This essay is excerpted from Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier, published by W. W. Norton & Co. Inc.
Surveillance is both a technological and a legal problem. Technological solutions are often things we can do ourselves. We can use various privacy and anonymity technologies to protect our data and identities. These are effective but can be thwarted by secret government orders. We need to fight the political battle as well.
Political solutions require group effort but are generally limited to specific countries. Technological solutions have the potential to be global. If Microsoft designs its Windows operating system with ubiquitous file encryption, or if the Internet Engineering Task Force decides that all Internet traffic will be encrypted by default, then those changes will affect everyone in the world who uses those products and protocols.
The point is that politics can undermine technology, and also that technology can undermine politics. Neither trumps the other. If we are going to fix things, we need to fight on both the technological and political fronts. And it’s not just up to governments and corporations. We the people have a lot of work to do here.
Law professor Eben Moglen wrote: “If we are not doing anything wrong, then we have a right to do everything we can to maintain the traditional balance between us and power that is listening. We have a right to be obscure. We have a right to mumble. We have a right to speak languages they do not get. We have a right to meet when and where and how we please.” If a police officer sits down within earshot, it’s within your rights to move your conversation someplace else. If the FBI parks a van bristling with cameras outside your house, you are perfectly justified in closing your blinds.
Likewise, there are many ways we personally can protect our data and defend ourselves against surveillance. I’m going to break them down into categories.
Avoid Surveillance. You can alter your behavior to avoid surveillance. You can pay for things in cash instead of using a credit card, or deliberately alter your driving route to avoid traffic cameras. You can refrain from creating Facebook pages for your children and tagging photos of them online. You can refrain from using Google Calendar, or Web mail, or cloud backup. You can use DuckDuckGo for Internet searches. You can leave your cellphone at home: an easy, if inconvenient, way to avoid being tracked. More pointedly, you can leave your computer and cellphone at home when you travel to countries like China and Russia, and use only loaner equipment.
You can avoid activating automatic surveillance systems by deliberately not tripping their detection algorithms. For example, you can keep your cash transactions under the amounts where the different kinds of financial institutions have to report the transaction to the Feds. You can decline to discuss certain topics in email. In China, where automatic surveillance is common, people have started writing messages on paper and then sending photographs of those messages over the Internet; it won’t help at all against a targeted attack, but it’s much harder for automatic systems to monitor such messages. Steganography—hiding messages in otherwise innocuous image files—is a similar technique.
Block Surveillance. This is the most important thing we can do to defend ourselves. Yes, the national security agencies of the large powerful countries are going to be able to defeat anything you can do if they want to target you personally, but mass surveillance relies on easy access to our data. And most corporate surveillance isn’t nearly that directed or intense.
Privacy enhancing technologies, or PETs, can help you block mass surveillance. There are lots of technologies available to protect your data. For example, there are easy-to-use plug-ins for browsers that monitor and block sites that track you as you wander the Internet: Lightbeam, Privacy Badger, Disconnect, Ghostery, Flashblock, and others. Remember that the private browsing option on your browser only deletes data locally. So while it’s useful for hiding your porn viewing habits from your spouse, it doesn’t block Internet tracking.
The most important PET is encryption. Encrypting your hard drive with Microsoft’s BitLocker or Apple’s FileVault is trivially easy and completely transparent. (Last year, I recommended TrueCrypt, but the developers stopped maintaining the program in 2014 under mysterious circumstances, and no one knows what to think about it.) Use a chat encryption program like Off the Record, which is user-friendly and secure. Cryptocat is also worth looking at. If you use cloud storage, look for one that provides encryption. I like SpiderOak, but there are others. There are encryption programs for Internet voice: Silent Circle, TORFone, RedPhone, Blackphone.
Try to use an email encryption plug-in like PGP. Google is now offering encrypted email for its users. You’ll lose some of the functionality you get when Google can search and organize your email, but the increased privacy might be worth it.
TLS—formerly SSL—is a protocol that encrypts some of your Web browsing. It’s what happens automatically, in the background, when you see “https” at the beginning of a URL instead of “http.” Many websites offer this as an option, but not as a default. You can make sure it’s always on wherever possible by running a browser plug-in called HTTPS Everywhere.
This is not meant to be a comprehensive list. That would take its own book, and it would be obsolete within months. Technology is always changing.
I’m not going to lead you on; a lot of this will be beyond the capabilities of the average reader. PGP email encryption, especially, is very annoying to use. The most effective encryption tools are the ones that happen in the background even when you’re not aware of them, like HTTPS Everywhere and hard-drive encryption programs. Some companies are working behind the scenes to secure the data of their users. The standards bodies that run the Internet are sufficiently incensed at government surveillance that they’re working to make encryption more ubiquitous online.
Also remember that there’s a lot that encryption can’t protect. Google encrypts your connection to Gmail by default and encrypts your mail as it sits on its servers and flows around its network. But Google processes your mail, so it has a copy of the keys. The same is true for anything you send to any social networking site.
Most metadata can’t be encrypted. So while you can encrypt the contents of your email, the to and from lines need to be unencrypted so the email system can deliver messages. Similarly, your cellphone can encrypt your voice conversations, but the phone numbers you dial, the location of your phone, and your phone’s ID number all need to be unencrypted. And while you can encrypt your credit card data when you send it over the Internet to an online retailer, that company needs your name and address so it can mail your purchases to you.
