Censorship, Privacy and Internet

RAW MATERIAL!!!

The old-timers had it easy
Before the days of hi-tech, privacy was rather easy to obtain - one had to go away from others and just keep an eye out for stalkers. Things went more complicated as distance increased - things like intercepting couriers, secretly opening letters, decoding secret messages etc existed long before IT. Today, we have uni- and bidirectional microphones, parabolic antennas, laser interferometres and other fancy stuff - and privacy is rapidly disappearing.

"Everything you say can be used against you"
In times of old, it was really difficult to capture uttered words - the only way was to set a word against another (e.g in a court of law). But after a while, they started to be written down. And then secretly recorded (at first in writing, later in sound).

In ancient Jewish laws, there were prescriptions for privacy of home, e.g. building one's neighbour-facing window at least four cubits away (higher or lower) from his window; in addition, the law prohibited snooping at others. Later legal system introduced
 * right to autonomy, i.e. being left on one's own
 * right to control information about oneself
 * right to keep secrets and forward them in a controlled manner
 * right to solitude, intimacy and anonymity

Privacy is also separately mentioned both in the Universal Declaration of Human Rights from 1948 and the International Covenant on Civil and Political Rights from 1966 (interestingly, the U.S. only adopted it in 1992). Yet when we look at the situation in today's world, most of the points above are to be taken with some reserve.

The perception of privacy also depends on cultural context and traditions - e.g. in Japan, people are used to live in a compact manner (due to long history of dense population), for someone used to sparse population and a lot of personal space (e.g. people from Nordic countries) it may feel as a privacy violation. In some cases, privacy is limited also by
 * the person's own choice (e.g. celebrities)
 * comfort (e.g. internet banking - while handy, it requires identification to be used)

Privacy and Internet
Looking at the history of Internet, we can distinguish several stages which also brought along different levels of secrecy:
 * military network - top secret
 * research network - some secrets
 * education and NGO's - not many secrets (the "lost golden age" for some)
 * business (starting from 1991) - some secrets again
 * everyone (the Age of Facebook) - personal information

There is a paradox regarding online privacy - on the one hand, it makes impersonality and pseudonymity (in some cases also anonymity) much easier to achieve. On the other hand, there is always a risk of interception and surveillance - and there is no way to be certain (as intercepted/snooped information does not generally differ from its "pure" form, or the differences are difficult to find). Thus, privacy on Internet is a bit like the Great Ring in Tolkien's "Lord of the Rings" - it turns the wearer invisible, but can betray him/her at the worst moment... And Internet knows a lot of Isildurs.

My home is my castle
Privacy in any medium must have two qualities:
 * authenticity - the message really comes from the source it claims to be originating from
 * integrity - the message arrives in exactly the same form as it was sent, it has not been tampered

Compared to traditional (physical) privacy, the online setting has the following:
 * the situation is harder to control
 * mostly hindsight
 * everything will be used against you - directly or indirectly, right now or years later (most people do not envision running for Parliament in ten years, but some of them actually will)
 * identity theft is easier, the consequences can be even more dire than before
 * legal protection is weaker - legislation is reactive and conservative by essence, technology in contrast is dynamic and sometimes foolhardy; thus legislation tends to fall behind in nearly all aspects of information society (especially evident in the "intellectual property" issues).

PIBKAC (again!)
Many problems stem from privacy becoming a source of business. From very early days, there have been two camps:
 * those who live on maintaining privacy (bodyguards, network administrators)
 * those who live on violating privacy (spies, thieves, spammers)

And cooperation between these (playing over the head of the unsuspecting target) is not unheard of.

An example of the human factor is a well-known political scandal in the White House. The main heroine phoned to a coworker who secretly recorded the calls. In this case, added security to the channel would likely have had adverse effect - the sense of security would probably have resulted in an even more open talk that the real "leak" at the other end would have quickly made use of. Similar things are often seen in online communication as well.

It should be noted that collecting information is neutral by itself - but its use may have a very different outcome. For example, a person's health history can be used by
 * his/her doctor - nobody would really object
 * a large company unrelated to health services (e.g. a mobile provider) - many would shrug "what would they need it for?", but some will definitely be concerned
 * a bank - may result in denying a loan or having worse conditions than others due to "perceived larger risks"
 * advertisement agencies - can result in strange situations like this: http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/
 * spammers - like the previous, but in even more obnoxious manner, and can also connect to the next category
 * scammers and other criminals - a despicable fact is that most large disasters (e.g. Fukushima) breed a large number of scam schemes trying to make money on people trying to learn about their loved ones nearby. Alas, one's health history can be a good starting point too.

