“At least people are thinking about it now” — Edward Snowden when he was asked by a journalist whether it was worth all the hassle.
Remember the Edward Snowden revelations? Sure, it’s been a decade, but the impact of those revelations is undeniable. They changed society’s perception forever. Snowden brought programs like PRISM, Tempora and XKeyscore to light. A decade later we have laws like GDPR in Europe or the USA Feedom Act which are supposed to protect our privacy.
Case solved? Privacy protected? Definitely not, read on to learn what the current threats are and how to defend against them. But let’s start with a trip down memory lane…
The Internet until 2013
Prior to 2013, awareness of data protection was not very strong among many people and companies. Data protection laws already existed, but they were often poorly implemented or not strictly enforced.
One of the main problems was that Internet users often did not know what information they were leaving online and how this data could be used by third parties. Various platforms and services blithely collected data that was used for personalized marketing purposes. Governments and intelligence agencies also had access to this information, usually without the users’ knowledge or consent.
This has led to an increased debate about the right to privacy in the digital age and the need to reform the way personal data is collected and used online.
The turning point
In 2013, former CIA and NSA employee Edward Snowden caused a worldwide sensation. He outed himself as a whistleblower and triggered a wave of revelations with the publication of a series of top-secret documents that revealed massive surveillance programs by the United States and its allies.
With these leaks, Snowden sparked a global debate about the balance between security and privacy in the digital world. This discussion led to a series of reforms and increased awareness of privacy issues. Nevertheless, Snowden has since lived in exile after being charged with espionage in his native United States.
2013 to present
Because of these revelations and the fact that people around the world now knew what many governments and institutions were doing with their data, many things changed. Some of these changes can be directly attributed to Snowden’s revelations:
Privacy awareness: the revelations have led to a greater awareness of privacy and data protection. Users are now more aware than ever that their online activities can be monitored and their data collected. This has led to increased demand for secure and privacy-friendly services and products.
Legislation: Measures have been taken at the regulatory level to better protect the privacy of citizens. In Europe, for example, this led to the introduction of the General Data Protection Regulation (GDPR), which sets stricter rules for the processing of personal data by companies. In the U.S., the USA Freedom Act was passed, restricting some of the surveillance practices uncovered by Snowden.
Encryption: the use of encryption technologies has increased significantly. Both companies and individuals have recognized that encryption is an important means of protecting privacy. Today, many messaging services are end-to-end encrypted by default, and websites increasingly use HTTPS instead of HTTP.
Privacy-friendly services: In response to user demand, many companies have introduced more privacy-friendly services. This includes both new companies that have made privacy their main selling point and established companies that have improved their privacy practices.
Activism: The revelations have also led to a rise in privacy activism. There are now more organizations and individuals advocating for data protection and privacy. They are helping to raise awareness of these issues and put pressure on companies and governments to enforce better privacy practices.
So the question arises: Is our privacy now secured by law? Unfortunately, the answer is a clear no. Ten years after Snowden, ten years of activism and data protection laws have not made things better – rather the opposite. We leave digital traces everywhere and they can be exploited using methods that are legal even under today’s laws. With the advent of apps, digital services, and the IoT, more and more of our lives is taking place online. AI makes it all the easier to exploit these traces. And some players don’t even care about legality. Just to mention the word “Pegasus”.
What’s is so valuable about our data that governments and big companies alike are after it? They either want to control our behavior or attract our attention.
Let’s talk about your attention first because it’s more obvious. Since everything is free on the Internet, companies make money with ads. The longer you stay on their sites, the more ads they can present and the more money they make. They therefore use AI algorithms to make models of you. Having a model, a kind of puppet, allows them to try new ways to keep you watching without needing you in person. Ever wondered why so many young people become addicted to social media? Ever wondered why ADHD is so widespread these days? Now you know.
And talking about control of behavior. You are convinced that in elections you decide freely according to your own conviction? Of course you do, but your conviction is influenced by the news you read. Having a model of you, it’s possible to present news which generate a bias in one or the other direction. Optimized for you, personally. The news need not be fake news, it’s just the selection. And we all know that ads and news presented by social media are selected by algorithms…
But what can you do?
Educate yourself! Understand how data is used to control you, how and when it is collected and stored. What is legal and what not. Understand what it means to share your personal information – not just on Facebook, but everywhere. Think about how to decide in certain situations whether privacy or a “free” service is more important to you – without getting paranoid.
Use tools to protect your data. Choose browsers focusing on privacy, not on features. Choose your search engine carefully — after all, you share many of your thoughts with it. Use application firewalls like Little Snitch to visualize all those data connections which normally occur under the hood and to block those connections that undermine your privacy.
Support privacy activists! This is not only your personal issue, it’s a problem of our society. And a social problem demands social strategies. Support the issue in discussions with other people. You know the reasoning. Support privacy activists in your (digital) neighborhood and worldwide. There are a number of organizations you can support, like the EFF in the US. Here in Austria we have epicenter.works where people do a great job checking all new European and Austrian legislation for their impact in privacy.
Edward Snowden sacrificed his own freedom for ours. The restrictions he lives with until today – 10 years “after” – should not be in vain. Now it’s your turn. Care about your privacy!
“Arguing that you don’t care about privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” — Edward Snowden