In his work “A Cypherpunk’s Manifesto” Eric Hughes wrote, “Privacy is the power to selectively reveal oneself to the world.” The weight of this comment may not be immediately obvious but is increasingly relevant in our day-to-day lives.
The importance of online privacy is relevant to everyone—not just users who are looking to avoid the scrutiny of authorities for reasons related to questionable activities. Even users who are comfortable with having their every move online tracked should be aware that large data breaches regularly occur at major companies and governments. These events expose users’ personal data to hackers, which can be exploited in various ways.
Everyone on the Internet Should Understand Online Privacy. But do they even care?
As a journalist and online privacy advocate, Glenn Greenwald pointed out in a widely-circulated 2014 TED talk that the Internet was, at one time, thought of as a new frontier for democratization and liberation. According to Greenwald, the internet could now be considered a "zone for mass surveillance".
Greenwald claims that some feel there’s no harm in mass online surveillance because it only threatens those who are engaging in illegal activities. This line of thinking includes the idea that only those who have something to hide should be concerned about their privacy. It frames the notion that some people wouldn’t want to share every aspect of their lives with the government as defensive behavior. In 2010, Facebook’s founder, Mark Zuckerberg, claimed that privacy should not even be expected online as it is no longer a social norm. This is a dangerous belief, which unfortunately seems widely accepted in mainstream narratives despite its negative effects on individual liberties. Why should one care about privacy? Is one truly free to speak without it?
According to one study published in 2022, more than half of internet users are concerned about their online privacy. Let’s take a look at some key concepts and terms relevant to online privacy and steps users can take to better control and protect their data.
Important Concepts Linked to Online Privacy
Common concerns that relate to online privacy may include the preservation of sensitive personal and financial data and users having a say in who they are advertised to.
Personal data is any information that can be used to identify you. It can include your name, address, social insurance number, birthday and can also extend to your entire financial, educational, employment and medical history. Information including online identifiers and browsing history can also be considered personal information. One qualifier that defines personal data is that it is clearly about one particular person.
Personal data is considered valuable by advertisers and regulatory bodies alike, and the collection and sharing of users’ personal data is an important aspect of how many companies and apps are configured. Personal data is collected by websites, social media platforms, employers and more. This data is stored on web servers across the world, often changing hands in ways that are unknown by the users themselves. The selling of data is often part of the fine print and terms of service when using apps and websites, and is defined under things like GDPR or CCPA.Such regulations are often thought of as privacy friendly, but really only state that you have to consent to the sale of your personal data.
One step that users can take to make themselves less vulnerable online and to put their privacy more into their own hands, is by focusing on apps and software that offer encryption. Encryption refers to the scrambling of the data stored and shared online, aiming to allow only trusted entities to interact with personal data.
Encryption ensures that only those with the relevant access keys are able to view the related content. It allows users to have more, but not ultimate, security over the information they share. Using a secret passphrase known only to the sender and receiver to unlock information is an excellent way to improve your security.
End-to-end encryption refers to encryption wherein only a user and their intended recipient are communicating without the ability of even the communication service to view or collect users’ data. While some messaging services are said to offer end-to-end encryption, some online security advocates challenge these claims as the services may provide “backdoor” access to government bodies. Oftentimes, the justification for this is to collect data necessary for fighting crime.
Threats to Online Privacy
When it comes to ways of protecting personal data, there are steps that individuals can take to decrease the risk of security breaches and minimize the amount of information readily available to unwanted external parties. Tools from ethical, security-minded companies can help users store and share data with more control, making use of the latest web security technology.
While taking steps at the individual level can enhance users’ online privacy, there are policies at the institutional level that can make it difficult to avoid the collection and sharing of personal data. In these cases, simply learning about policies and programs that involve your personal data is a way of being more aware of circumstances when your data could be collected, and of knowing how it could be used.