Conclusion
Internet has two qualities that are the main source of concern here:
 * it allows surveillance of others without them knowing, and
 * to collect, process and store increasing volumes of information over increasingly long periods

Privacy is largely an agreement between consenting adults. The reality of Internet is however different (if the chairman of a well-known company claims that there is no such thing as privacy...). The result is constant struggle between freedom and security instead of them cooperating to find a point of balance.

Links and additional reading

 * http://halakhah.com - Babylonian Talmud (Jewish Law) in English
 * http://www.un.org/en/documents/udhr/ - The Universal Declaration of Human Rights 1948
 * http://www.state.gov/j/drl/rls/irf/2008/108545.htm - International Covenant on Civil and Political Rights 1966

Study & Blog

 * Study published cases of incidents related to Internet privacy and describe three most enlightening ones (for you).

Back to the main course page

The old-timers had it easy
Before the days of hi-tech, privacy was rather easy to obtain - one had to go away from others and just keep an eye out for stalkers. Things went more complicated as distance increased - things like intercepting couriers, secretly opening letters, decoding secret messages etc existed long before IT. Today, we have uni- and bidirectional microphones, parabolic antennas, laser interferometres and other fancy stuff - and privacy is rapidly disappearing.

"Everything you say can be used against you"
In times of old, it was really difficult to capture uttered words - the only way was to set a word against another (e.g in a court of law). But after a while, they started to be written down. And then secretly recorded (at first in writing, later in sound).

In ancient Jewish laws, there were prescriptions for privacy of home, e.g. building one's neighbour-facing window at least four cubits away (higher or lower) from his window; in addition, the law prohibited snooping at others. Later legal system introduced
 * right to autonomy, i.e. being left on one's own
 * right to control information about oneself
 * right to keep secrets and forward them in a controlled manner
 * right to solitude, intimacy and anonymity

Privacy is also separately mentioned both in the Universal Declaration of Human Rights from 1948 and the International Covenant on Civil and Political Rights from 1966 (interestingly, the U.S. only adopted it in 1992). Yet when we look at the situation in today's world, most of the points above are to be taken with some reserve.

The perception of privacy also depends on cultural context and traditions - e.g. in Japan, people are used to live in a compact manner (due to long history of dense population), for someone used to sparse population and a lot of personal space (e.g. people from Nordic countries) it may feel as a privacy violation. In some cases, privacy is limited also by
 * the person's own choice (e.g. celebrities)
 * comfort (e.g. internet banking - while handy, it requires identification to be used)

Privacy and Internet
Looking at the history of Internet, we can distinguish several stages which also brought along different levels of secrecy:
 * military network - top secret
 * research network - some secrets
 * education and NGO's - not many secrets (the "lost golden age" for some)
 * business (starting from 1991) - some secrets again
 * everyone (the Age of Facebook) - personal information

There is a paradox regarding online privacy - on the one hand, it makes impersonality and pseudonymity (in some cases also anonymity) much easier to achieve. On the other hand, there is always a risk of interception and surveillance - and there is no way to be certain (as intercepted/snooped information does not generally differ from its "pure" form, or the differences are difficult to find). Thus, privacy on Internet is a bit like the Great Ring in Tolkien's "Lord of the Rings" - it turns the wearer invisible, but can betray him/her at the worst moment... And Internet knows a lot of Isildurs.

My home is my castle
Privacy in any medium must have two qualities:
 * authenticity - the message really comes from the source it claims to be originating from
 * integrity - the message arrives in exactly the same form as it was sent, it has not been tampered

Compared to traditional (physical) privacy, the online setting has the following:
 * the situation is harder to control
 * mostly hindsight
 * everything will be used against you - directly or indirectly, right now or years later (most people do not envision running for Parliament in ten years, but some of them actually will)
 * identity theft is easier, the consequences can be even more dire than before
 * legal protection is weaker - legislation is reactive and conservative by essence, technology in contrast is dynamic and sometimes foolhardy; thus legislation tends to fall behind in nearly all aspects of information society (especially evident in the "intellectual property" issues).

PIBKAC (again!)
Many problems stem from privacy becoming a source of business. From very early days, there have been two camps:
 * those who live on maintaining privacy (bodyguards, network administrators)
 * those who live on violating privacy (spies, thieves, spammers)

And cooperation between these (playing over the head of the unsuspecting target) is not unheard of.

An example of the human factor is a well-known political scandal in the White House. The main heroine phoned to a coworker who secretly recorded the calls. In this case, added security to the channel would likely have had adverse effect - the sense of security would probably have resulted in an even more open talk that the real "leak" at the other end would have quickly made use of. Similar things are often seen in online communication as well.

