WASHINGTON -- What can people do to protect their privacy from massive data-mining efforts by U.S. and other intelligence services? The answer is not much, short of going off the grid completely.
Reports in The Washington Post and the Guardian newspapers this week allege that the government has been secretly accessing the phone records of tens of millions of Verizon customers, as well as online videos, emails, photos and other data collected by nine Internet service providers.
Privacy advocates say most consumers long ago swapped privacy for convenience, but few realize the degree to which their digital activities are being tracked.
“We’ve crossed a digital Rubicon here; there’s no going back,” Chester said. “Big data is ruling our lives, and the big question is whether there will be any kind of limits here, protecting our consumer information and our democratic right to privacy.”
Privacy policies for Google, Yahoo! and other Internet service providers explicitly state that the companies collect users’ data, such as names, email addresses, telephone numbers, credit cards, IP addresses, search queries, purchases, time and date of calls, duration of calls and physical locations.
The policies say that companies may use that information to send you targeted advertising or, if necessary, to comply with requests from government authorities.
Apple, Yahoo!, Microsoft, Google and Facebook denied Friday that they give the government direct access to their servers, saying that the companies provide user data only in accordance with the law.
“Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process,” Google’s statement said. “Press reports that suggest that Google is providing open-ended access to our users’ data are false, period.”
People who are disinclined to believe such reassurances – or who just want to keep anyone from reading or listening to their personal communications – can install specialized “end-to-end” encryption software, which must be used by both parties involved in a conversation. It prevents intermediaries like email or instant messaging providers from reading or understanding those conversations, or giving others access to them.
“Privacy advocates have recommended this for a long time, but it’s seen fairly little adoption as a fraction of online communications because it requires a bit more conscious effort by users,” said Seth Schoen, senior staff technologist for the Electronic Frontier Foundation, a San Francisco-based nonprofit.
“Unfortunately, end-to-end encryption is not a default feature of most communications software, though I believe it should be,” Schoen said. “Software developers have often suggested that they don’t implement it because they believe users mostly prefer convenience to security.”