Our lives have been so augmented—or subsumed—by interconnected cybernetic devices that it’s sometimes difficult to appreciate what we’ve gained.
We can now communicate cheaply and easily, and on a variety of media, with almost anyone anywhere in the world. We can find whatever fact we want, buy any item, monitor our homes, our finances, our children, our physical fitness, all with a few swipes on a screen. We can entertain ourselves for hours, albeit at the risk of eyestrain.
What we’ve lost, of course, is something we once held immeasurably dear—privacy. With every click and swipe, we are contributing to massive databases compiled by shadowy corporate and government entities. We are telling them where we live, the status of our health and finances, our political views, our sexual proclivities and interests. Mobile phones are now tracking devices, logging permanent records of our movements. Surveillance cameras are everywhere. Most of us know nothing about the businesses and agencies collecting this information, but they know almost everything about us.
Which raises the question: Do we even care? For much of the Internet Age, that answer has been: not much. The power and convenience of a sophisticated computer network outweighed any concerns that it was taking at least as much as it was giving. But much of that bliss, say experts, was due to simple ignorance.
“Frankly, the state of privacy is a mess, and most people don’t know how much of a mess it is.”
Most of us, bedazzled by the manifold wonders of the virtual world, didn’t know the degree of intrusiveness represented by Internet service providers (ISPs), search engines and data miners. That has been changing in recent years, and concern has been rising with awareness—including at Cal. Last year, student and faculty groups objected when it was revealed that a system had been installed on all University of California computer systems that can monitor all emails, website visits, and incoming and outgoing data. The move was undertaken secretly—or at least, without overt communication—by the UC Office of the President (UCOP), supposedly to confound “advanced persistent threat actors.”
“Frankly, the state of privacy is a mess, and most people don’t know how much of a mess it is,” says Tien. “People understand that a website they visit records their visit, but they probably don’t know that the ISPs and browsers they use do the same thing. It’s only been recently that they’ve come to understand that their cell phone companies know where they are, and that their movements are recorded. But they still don’t know the full range of the information that’s collected, or the meaning and potential applicability of that information.”
And it’s not just that cell phones track you, says Jesse Goldhammer, the associate dean for business development and strategic planning at Cal’s School of Information. Police agencies have employed so-called stingray technology to eavesdrop on cell conversations.
“Stingray devices emulate cell phone towers, allowing police to listen in on all mobile phone conversations within a certain radius, and it’s very difficult to determine if they’re being used,” says Goldhammer. “It’s murky stuff.”
“That, of course, is completely wrong,” says Tien.
Further, even organizations generally considered sacrosanct guardians of personal data—such as health care providers—are leaky, says Tien.
“Even with HIPAA [the Health Insurance Portability and Accountability Act of 1996, which established federal rules for securitizing and sharing private health data], sensitive medical information is exchanged widely,” Tien said. “It’s difficult or impossible to determine who knows what, and how much, about your medical history.”
And it’s not just the quantity of publically disseminated personal information that’s worrisome, says Tien: It’s also about the way it’s parsed, and the context in which it’s analyzed. Smart electric meters, for example, can tell outside observers a great deal about what’s going on inside a home.
“That includes whether you’re home or not, when you get up and go to bed—even your hygiene, recreation or food consumption habits,” says Tien. “Water heaters, hair dryers, televisions, microwaves, electric stoves, all register different signatures on smart meters. This kind of granular data is potentially very valuable and can be used for a number of different purposes—which is why EFF worked with the Public Utilities Commission and other groups to establish rules that require consumer consent before smart meter data can be used for purposes other than encouraging energy efficiency.”
Hoofnagle, for his part, says the world is now in a state of “security debt,” the result of magical thinking about the wonders and benefits of the Computer Age.
“We embraced computing because it is obviously awesome, but we were a bit too credulous in the process and we underinvested in security,” wrote Hoofnagle in an email. “Remember the ‘paperless office’ of the 1990s? It was advertised as more secure than a paper one. Tell that to all the federal government employees exposed in the  Office of Personnel Management data breach.”
And yet, the amount of data gleaned by corporate or government players may be paltry when compared to the vast quantities of information consumers willingly fork over on their own.
“Wittingly or unwittingly, most people just give away their ‘private’ information,” says Goldhammer. “Instagram, Snapchat, and Facebook collect gigs of data from individual users as a matter of course.”
Goldhammer observes that companies such as BlueKai obtain much of this information simply by analyzing public sources and monitoring Web-surfing activity.
“They grab gargantuan amounts of publically available information, and then they make very accurate inferences,” Goldhammer says. “Your age and gender, for example. Or whether you have car or home loans, or children, and the ages of your children if you have them. From that they might determine what you’re inclined to buy, or where you might go on vacation—valuable information for anyone with something to sell, or a resort to pitch. Or say you go to a [co-op or online retail website], and it recognizes you as a member. A communication goes out to BlueKai or another third-party data collector, and asks ‘What do we know about this guy? What should we show him on the homepage?’ And they get back a response targeted to your likely preferences.”
