Thursday 1 March 2018

Digital Self Defense

I watched a very interesting keynote speech recently by Pernille Tranberg and Steffan Heuer, authors of "Fake It!: Your Guide to Digital Self-Defense". They are journalists, so are familiar with information gathering techniques. The main thrust of their argument is that we are currently in an era where data about people is a commodity and companies are grabbing as much information about us as they can to build detailed profiles of our behaviours and preferences. They discussed how your digital identity needs to be managed in order for your privacy to be maintained. The presenters were referring to the digital persona we create online through platforms such as facebook, linkedin and other social media services.

These are publicly accessible trails of our lives, and while they may be useful tools for communicating with friends and family, the data that is able to be analysed can be very revealing. If you ever thought that you have nothing to hide, then take a look at the facebook information gathering tool stalkscan.com. This will show you everything that is publicly accessible in a person's facebook profile, from likes to posted photos, comments etc. It is in the interest of companies like facebook for individuals to have a casual attitude towards privacy, as this is the basis of the their business model. They commoditise your personal information so they can target advertising in a very specific way. Are we really prepared to give up so much information for these "free" services? We can compare attitudes towards the environment in the 1960s with today's attitude towards personal data access. It is somehow not part of our collective consciousness to be concerned about information privacy. Is this because people don't care or are simply not aware of how much information is being traded in these transactions? Would you be happy to hand over your mobile phone number when buying a groceries at a store? Most people would not like to give out this sort of information in real life but this is a common trade when using online services.

Not all is lost though as governments are realising the importance of this issue and the potential for abuse of our personal information. In Australia, the ACCC are running a digital platforms inquiry, which specifically looks at the issue of information gathering by these large corporations
(https://www.accc.gov.au/about-us/inquiries/digital-platforms-inquiry). In Europe, the EU General Data Protection Regulation (GDPR) will come into effect on 25 May 2018 (www.eugdpr.org). This is the result of four years debate in the EU parliament and will bring into law the following protections for personal information: privacy laws will apply to companies that process information in the EU even if they are based elsewhere, penalties of up to 4% annual global turnover breaches of privacy, improvements to consent for use of personal information. In addition the following rights are being implemented: Notification of data breaches, Right to Access your personal information, Right to be Forgotten (data erasure) and Privacy by Design, a principle where platforms will build privacy into their products.

Until such time as governments can catch up with the information grab that is currently underway in the digital world, there are ways that you can defend yourself. A very thorough and useful guide can be found at the electronic frontier foundation's website ssd.eff.org. You can also get some tips from Pernille Tranberg and Steffan Heuer's website www.digital-selfdefense.com. If you would like to see their keynote speech on digital self defense go to https://youtu.be/VVibUH9Wm6w