the really big guns of automotive surveillance: the tens of thousands of automatic license-plate scanners deployed across the country. In Grapevine, Texas, to give one example, 14,547 vehicles were photographed in one day, and up to 2 million plates are currently stored in a database. Most law enforcement agencies can still set their own policies on the use and retention of the data (it varies by state); many have no policy at all. In addition to all this, cars are themselves data-sharing devices—electric cars can upload data to their manufacturers, and connected services such as GM’s OnStar and the Ford SYNC infotainment system send information to the cloud. But the most widespread in-car device is the event data recorder (EDR), which tracks seatbelt use, speed, steering, and braking, among other bits of vehicle data. This data comes into play during accident investigations. Ninety-six percent of cars built in 2013 have the devices; they will be required in all new cars starting next September.
Routine Fix: You can store RFID devices such as an E-ZPass in a read-prevention holder until you get to a tollbooth. Or simply pay cash—though that option is going away on some roadways. There’s a lot of chatter about techniques to defeat license-plate cameras, but it’s unclear whether these are legal or even effective.
Extreme Fix: When it comes to black boxes in cars, the best approach is to know your legal rights—or, better yet, just to drive safely. Really hate being watched? Buy an old car that predates black boxes.
TECH: INSTANT MESSAGING
TO DO: CLEAR OLD CHATS
Instant messages seem fleeting, but they’re not. The messages are stored, at least briefly, on the IM service provider’s servers, and, unless you delete them, on your machine and your partner’s. And unencrypted messages are vulnerable to interception as they travel from your device through your ISP’s network to your IM service provider (Google, AOL, Yahoo, Microsoft, or whomever) and then out to your friend’s computer. But does anyone actually snoop on IM conversations? Well, the U.S. government does, for one. Snowden leaks reported in July 2013 revealed the existence of XKeyscore, an NSA program run in cooperation with security agencies in New Zealand and Australia that, among other things, lets agents surveil IM correspondence, often in real time.
Routine Fix: Delete your chat records, in case anyone gets hold of your phone or laptop. You can stop recording future chats by changing the settings in your IM client.
Extreme Fix: The gold standard in IM encryption is OTR, or Off The Record (not to be confused with Google’s proprietary Off The Record chat feature, which isn’t secure). OTR uses “perfect forward secrecy,” which means a fresh set of encryption keys is created every time one partner in the chat sends a new batch of messages. Note: Even participants in the chat won’t be able to review old messages. As Ian Goldberg and Nikita Borisov, the designers of the OTR protocol, explained in an email, “The only record of the conversation is your memories.”
TECH: EMAIL
TO DO: TURN ON OPTIONAL SECURITY TOOLS
The content of your emails can be less revealing than the metadata—the record of which contacts you correspond with and how often. Through a program called Stellar Wind, the NSA logged metadata on email communications for 10 years, and from 2007 to 2011 the data included bulk information on Americans. In a separate effort, the government agency has been scooping up hundreds of millions of contact lists from around the world, at a rate of 250 million people a year.
One piece of fallout from that spying has been the shuttering of two services that until recently offered a high level of protection—not just against the United States government but also against repressive regimes and criminal organizations. Ladar Levison, the owner of Lavabit, a Texas-based secure email service, closed down operations in August after he was asked to hand over the encryption keys that protected his site to the FBI, which would have given the government access to all user data. The FBI said it was just interested in Lavabit’s most famous user, Edward Snowden—but refused Levison’s offer to provide access to that account only. A few hours later the encrypted communications company Silent Circle announced that it, too, was closing its email operations because, while the messages sent through its service were encrypted, email protocols—SMTP, POP3, and IMAP—leave user metadata open to spying. “We decided that our email service was too much of a risk for us and our customers,” Silent Circle’s Jon Callas says. “While it might have been a good idea six months before, it wasn’t a good idea in a post-Snowden world.” The companies have since teamed up to develop a new service, called Dark Mail, meant to secure both the content of an email and its metadata—the encryption will only work among Dark Mail users.
