STEPH LAWLOR/THE OBSERVER
With Mark Zuckerberg back in front of Congress testifying about data leaks, ever-present ads for VPNs and everyone from Apple to Fordham clamoring about the importance of multi-factor authentication, paranoia about digital privacy seems to be at an all-time high.
In fact, one might say that if you’re not paranoid, you’re not paying attention — but is it really paranoia if you’re right? After all, this isn’t spooky coincidence or the Baader-Meinhof effect. If you have an internet-connected device with a speaker, it is listening to your conversations and gathering data.
The data you produce is being used to build a digital picture of you, and whatever company created your device and software is using that picture to “improve the end-user experience.” Your privacy is an illusion. Your every word is analyzed. Vast computing resources go towards determining how to manipulate you. Mention to a friend that you’re hungry, and your Instagram feed tells you that Seamless has a promo sale right now. The panopticon is here, but damn if it isn’t convenient.
Apple, Amazon, Facebook and Google built a house and sold it to you — and in that long, illegible contract you signed without reading, you gave them permission to come in at any time. Not that you could have complained. You needed the house.
Luckily, this sort of thing usually stays behind closed doors. Those big companies are far more protective of your data than you are — after all, it earns them money. Sure, Zuckerberg might be eavesdropping on your 2 a.m. ramblings, but it’s not like anyone else can, right?
I think you see where this is going.
The bottom line is, the internet is inherently unable to be secure. Given enough time and resources, any system can be hacked, any encryption broken. It’s just a question of how much time it will take. For properly encrypted data, it should be longer than the lifespan of the universe — but in practice, usually the answer is “not long.” The modern world of interconnected electronics is so complex, slapdash and volatile that it is nearly impossible to cover every angle of attack, so most companies don’t bother to try: They simply put in enough security to keep the script kiddies out and leave it at that.
It makes sense: We lock our doors to keep out petty thieves, but we don’t build bunkers for the off chance a burglar will bring a battering ram.
It adds up to a learned helplessness. If someone is determined to get your data, they probably will. But, it’s still important to know just how helpless we are.
If there’s one thing you take away from this article, let it be this: Any time you are anywhere in the vicinity of an internet-capable device, your privacy is at risk. Yes, that means everything. Every single device that can record and transmit information is a potential way to spy on you. Seem paranoid? It is, but it’s also true. Cars, coffee makers, WiFi outlets, TVs — they’re all potential bugs waiting to be activated, but who cares? Your phone is far more compromising and just as insecure, and as with everything else, you can’t always tell when you’re being recorded. We are living in a world where anyone can be watched, and the only protection you have is the effort and motivation it would take to look at you in particular.
The thing is, there really is nothing we can do about it. This isn’t a problem that can be completely solved with technology or litigation — in both cases, anyone determined enough can circumvent either. And, in all honesty, this is a price we are willing to pay for those Seamless coupons. Recording and transmitting information over the internet may be inherently vulnerable, but it’s also how we communicate and interact in the modern world. The sheer volume of traffic is both a testament to how essential the system is, and the only defense we have against malicious actors.
We may not be able to put the genie back in the bottle, but with acceptance comes adaptation. There are a number of easy steps you can take to, if not eliminate, at least mitigate some of the risks of living in the digital age — putting another lock on the door, so to speak.
First, though you’ve probably heard this before, just be cognizant about what you put online. Unless you asked someone to watch your house, you should wait to post vacation photos until your return. Your finsta is definitely not secure enough for photos that could get you in trouble. And for God’s sake, if you put down “drugs” as reason for payment on Venmo as a joke, delete that before your next interview.
Second, stop using the same 1-3 passwords for everything (I know, I’m guilty of it too). It’s incredibly dangerous, and there is absolutely no reason that you should access your bank account with the same credentials you used for Club Penguin back in 2008. Use a modern, easy-to-remember password scheme like diceware instead. Now is also a good time to visit haveibeenpwned.com and check if you’ve been affected by the kinds of data breaches that make password reuse so dangerous.
Third, use a secure (that means encrypted end-to-end) service like Signal or Riot to send whatever sensitive messages you may need to. WhatsApp, SMS and especially Messenger are all vulnerable to some degree or another — fine for everyday use, but maybe not for career-jeopardizing content.
Fourth, Fordham IT has the right idea. Multi-factor authentication is good protection from most automated attacks. It may be a pain, but it also may have saved you from dangerous leaks. Also, they have neat little sliding covers that go over your webcam. It’s worth picking one up.
Finally, it’s important to remember this: although so much of the digital environment is out of your control, your physical environment is not. The easiest way to safeguard your privacy is to do things the old-fashioned way. Face-to-face conversations and handwritten letters will always be the best ways to keep a secret.
Just make sure to turn your phone off.