Signing up for any new online account or app often involves agreeing to a range of terms and conditions wherein users permit organizations to collect agreed-upon information in exchange for the use of the application. Whether it’s on computers or phones and whether or not users are aware of what information is being collected, government bodies and private organizations alike are able to create detailed profiles of people based on data they willingly provide to websites. Often, users don’t even read the terms and conditions when signing up for a new service.
Controlling the amount your private data is collected may be increasingly relevant as smart cities that adopt surveillance technologies become more prevalent. Mindful online conduct may include making a list of each of the accounts and online services you subscribe to and determining whether the information you knowingly provide to each of these entities is worth the benefits of each service.
Online Privacy Regulations
Data breaches affecting companies as large as Facebook have sparked conversations as to the degree of involvement government policies should have regarding the collection and use of personal data. While government regulation is often necessary to lay the foundation for public market participation, the excess of such is also a risk factor that commonly limits progress.
As whistleblower disclosures have shown, government bodies themselves may also collect and use data in ways that average internet users could not have anticipated or foreseen. In the United States, for instance, all phone and internet data has been monitored by Federal law enforcement since the ‘90s. This data is unfathomably vast, so agencies including the NSA and the FBI create systems that analyze this data for use by intelligence and local law enforcement agencies.
Software Vulnerabilities and Secure Protocols
There are a number of security risks associated with typical internet usage. Free, public Wi-Fi is becoming increasingly available—which is a boon for those who work on the go and those with limited data plans—but these free, public Wi-Fi networks can be easy targets for those seeking access to users’ personal data for nefarious purposes.
Adversaries can access unsecured devices on public networks, which can provide unfettered access to important personal information including credit card data, passwords and personal documents. When users’ privacy settings allow for file-sharing across a network, it’s an opportunity for hackers to implant malware on users’ devices, further compromising their online privacy.
There are steps diligent users can take to make themselves less vulnerable when using unsecured networks. A VPN (virtual private network) creates a private network on top of an existing public network, improving security. VPNs also often include encryption, making stolen data less useful to hackers.
HTTPS is a protocol that helps to protect data by preventing access from parties aside from the primary user and the server they’re accessing, using encryption and a series of communication exchanges referred to as a “handshake.” Other security-minded steps include turning off sharing on devices on public networks and keeping Wi-Ffi off, aside from when it’s being used as devices are known to transmit some data even to networks users aren’t connected to.
Online Privacy and Bitcoin
Bitcoin is seen by many as being a new frontier for digital privacy. Its potential for decentralization means that users have more ability to control their own data and to have more agency in controlling decisions that relate to their privacy.
However, Bitcoin transactions are, by design, not confidential. Transactions on the block chain are secure, but their details are publicly viewable. When bitcoin is obtained in a way that is linked in some way to a user’s identity, and when information about transactions is shared, its pseudonymity in future transactions is easily negated. For example, if a user makes an online purchase using bitcoin, but does so through a regulated exchange which requires the completion of KYC processes, then pseudonymity can easily be compromised.
There are inherent issues associated with many bitcoin exchanges and users may be left with a sense of uncertainty with regards to how their personal data is being used. Developers may be able to collect sensitive personal information and the exchanges themselves are vulnerable to hacks, as seen in the Mt. Gox debacle and many since.
Initiatives like Wasabi Wallet—which offer anonymous communication using the Tor network, coin mixing and non-custodial personal control over private keys—can go a long way towards putting users in control of their bitcoin and retaining their privacy online.
The anonymization strategy employed by Wasabi Wallet and other Bitcoin privacy solutions is called coinjoin. Coinjoins are a collaborative bitcoin transaction. Users send their bitcoins to themselves with other users at the same time to reclaim their privacy. When the transaction occurs, everyone’s bitcoins are mixed with one another to make it much harder, if not impossible, to trace their transaction history.
As technology continues to grow into nearly every aspect of our lives, privacy as a resource is growing more scarce. We recommend the use of privacy tools, like Wasabi Wallet, to maintain your right to privacy. Consider taking control of your personal information to defend yourself from the intended (and unintended) repercussions of our increasingly digitised society.