It should be noted that collecting information is neutral by itself - but its use may have a very different outcome. For example, a person's health history can be used by
 * his/her doctor - nobody would really object
 * a large company unrelated to health services (e.g. a mobile provider) - many would shrug "what would they need it for?", but some will definitely be concerned
 * a bank - may result in denying a loan or having worse conditions than others due to "perceived larger risks"
 * advertisement agencies - can result in strange situations like this: http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/
 * spammers - like the previous, but in even more obnoxious manner, and can also connect to the next category
 * scammers and other criminals - a despicable fact is that most large disasters (e.g. Fukushima) breed a large number of scam schemes trying to make money on people trying to learn about their loved ones nearby. Alas, one's health history can be a good starting point too.

Google in San Francisco, 2006
Proponents of cloud computing, e-society and ubiquitous computing have created compelling visions of the e-society of the future where connectivity is as universal and free as the air we breathe. At the first glance, Google wanted to take a step towards this future in 2006, when they proposed to cover the entire city of San Francisco with free wireless networks. The only small caveat - the company wanted to keep the right to collect information from the networks (about the activities and location of people) in order to offer 'context-based advertising'.

At first, the prospect of receiving a discount ad from the pizza bar nearby as soon as I sit down with my laptop in a public park is not bad at all. After all, advertisement is everywhere anyway, and if I occasionally find something useful with it, the better...

But again, there are two main concerns:
 * privacy - does anyone (which may soon become everyone!) need to know where I am at any given moment?
 * surveillance - security in such a network depends on constant surveying of the activities.

The San Francisco network project was not completed - but for reasons other than privacy: http://davisfreeberg.com/2006/10/18/san-francisco-local-politics-derail-free-wifi-project/.

Digging deeper (and waking the Balrog?)
Collecting information is increasingly easy in fully legal ways. It is possible to register even the smallest missteps, storing it is easy as well. Seemingly innocent cell phone pictures from a student party years ago may turn into a serious weapon in elections - even if at the time of the event, neither side could imagine becoming "somebody important" so soon. And sometimes, mere hinting of some compromising material is enough to derail the opponent - and the fact of hinting will be next to impossible to verify.

Data mining may have started as academic discipline, but has quickly bred "dark-side" applications too. In the hectic days of early 90s, the freshly independent Estonia had an urgent need for all kind of databases and registries (these were the golden days of IT students having mastered dBase and FoxPro). There was a young programmer who was employed by several institutions and companies, including banks, police, traffic authority etc. Predating official cross-institution databases by several years, he managed to compile a "super-database" containing various information (from car license plates to credit standing) about thousands of citizens. The bases were sold illegally for 30-50 thousand crowns (likely equal to a comparable sum in Euro nowadays) and were secretly used by many businesses. However, this was before the e-services and infrastructure of today - lots of what took shady connections and illegal information back then can now be done just by googling.

The File Effect
Note: The "file" is used here in the legal sense, i.e. a (paper) file containing documents.

As the computing power increases, processing and systematizing information becomes easier in increasing volumes. When in the old days, storing everything was out of question as both processing power and storage were expensive, today we see more and more detailed data collected "just in case". Customer databases of many companies get nearer in detail to court files - and the government is not innocent either (as exemplified by the recent NSA scandal - but similar activities do have a way longer history).

Privacy or comfort?
Perhaps the greatest threat to privacy and security is comfort. Locking a door, setting a car alarm, entering a computer password - all these are little nuisances. Most people do understand that they are necessary nuisances - but they often try to minimize the frustration (e.g. leaving a password or a PIN blank or keep the default one). And especially in the today's e-society, many not-that-secure technologies and practices have prevailed over better alternatives due to comfort:
 * any mobile phone (as a radio device) call can essentially be intercepted
 * laptops used by ignorant people are vulnerable in many ways
 * use of public computers (in a hotel or Internet cafe)
 * open or weakly secured wireless networks (note: properly maintained open WiFi can be rather safe to its owner - but not necessarily users)
 * a large share of social media (including Facebook)

Digital enclosure
The term was initially used by Mark Andrejevic, a scholar from the University of Iowa, US. He derived it from a historical process - enclosure of community land (commons) into private ownership in the 18th-century England. In the digital realm, a digital enclosure is an interactive space where every action also generates a transaction, or information about the action ("digital footprint"). Entering a digital enclosure implies a) disclosing (increasing amounts of) personal information and b) agreeing with some form of surveillance. And again, the problem is comfort - its owners strive to make entering a digital enclosure so easy that people give up thinking.