And finally, encryption doesn’t protect your computer while in use. You can still be hacked, either by criminals or governments. But, again, this is targeted rather than indiscriminate. All this means that while encryption is an important part of the solution, it’s not the whole of it.
The current best tool to protect your anonymity when browsing the Web is Tor. It’s pretty easy to use and, as far as we know, it’s secure. Similarly, various proxies can be used to evade surveillance and censorship. The program OnionShare anonymously sends files over the Internet using Tor. Against some adversaries, Web proxies are adequate anonymity tools.
There are more low-tech things you can do to block surveillance. You can turn location services off on your smartphone when you don’t need them and try to make informed decisions about which apps you permit to access to your location and other data. You can be smart about posting identifying details on public sites. When Edward Snowden first met journalists in Hong Kong, he made them all put their cellphones in a refrigerator to block all signals to and from the devices, so they couldn’t be remotely turned into listening devices.
Sometimes surveillance blocking is remarkably low-tech. A simple sticker stuck over a computer’s camera can prevent someone who takes control of it remotely from taking pictures of you. You can leave the return address off an envelope to limit what data the post office can collect. You can hire someone to walk behind your car to obscure your license plate from automatic scanners, like people do in Tehran, Iran. Sometimes it is as easy as saying no: refusing to divulge personal information on forms when asked, not giving your phone number to a sales clerk at a store, and so on.
Some sorts of blocking behaviors are illegal: You’re not allowed to actually cover your car’s license plate. Others are socially discouraged, like walking around town wearing a mask. And still others will get you funny looks, like wearing face paint to fool facial recognition cameras or special clothing to confuse drones.
Distort Surveillance. I have my browser configured to delete my cookies every time I close it, which I do multiple times a day. I am still being surveilled, but now it’s much harder to tie all those small surveillances back to me and ads don’t follow me around. When I shop at Safeway, I use a friend’s frequent shopper number. That ends up distorting the store’s surveillance of her.
Sometimes this is called obfuscation, and there are lots of tricks, once you start thinking about it. You can swap retailer affinity cards with your friends and neighbors. You can dress in drag. In Cory Doctorow’s 2008 book, Little Brother, the lead character puts rocks in his shoes to alter the way he walks, to fool gait-recognition systems.
There is also safety in numbers. As long as there are places in the world where privacy-enhancing technologies keep people alive, the more we should use them, because that makes them all the more secure. It’s like envelopes. If everyone used postcards by default, the few who used envelopes would be suspicious. Since almost everyone uses envelopes, those who really need the privacy of an envelope don’t stand out. This is especially true for an anonymity service like Tor, which relies on many people using it to obscure the identities of everyone.
You can also, and I know someone who does this, search for random names on Facebook to confuse it about who you really know. At best, this is a partial solution; data analysis is a signal-to-noise problem, and adding random noise makes the analysis harder.
You can give false information on Web forms or when asked. (Don’t worry; your kids do it all the time.) For years, well before consumer tracking became the norm, RadioShack stores would routinely ask their customers for their address and phone number. For a while I just refused, but that was socially awkward. Instead, I got in the habit of replying with “9800 Savage Road, Columbia, MD, 20755”: the address of the National Security Agency. When I told this story to a colleague some years ago, he said that he always gave out the address “1600 Pennsylvania Ave., Washington, DC.” He insisted that no one recognized it.
You can also get a credit card in another name. There’s nothing shady about it—just ask your credit card company for a second card in another name tied to your account. As long as the merchant doesn’t ask for ID, you can use it.
Deception can be extremely powerful if used sparingly. I remember a story about a group of activists in Morocco. Those who didn’t carry cellphones were tracked physically by the secret police and occasionally beaten up. Those who did weren’t and could therefore leave their phones home when they really needed to hide their movements. More generally, if you close off all the enemy’s intelligence channels, you close off your ability to deceive him.
Break Surveillance. Depending on the technology, you can break some surveillance systems. You can sever the wires powering automatic speed traps on roads. You can spray-paint the lenses of security cameras. If you’re a good enough hacker, you can disable Internet surveillance systems, delete or poison surveillance databases, or otherwise act as a monkey wrench in systems. Pretty much everything in this category is illegal, so be careful.
Some of these methods are harder than others. Some of us will be able to do more than others. Many people enter random info into Web forms. Far fewer people—I’ve only ever met one who did this—search for random things on Google to muddle up their profiles. Many of these behaviors carry social, time, or monetary costs, not to mention the psychological burden of constant paranoia. I rarely sign up for retail affinity cards, and that means I miss out on discounts. I don’t use Gmail, and I never access my email via the Web. I don’t have a personal Facebook account, and that means I’m not as connected with my friends as I might otherwise be. But I do carry a cellphone pretty much everywhere I go, and I collect frequent flier miles whenever possible, which means I let those companies track me. You’ll find your own sweet spot.
We should all do what we can, because we believe our privacy is important and that we need to exercise our rights lest we lose them. But for Pete’s sake, don’t take those silly online surveys unless you know where your data is going to end up.
Excerpted from Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier. Copyright © 2015 by Bruce Schneier. With permission of the publisher, W. W. Norton & Co. Inc. All rights reserved.
