In this brave new age of borderless information sharing, there is an increasing sense of deepening unease. Surveys of public opinion over the past few years indicate a growing “crisis of confidence”: people don’t know how their personal data is being collected and used and they feel like they’re losing control.
And that sentiment is only getting worse – in research released earlier this year, young people in the United Kingdom thought online privacy was of more significance to them as an issue than extremism, foreign conflicts, the environment, immigration or crime. Academics in the UAE last year also found that as a user’s reliance on the internet grows, issues like personal privacy are starting to “trickle across the world as major concerns”.
Around the world, legislators have debated what new principles, frameworks and ethics are needed to protect our privacy in the “big data” age. The UK has lurched from one legal skirmish to the next; the Communications Data Bill, the Data Retention and Investigatory Powers Act, the European Union Data Protection Regulation. The arguments for and against have been long-winded and often highly technical. However, a number of American states, including California, Texas and New Jersey, have criminalised revenge porn and several prosecutions have been made. Despite this, it can be argued that laws don’t really matter.
In extremis, as some in Jon Ronson’s book find to their cost, your privacy in the final instance is not protected by law, but by technology and how you use it. The worst threats to your privacy are not coming from large, respectable companies with reputations to protect and consumers to attract, entities that are willing to be bound by laws. It is from a range of shady organisations and malicious or simply outraged individuals – from embittered boyfriends close to home to sophisticated criminal cartels and strangers on a social-media rampage. And what they do is not dictated by what the law says, but what technology allows them to do. Your safety online is not a question of legal permissibility, but of technological possibility.
“Non-consensual pornography”, better known as revenge porn, has become a new, vicious weapon for jilted ex-lovers. Spoof accounts on social media are set up inviting your family and friends, even co-workers, to join – full of explicit images. Victims have been blackmailed, others harassed for years. The largest websites contain thousands of such images, sometimes gained through trust, sometimes hacked from the victim’s account. Linked to this is “doxing” or life ruining, where available, often embarrassing information about your online persona is swept up by capable internet detectives and connected with who you really are. Suddenly the risqué pictures, or controversial opinions of your offline persona are bombarding your family, friends, school or work.
These are just a few threats among many. The popular arteries of online commerce – like PayPal, Craigslist and eBay – have all been hit by increasingly sophisticated scams and cons. There are also more direct attacks on your online life: hacks. Security vulnerabilities in the software you use are exploited to steal passwords, take control of your webcam, social-media profiles, your smartphone, or to put quietly destructive or compromising software on your unsuspecting devices. Information stored in “cloud” services has also proved vulnerable, and one of the most famous hacks in recent years was the “Celebgate” leaking of 500 private pictures of mainly female celebrities. As with many breaches of privacy, the secondary effects vastly increased the damage, as the images went viral. It’s not just celebrities that are targeted. Criminals have been quietly building “botnets” for years – networks of infected computers they use to participate in further attacks, send out spam and steal private information. The largest are estimated to have more than a million members.
This is the sharp end of privacy, and the most dangerous side of digital life. The consequences of these breaches of privacy can be ruinous – far worse than Google automatically scanning your email account to send you slightly more relevant advertisements. Especially young, especially vulnerable people have had lives ruined online; lost jobs, had to move schools. It has resulted in drug abuse, alcoholism, depression, even suicide.
It is in these worst cases that the law often offers the least protection. Much of this activity is illegal, of course, although it is currently unclear whether a series of new laws has dented these practices. When it does happen, there’s little that the legal authorities can do to reduce the harm. It is very easy to upload content onto social media, and notoriously difficult to remove when it’s there. The internet Watch Foundation reports that 100 per cent of the abusive material referred to them had been taken from its original location and uploaded onto a different website.
Facebook, Twitter and YouTube have struggled to curb ISIL’s use of social media for months. Revenge-porn websites spring up as quickly as they can be closed down, and information about you can be hosted on servers far beyond the jurisdiction of your local police. In these cases, privacy comes down to technology, and how it is used. As we bank and buy online, we use elaborate encryption technology every day, elaborate walls of mathematics to keep us safe. Sometimes, privacy is breached due to a mistake: an identifying address in the backdrop of a photograph, a personal detail casually shared to the wrong person. A whole industry of “cyber threat intelligence” has sprung up to help companies remove compromising details of their employees on social media. Sometimes, the technology itself is undermined. A shadowy market is flourishing in “zero day vulnerabilities”, where the unknown flaws in the software we use every day are found and sold to the highest bidder – sometimes to the software makers themselves, sometimes to the people with our privacy in their sights.
Technologies both help and hinder us, protect our privacy and undermine it. But this is a world of algorithms over ethics. Don’t look to the law to protect you. It is up to everyone to take personal responsibility and learn the basics of the technology that could both save and ruin you – what you use, how you use it, what you share and the possible consequences. It’s the Wild West out there, and everyone needs a bulletproof vest.
Carl Miller is co-founder and research director of the Centre for the Analysis of Social Media at Demos, a London-based think tank.
