Online Surveillance: I’ve got nothing to hide?

Why those who continue to shrug at mass data collection are being dangerously lazy and irresponsible.

We’ve all got secrets. We’ve all done things we’re ashamed of. We’ve all done things we’re worried about. We’ve all done things we’re embarrassed of.

Yes, we’ve all got something to hide.

Despite Edward Snowden’s 2013 revelations of a secret US/UK mass electronic surveillance program, it’s almost every other week that I still come across otherwise intelligent minds insisting that the fear of online privacy invasions are futile because they’ve either ‘done nothing wrong’ or have ‘nothing to hide’.

In order to try and bring closure to such globally-repeated arguments, a string of organizations from the Electronic Frontier Foundation (EFF) to dedicated journalists like Glen Greenwald have long made the case for why, in an era where we’re all connected by machines to a single worldwide network, mass government surveillance of our online interactions constitutes a danger to us all.

That is to say that privacy and freedom on the Internet, the world’s predominant medium for everyday communication and information, has become the fundamental premise of individual determination: the right to choose, to think, to ask and to pursue on our own terms—free from recorded, analyzed and interpreted thoughts.

Nothing to Hide?

I have a tendency to counter this somewhat lame excuse, particularly to the non-technical amongst us, with a widely used argument.

So, it doesn’t bother you that the governments of the US and UK, by virtue of their physical control and interception of both the internets fiber optic cables and data warehouses can log, collate, decipher and indefinitely store your entire internet browsing history and habits—what websites you visited, what you posted on social media and chat forums, your search engine queries and even what you watched.

It also doesn’t bother you that they can, or already have, stored the entire content of every single call, picture message and text you’ve ever made in addition to the metadata—who you called, how you called them, when you called them, the location you called them from and how long you called them for.

After all, you ‘think’ that only if you’ve done something wrong or you’ve got something to hide you should be worried, right?

Oh, in that case please kindly do something for me.

I want you to voluntarily send me all of your passwords, a copy of all your text messages, work and personal e-mails, your browsing history together with your bank and medical records just so that I can have an ‘innocent’ gander through them.

I’m not telepathic, but I’ve so far correctly guessed every single response: No. That’s none of my business, right?

Exactly!

So why do you continue to naively collaborate with the government’s personal data collection endeavor’s, preponderantly through third party Internet applications that build profiles of you as a business model, by giving them a virtual carte blanche to collect, analyze and store this information without your permission?

Now think again.

Is it really of no bother to you that every single button you’ve ever pressed, every explicit or flirtatious text and e-mail you’ve ever sent, every Skype session you’ve had over the years with your now spouse, ex-lover or once partner—can, or already has been, intercepted and indefinitely stored in giant data banks?

Is it really of no bother to you that these giant data banks can, or have already retained, the most personal-of-personal exchanges you might have had with your cancer-stricken mother? Those explosive rants you had with your now-divorced wife?

Is it really of no bother to you that the information stored in these giant data banks can potentially allow for determined hackers to blackmail you with the threat of exposure in your ever-increasing online world?

What exposure?

Perhaps those e-mails you’ve been exchanging with the local HIV or abortion clinic, the secret account you have on a gay or lesbian website, that extra-marital affair you had in the office or maybe revealing to your peers those embarrassing health and sexual questions you supposedly posted anonymously on Yahoo’s chat forums?

Is it really of no bother to you that with possession of your lifelong Internet and electronic data, government security agents can behave like arbiters that determine who you are, where you will likely go, what you’ve thought about and even try to predict what you will think at any given point in time?

The point being echoed is that online privacy is not about hiding illegal activities and content; it’s about having the right to determine who controls information about us.

It’s about being able to confidently discuss matters of personal or familial privacy with our social workers and doctors. It’s about ensuring the electronic equivalent of ‘pillow talk’ always remains private. It’s about ensuring that those who physically control the realm of our ideas and practices—can never utilize it as a tool to enslave us.

Countering the Dragnet

To the average citizen, the thought of resisting an Internet-surveilling government whose reach, resources and time appears to have no bounds is a colossal one.

It isn’t helped by knowing the everyday companies and applications they use and share information with, not only collect this information for the purposes of targeted advertisements, but by implication allow the government to be privy to it through their interception of the requests in one way or the other.

After all, do you really know what you were thinking 3 years and 6 days ago? It would be a good guess to say you probably don’t. But Google, Facebook and Skype know—and by default so does the government.

Sure, there’s only a slight possibility that somebody was ‘actually’ reading your text messages or watching your naked webcam sessions in real-time, not least because there aren’t enough people to do so.

But that’s beside the point. They are being read and watched en masse not by humans, but by powerful machines.

These machines are programmed to watch activities, spot trends, pick up key words, interpret and then suggest to their agent controllers why particular people, or groups of people, warrant a need for further investigation.

But don’t drive yourself into paranoia.

All that’s needed to stave off a world where the constant threat of a sword laced with your most intimate and private exchanges publically hangs over your head, is a few steps in the direction of mass online anonymity and encrypted communication.

The idea is to make it extremely difficult and expensive for the government to dedicate its resources to zero in on anyone and everyone—all at once.

Although there are litanies of brilliantly authored articles and technical-help videos that educate privacy-enthusiasts on this very matter, there are a few simple avenues people can take and all of which are lawful and within the majority of everyday Internet-using peoples grasp.

As far as communications via your mobile phone is concerned and something Edward Snowden himself has promoted, the work of Open Whisper Systems and their Signal Protocol that is used in their own Signal Messenger available in both the App store and Google Play and now WhatsApp; is clearly the privacy-minded app of choice.

It is free, uses end-to-end encryption and the code is open-source meaning that experts can inspect it in order to look for flaws etcetera.

As for the everyday PC user, making use of the Tor Projects browser bundle has repeatedly proved to offer users the best possible protection—although with limitations.

Whether you are an investigative journalist, political activist, or simply a privacy-conscious individual, Tor’s brilliance lies in its ability to protect the bulk collection of your online browsing habits through making you anonymous.

This is a particularly important tool to counter online traffic analysis: the process of intercepting the source and destination of your messages in order to deduce information from the patterns in your communications.

Additionally, Tor also allows users to communicate with anonymous e-mail addresses and participate in chat forums—all without revealing your IP address and thereby compromising your true identity.

Inevitably, that there is a need for online privacy in the age of the Internet is a forgone conclusion.

After all, there is a reason why even those with the ‘I’ve nothing to hide’ mentality—be they IT account managers, chartered accountants or Police Officers—have lock-screen pins or patterns on their new smartphone.

There is a reason they have passwords or passphrases on their e-mail and social media accounts, take precautions to hide the pin code of their credit card and apartment intercoms in addition to refraining from allowing last nights drunken song-and-dance to be uploaded on YouTube.

Yet even in a world where no encryption software is completely secure, and where encryption designed to protect the law-abiding also inadvertently protects the law-breaking, surrendering your online privacy and secrets to government security agencies on the premise it’s for societal safety and the upholding of the law, is a shortsighted one.

In the words of Moxie Marlinspike, one of the most renowned computer security experts in the world, “they’re (security agencies) not capable of managing those secrets, they’re getting hacked everyday … it’s not realistic to think that if they have like the key to the kingdom, they’re gonna somehow be able to simultaneously use it and keep it safe from … China or random hackers”.