Routine Fix: Ordinary email protocols make it impossible to hide metadata information, but there are ways to secure the content of your messages. Check that you’re using the common Internet security protocols, SSL and TLS, when you’re on webmail. (The browser’s address line will start with https, and a small padlock appears.) If you’re using a desktop mail client, make sure you’re connected via SSL/TLS over IMAP or POP; otherwise your emails are being sent in cleartext and can be read by outsiders. Also, turn on two-factor authentication, a security feature offered by the three big email services, Gmail, Yahoo, and Outlook (see “5 Email Myths Debunked,” p. 82, for additional routine email-security measures).
Extreme Fix: People who truly need to guard their communications use PGP (Pretty Good Privacy) when they email each other. Every user has a pair of cryptographic keys, a public encryption key, and a private decryption one. The public key is widely distributed, while the private key is kept by the owner. A sender encrypts his or her note with the recipient’s public key, transforming it into gibberish. Since only the sender and receiver hold the keys, no one in the middle—including the email service provider—can decode the message. PGP doesn’t hide the metadata, though, and everyone you communicate with has to be using PGP for it to work.
TECH: MOBILE DEVICES
TO DO: DELETE OLD APPS
There’s no need to invent the ultimate citizen-surveillance device: It already exists, and it’s called the smartphone. Police departments have been investing in IMSI catchers (that’s short for International Mobile Subscriber Identity). These devices insert themselves between mobile devices and cell towers—the technology can be used to identify participants at a demonstration and even access their conversations. Hackers can build or buy the devices, as well. Additionally, law enforcement agencies can easily subpoena third-party companies for user data; in 2011 cellphone carriers responded to an astonishing 1.3 million demands for subscriber information. The companies handed over text messages, caller locations, and other information, in most cases without the knowledge of the user. Brick-and-mortar retailers are also making use of cellphone-location data: Some chains have started experimenting with using phones to track individual shoppers as they move through the store. And many mobile phone apps can transmit location data, contact lists, and calendar information back to their developers. Lose an unlocked phone and, of course, you give up access to your contact lists, emails, chats, and everything else that resides on your phone.
Routine Fix: First, delete the apps you don’t use—fewer apps means fewer robotic spies.
Extreme Fix: Silent Phone can encrypt phone calls ($10/month, iOS and Android)—both parties need to be subscribers. There are also secure apps for IM chats and Web browsing. Prepaid, or burner, phones are relatively safe from snooping because they aren’t tied to an account. And if you’re worried about IMSI catchers at your next political rally, just leave your phone at home.
TECH: WI-FI
TO DO:USE ENCRYPTION
We all know that browsing on an unsecured network is just asking for someone armed with cheap network-analyzing software to tune in by vacuuming the 802.11 data packets flying between your machine and the Wi-Fi router. That can happen in Starbucks, in an airport, or in your home. Last September a federal appeals court ruled that Google could be held liable for civil damages for eavesdropping on homeowners’ Wi-Fi networks while using the company’s camera-carrying Street View cars. Google says it was all a misunderstanding: The Wi-Fi data was being used to pinpoint precise locations where GPS signals were spotty.
Routine Fix: Most wireless Internet access points come with WEP (Wired Equivalent Privacy) or WPA (Wi-Fi Protected Access) to let you encrypt the messages between your computer and your access point. Use WPA if possible; it’s the stronger technology. In addition to protecting your data, turning on encryption gives you legal protection against hackers under the Wiretap Act, which Congress passed in 1968 and last amended in 1986 through the Electronic Communications Privacy Act (ECPA). If you don’t make any attempt to secure your data transmissions, the law assumes that your intention is to run a public network.
Extreme Fix: Combine a virtual private network with the Tor bundle and you’re as safe as you can be—well, almost. Want even better security? Don’t use Wi-Fi at all.