Mobile phones (in their different forms and technology) constantly position themselves. It has ethical, legitimate uses (e.g. finding an elderly woman lost in the woods by positioning her phone) as well as gray areas and rather "dark" ones (e.g. various sources suggest that Russia assassinated Chechen rebel general Dudayev by positioning his satellite phone, similar things are told about some events in Israel).

“Use the Force, Luke!”
The e-society does have both the Light and Dark side. Citizen democracy, e-inclusion of minorities etc are the former, while the latter have many faces:
 * massive surveillance
 * uncontrolled gathering of personal data
 * solipsism (self-centredness) and hedonism - promoted by many services online; this kind of person is very easy to manipulate both by businesses and state
 * impersonalization of relationships - both on human and business levels

And there are both the Jedi and the Sith online...

The Big Brother
The "mass society" (as defined by some sociologists) had a lots of issues, but it also had one advantage - it allowed to "fly below radar", hiding among the crowds. It is increasingly difficult today. Many of the modern hardware and software "calls home" (including all proprietary operating systems, but recently there was also a news story about TV-s made by LG). Getting and installing software used to be a private endeavour - not so anymore. Most of all in proprietary systems, but even many well-known free and open-source software systems have opted for central repositories and installations. Again, in the name of comfort...

Coming back to the Estonian "super-database" case - today, there is a number of large corporations (mostly in the U.S.) whose business model is exactly the same (examples include LexisNexis, Equifax, Acxiom and others). The personal information is turned into private property (trade secret) that is the more valuable the more detailed it is. See http://www.bigbrotherawards.org for some additional reading.

(An idea to think about - is there any information that would be rejected by the gatherers: "Sorry, this is of no interest for us."?)

Asymmetric loss of privacy
In "old-school" network communities (Usenet, mailing lists, talkers, MUDs...), surveillance existed too. However, it was generally transparent and rather symmetrical (while admins watched the community, they were also under the surveillance of commoners and gross misconduct would have likely resulted in punishment). Today, one of the core questions is "Who watches the watchmen?" - while commoners get more and more transparent (as most of their information becomes available online), different agencies and corporations guard their secrets more closely than ever.

As a kind of sad irony, there have also been attempts of community-based surveillance online - an example is checkmymate.com (2001-2007). Basically, people agreed to build a prison for themselves ("but hey, they invited us to participate!").

An interesting thing to watch is probably the most famous advertisement by Apple, launched during the U.S. SuperBowl 1984 - http://www.youtube.com/watch?v=HhsWzJo2sN4. (the link is not working anymore. Here is the fresh one: https://www.youtube.com/watch?v=2zfqw8nhUwA - edited by Bogdan Kelichavyi) It depicts overthrowing an Orwellian, totalitarian society with the help of Apple products...

Conclusion
Internet has two qualities that are the main source of concern here:
 * it allows surveillance of others without them knowing, and
 * to collect, process and store increasing volumes of information over increasingly long periods

Privacy is largely an agreement between consenting adults. The reality of Internet is however different (if the chairman of a well-known company claims that there is no such thing as privacy...). The result is constant struggle between freedom and security instead of them cooperating to find a point of balance. One could say that the key is awareness without sinking into conspiracy theories. The best antidotes for digital enclosures and other unwelcome processes are
 * disclosure
 * discussion
 * people willing (and having time) to think

Links and additional reading

 * http://halakhah.com - Babylonian Talmud (Jewish Law) in English
 * http://www.un.org/en/documents/udhr/ - The Universal Declaration of Human Rights 1948
 * http://www.state.gov/j/drl/rls/irf/2008/108545.htm - International Covenant on Civil and Political Rights 1966
 * ANDREJEVIC, Mark. Surveillance in the Digital Enclosure. http://sspa.boisestate.edu/communication/files/2010/05/Andrejevic-Surveillance-in-the-Digital-Enclosure.pdf
 * Eesti Päevaleht, April 17, 2000. Puhka rahus, andmebaaside virtuoos Imre Perli! http://epl.delfi.ee/news/arvamus/puhka-rahus-andmebaaside-virtuoos-imre-perli.d?id=50825984 (In Estonian - there seem to be no information available in English; this and some other Estonian online sources can hopefully be read to some extent using online translation services)
 * BBC News, April 21, 1999. 'Dual attack' killed President. http://news.bbc.co.uk/2/hi/europe/325347.stm
 * PARENTI, Christian (2003). The Soft Cage: Surveillance in America - from Slave Passes to the War on Terror. Perseus Books.