Digital privacy is important
What is digital privacy?
As we all know, we all have information, name, age, height, hobby, etc. For one to have digital privacy, they need to have control over what they want to share online. And I believe that everyone has the right to protect their personal information.
Why does it matter?
“But Seth”, you say, “I’m not a criminal, I have nothing to hide!”.
I get what you’re saying, but will you live in a house with walls made of glass? Do you want to be under surveillance 24/7? Surely not, right?
I agree that most people have nothing to hide in particular, and neither do I. But, as I “have nothing to hide”, I also “have nothing I want to share”.
Different people have different privacy need
And what I mean by that, is best explained in this privacy-anonymity spectrum, created by Eric Murphy
Big tech companies and their thirst for your information
Big tech companies, such as Google and Facebook, can you guess why their products (specifically the search engine and social platform) are free? How do they even make a profit? Well yes, they’re paid by other companies and even individuals for advertisement and such, but most of their revenue is from collecting and processing your information. And by “processing” I mean they’ll use your collected data for targeted advertising and probably even sell your information to other companies.
You know the worst part about all this? You don’t even need a Google or a Facebook account for them to start tracking and collecting your data.
Google AMP is a service that caches data, usually media, on Google servers around the world. This means that when you load a website with AMP enabled, the images and media come from Google’s servers. This means that when you are visiting a website with AMP enabled, Google knows every resource that you’ve loaded on the page. Interestingly, this gives Google access to substantially more information than your ISP would be able to get, because https encryption prevents the ISP from seeing what specific pages you visit. They can only see the domain. As an example, your ISP could see that you visited Reddit, but not what subreddit or posts. Google AMP linked content on Reddit (there is a ton of it) gives Google a direct IP – Content link that they can document and use to profile user behavior and activity.
Google Analytics uses cookies and cross-site tracking to identify and follow users as they traverse the web in their daily lives. Analytics works by assigning a user a cookie with a unique ID number, and then every time a user hits a site with Google Analytics enabled, Google records that activity and links it to the profiled user with that particular cookie. Often this is done without the user being aware.
If you’re signed in to Facebook, it’s very likely that whatever is stored in the cookie is associated with your account. Put another way, “user: 12,398,641,238” could very well identify you, specifically, by identifying your specific Facebook account.
If you’re not signed in to Facebook, though, you’re just “user: 12,398,641,238”. Seems pretty random and pretty anonymous, right?
At first, it is. Facebook might know you visited page A on site Z, and perhaps even know your country by virtue of your IP address, but that’s nowhere near enough to identify you.
Eventually, though, Facebook sees you’ve visited pages B, C, and D on site Y, pages E and F on site X, and so on and so on. Eventually, Facebook can build up quite a picture of exactly what sites you visit and what pages you view on those sites. Depending on how they analyze the data, they can figure out what topics you’re likely interested in, what views you likely hold, and even what things you’re likely looking to purchase.
It seems possible that with enough data and enough analysis, enough information could be correlated such that it could be used to identify you, specifically. I don’t believe they do this. For the most part, they’re not interested in individuals. What they are interested in is marketing to groups of individuals. Your activities more easily identify which cohorts you belong to than they identify you as an individual.
All without a Facebook account.
Why I don’t like Apple
Apple advertises itself as a privacy-focused company, in contrast to other data-hungry big tech. In their own word: “We believe that privacy is a fundamental human right”.
Yet, according to their transparency report (as of May 15, 2024), they comply with 83% of user’s data requests from law enforcement. Does that count as a violation of human rights? I don’t know. The fact that Apple complies with law enforcement like that is not a problem for most people but for anyone ranging from “The Activist” to “The Ghost” level of privacy, Apple products might not be for you.
Also, iOS and macOS, the operating systems for iPhone and Macbook respectively, are freaking proprietary. This means that even if Apple has a backdoor within those OSes, we’ll have no idea whatsoever. Do you want to give some random strangers the key to your house? I think not.
There are a lot more I want to rant about Apple, but that’s it for this post.
The solution
To be honest, there is no “one-size-fits-all” solution for privacy, the best thing you can do is to visit the Privacy Guides website and have a look around, create your threat model, and from there create your own solution.