This all happens in milliseconds, says Goldhammer. And while it’s all for commercial purposes at this point, “We don’t know what will happen in the future. The information is out there, and it’s being used.”
While there are many legitimate concerns about growing surveillance and concomitant ever-eroding privacy, we may be focusing most of our attention on straw men rather than the true threats, says Hoofnagle.
“No data are very secure in our networked world,” he states. “Banks and insurance companies can’t protect highly sensitive personal data. Our government can’t protect voting machines or the communications of top government officials. The NSA hasn’t even been able to protect its supersensitive hacking tools.”
Typically, cybersecurity is considered necessary to combat data leaks and denial of service attacks, Hoofnagle says, “ … but I’m more concerned with attacks that corrupt the integrity of our data. Imagine attacks where hackers subtly change systems so that they produce inaccurate results. We might not detect the interference, but eventually our systems would fail us and we would lose trust in them. Just as an example, the Navy is reportedly training sailors to navigate by the constellations again, motivated by the concern that electronic navigational systems could be manipulated or fail in a conflict.”
Still, plenty of pundits are worried that data mining already poses a clear and present danger not just to privacy, but to personal liberty; and that applies to UC Berkeley’s email surveillance system. Jeffrey MacKie-Mason, the University Librarian and chief digital scholarship officer for Cal and a professor with the School of Information and Department of Economics, says most people at Berkeley are unaware of the details and implications of the monitoring program.
“As awareness of the risks grow,” he said in an email, “the free-wheeling communication so important to research and education will be inhibited.”
In an email to CALIFORNIA, Dianne Klein, UCOP’s press secretary and vice president of strategic communication and media relations, stated emphatically that UC’s “ … threat detection system is not being used to read the contents of people’s emails …. UC has no interest in reading anyone’s emails. Use of this system does not require nor cause changes to the way the university handles email or email security. This system simply identifies ‘malware.’ In addition, email is often encrypted in transit across our network, and this system does not decrypt email traffic.”
But MacKie-Mason is not heartened by UCOP’s assurances. “No data are very secure in our networked world,” he states. “Banks and insurance companies can’t protect highly sensitive personal data. Our government can’t protect voting machines or the communications of top government officials. The NSA hasn’t even been able to protect its supersensitive hacking tools.”
Still, the degree of threat from privacy loss may well depend on who you are, says Goldhammer.
“Does it keep me up at night?” he asks rhetorically. “No. But I’m a white guy, almost 50 years old, and I’m a huge beneficiary of white male privilege. If I were a Muslim living in the United States, or an undocumented immigrant, I might well feel differently.”
Using data to exercise state power and employing it to convince you to buy stuff are two different things, says Goldhammer, but the same information can be applied to both endeavors.
“We know data collection is used for criminal inquiries,” Goldhammer says. “Offhand, I can’t think of it employed for any large-scale dragnet investigations, but that’s not to say they haven’t happened.”
Ultimately, anyone concerned about protecting private data should act independently rather than accepting institutional assurances, says Hoofnagle. Installing anti-malware systems on personal computing and communication devices might help, as may accessing networks on supposedly secure browsers such as Tor and DuckDuckGo.
And of course, strong passwords are a must. Or are they? “We should be helping people follow good rules instead of annoying them with training,” Hoofnagle says. “That’s why I think it would be more valuable to buy a license for a password management system than tell people to ‘choose strong passwords.’ ”
On a personal level, says Hoofnagle, phishing expeditions launched by online crooks—not Big Brother—remain the biggest threat. Two-factor authentication can reduce the risk significantly, he observes, and Cal is now testing such a program.
That, of course, doesn’t address the larger question: Is privacy dead? Not really, says Hoofnagle. It’s not even moribund—but the concept of privacy has changed. Our privacy, in other words, isn’t grandpa’s privacy. It’s, well, less private. But that doesn’t mean it’s as extinct as the smilodon.
“Yes, there are more cameras, mobile phones, and ways to identify and aggregate information about individuals,” Hoofnagle said in an email. “[But] at the same time, there are quickly evolving norms about when and how data can be collected, how it can be used, and the circumstances [in which] it can be shared.”
Indeed, such standards already have been implemented, says Hoofnagle—just not in California. Or America. Still, we ultimately should be beneficiaries.
“The most significant pro-privacy developments are in Europe,” Hoofnagle says. “The EU has comprehensively regulated commercial information collection through the General Data Protection Regulation, and it has begun the process of regulating criminal investigations. These protections will benefit Americans because we will both learn from and mimic [them], and also because multinational companies will comply with European rules and extend them to American customers.”