Om farerne ved Facebook og Twitter mv

Cryptoparty handbook, kapitel 2:

Social Networking as we know it with FaceBook, Twitter (and earlier MySpace) are certainly far from ‘free’. Rather, these are businesses that seek to develop upon, and then exploit, a very basic anxiety: the fear of social irrelevance. As social animals we can’t bear the idea of missing out and so many find themselves placing their most intimate expressions onto a businessman’s hard-disk, buried deep in a data center in another country – one they will never be allowed to visit.

Despite this many would argue that the social warmth and personal validation acquired through engagement with Social Networks well out-weighs the potential loss of privacy. Such a statement however is only valid when the full extent of the risks are known.

The risks of Social Networking on a person’s basic right to privacy are defined by:

  • The scope and intimacy of the user’s individual contributions.
    • A user posting frequently and including many personal details constructs a body of information of greater use for targeted marketing.
  • The preparedness of the user to take social risks.
    • A user making social connections uncritically is at greater risk from predators and social engineering attacks.
  • The economic interests and partners of the organisation providing the service.
    • Commissioned studies from clients, data mining, sentiment analysis.
  • Political/legal demands exerted by the State against the organisation in the jurisdiction(s) in which it is resident.
    • Court orders for data on a particular user (whether civilian or foreigner).
    • Surveillance agendas by law enforcement or partners of the organisation.
    • Sentiment analysis: projections of political intent.

Problemet er måske størst ved Facebook, hvor nogle mennesker anbringer dokumentation for overraskende mængder af private forhold. Dette er ikke mindre alvorligt i betragtning af, at netop Facebook gang på gang har demonstreret, at de ikke er til at stole på, hvad diverse privatlivsindstillinger angår. Hvis du har ting og billeder på sådanne sider, som du ville have det dårligt med at alle kan se i morgen, når det private firma, der tjener penge på dig og dine data, har ændret reglerne, er det måske værd at overveje, hvor god en idé det er at have dem der.

Jeg bruger selv sociale medier, så det er ikke for at være hellig – men som med alt i dette liv er det en afvejning. Og du har aldrig kunnet forvente andet, end at i morgen kan enhver privatlivsbeskyttelse på sådanne sider være pist væk, og det kan måske have større konsekvenser, end de fleste lige gør sig klart.

Dette primært for lige at berøre et emne, vi formentlig ikke når at dække (i hvert fald ikke tilfredsstillende) til det kommende Cryptoparty på Hovedbiblioteket i Århus.

Hvorfor overvågning ikke er OK

En kommentator i denne tråd på Boing Boing spørger, hvordan hun skal forklare sin fem-årige datter, hvorfor privatlivets fred er vigtig nok til at kæmpe for, og får dette svar:

It’s not a secret that all of us have genitals, willies and bums and female genitalia.

It’s also not a secret what we use them for, like when we go to the toilet.

However, we don’t like other people to see these parts of ourselves – these are private parts. People have no right to get to see these parts without our permission, by lurking in the girls’ gym at school or similar antics.

Also, it’s not a secret that people have friends, and friends say things to each other. However, the fact that this is not a secret does not mean we like other people to hear what we say to our friends. The things we say to our friends are our things, our private life. The government has no right to get to know what we tell our friends, e.g. by tapping our phone.

And this is the end of the “if you’ve done nothing wrong you’ve got nothing to hide” argument. It’s not that there’s anything wrong with our private parts, but we still don’t want to walk around on the street with no clothes.

It’s also not that there’s anything wrong with the things we say to our friends, but these are our things.

Maybe bad people say bad things to each other on the phone and plan to do bad things to good people, and if the police have a good reason to believe that then yes, in that case a judge may give them a warrant to listen in on these suspected bad people’s conversations.

Bad people may even hide bad things like weapons along with their private parts, and in that case it would also be okay for police to ask to see their private parts – if they have a good reason to believe that, I mean.

They should not be allowed to do this without a reason (reasonable suspicion), because these are people’s private parts – these are *my* private parts.

Og mon ikke det giver god mening også for en fem-årig? Det gør i hvert fald kort proces med sludderet om, at “hvis man ikke har gjort noget galt, har man ikke noget at skjule”. Vi har alle noget at skjule. Det kaldes “et privatliv”.

Læs også:
Databasestaten, af Cory Doctorow
Databasestaten, på Modspil.dk

Mere overvågning

Ligesom vi har den danske overvågningslov i form af logningsbekendtgørelsen og svenskerne netop  har vedtaget FRA-loven, der giver efterretningstjenesten ret til at gemme al datatrafik, der potentielt krydser grænsen til Sverige, har englænderne besluttet, at de også vil være med. Den britiske regering planlægger en  national database over alle emails, telefonpringninger og SMS’er, som politiet skal kunne opdatere og bruge i realtid, dvs. løbende:

A Home Office project team is developing the radical plan for a system that would use new techniques to monitor phone lines and the internet to store details on every individual’s browsing and communications traffic – although not its content – enabling the police to build a profile of an individual and their network of contacts.

The proposal is still at a discussion stage between the Home Office and the telecommunications and internet industries, but the government’s draft legislative programme for this autumn does include a data communications bill which the Home Office acknowledges may include the legal power to set up such a central database and a public authority to administer it.

More than 57bn text messages were sent in Britain last year, suggesting that a central database would have to be massive.

Bemærk, at et sådan løbende opdateret monstrum af en national database går langt videre end den danske overvågningslov, som kræver, at landets telefonselskaber og internetudbydere opretholder logs, som politiet kan få udleveret om nødvendigt. I Storbritannien vil man have én database, som politiet simpelt hen altid har adgang til.

Landets “Information commissioner”, vel en pendant til de danske databeskyttelsesmyndigheder, mener en sådan database vil udgøre en trussel mod den britiske livsstil:

Richard Thomas said there needed to be the “fullest public debate” over the justification for – and implications of – a database which held details of everyone’s telephone and internet communications and was potentially accessible by a wide range of law enforcement agencies.

“Do we really want the police, security services and other organs of the state to have access to more and more aspects of our private lives?”

Og for de flestes vedkommende vil svaret nok være “nej”. Det værste og tåbeligste er, at en sådan lov ikke vil komme til at virke efter hensigten. For det første let kan omgås ved hjælp af et system som Polippix, for det andet vil man indsamle en så monumental mængde af data, at de reelt ikke kan bruges til noget som helst: Terrorbekæmpelse eller blot almindeligt politiarbejde handler  om at finde nålen i høstakken, og det bliver faktisk ikke lettere, fordi man bygger en større høstak.

Den foreslåede overvågning er med andre ord tåbelig, kontraproduktiv og ikke at forglemme en krænkelse af briternes privatliv. Velkommen til overvågningssamfundet!