Keep Your Virtual Life Away from Prying Governments

What geeks, privacy activists and conspiracy theorists knew for years became apparent to the rest of the internet-opiated masses a few weeks ago: Practically nothing we do online is really ‘secure’. Thanks to the steady stream of documents leaked by 29-year-old National Security Agency (NSA) contract employee Edward Snowden to The Guardian and The Washington Post newspapers, the world now knows that the governments of the USA and four of its ally countries (the UK, New Zealand, Australia and Canada, collectively nicknamed ‘Five Eyes’) have almost unfettered visibility into the user data of mega technology companies like Google, Facebook, Microsoft, Yahoo and Apple.

The US has slapped multiple charges on Snowden under its Espionage Act. Newspapers, security experts and internet users are furiously debating whether he is a whistleblower, hero, spy or traitor, playing into the hands of governments who would rather their citizens don’t ask too many questions about why they are being spied upon.

Ironically, India, considered to be somewhat of an ally to the US, was among the top five countries on which the NSA had accumulated most data. Around the same time it became known that our own government was kicking off a mass surveillance project of its own called ‘Central Monitoring System’, which would eavesdrop and record our telephone calls, emails and usage of social networking services.

So, being an Indian online is quite the pits. Our data is being spied on by both Western governments as well as our own. This is a great time to start getting rational about technology.

The rise of ‘free’ web services during the past decade, from email to data storage to social networking, has allowed tens of millions of Indians to connect with people around the world using just their PCs or smartphones and an internet connection. But what we hadn’t realised—or perhaps we ignored it—is the much-repeated cliché: If you’re not paying for the product, you are the product.

From Google’s search engine to Yahoo’s email to Facebook’s social network to Microsoft’s Skype, they’re collecting a constant and growing stream of information about your work, life, interests and usage patterns. This data is stored in foreign countries on massive server farms, very well guarded physically, but subject to highly evolved algorithms that detect patterns from your profile and behaviour that can then be used to (in most cases) better target advertising on you.

Overreaching governments—and nasty hackers—too realise the mother lode that sits within these servers. So, instead of targeting individual users, they find it much more worthwhile to access the servers of big web companies.

There’s not much you can do about that, really. Because that’s one of the hidden costs of ‘free’.

If you don’t want to be spied upon, the only way out is to start taking more active control of your online technology usage, perhaps even—the horror!—by starting to pay for them.

Paying for services will ensure that you start paying attention to what you really need, like privacy and security, rather than needless perks like ‘unlimited storage’ (do you really need to store every single email you send and receive?) or ‘unlimited sharing’ (do you really think your photos will remain private to your real-life friends and family?).

Here are five steps to begin with:
■  Deactivate your Facebook
account. A few weeks ago it turned out that Facebook’s former head of security had joined the NSA. I’m not surprised. Facebook is the most comprehensive surveillance tool: It captures our connections, our communications, our interests and
we even train it to automatically recognise our photos (by ‘tagging’ them). Shift to other relatively less omniscient social networks like Identi.ca, Diaspora or Friendica. Even Twitter, with its open-by-default nature, would be a better choice.

■  Reduce your dependence on Google. One of the reasons Google spends tens of millions of dollars on a product, Gmail, that earns it very little money is because it keeps people logged in while searching on Google. This allows Google to correlate your search patterns to its dozens of other services and build a staggeringly elaborate profile of you. Consider DuckDuckGo and Startpage, search rivals to Google that don’t store your past queries. Use Firefox browser instead of, or in addition to, Chrome.

■ Dump your ‘free’ email accounts. Sign up for a paid service that will cost you the equivalent of one or
two coffees a month. It won’t have
an incentive to scan your emails to serve you ads, and you’ll teach yourself that deleting nine out of 10 emails is better than archiving them. The Indian-born Zoho is a great alternative too.

■ Get your own website. Instead of blogging on platforms owned by multi-billion-dollar corporations who use your—ahem—talent to drive traffic and ads to their sites, get your own domain and host your own site. Think about it as the difference between decorating the service apartment you’re staying in, versus your own house.

■ Be sceptical of the UID. Disregard all the hype around the Unique Identity number project unless you come across better explanations on how secure your data is or what privacy protections will be afforded to it. The UIDAI insists it has the legal right to profit from data that we submit to it. Large citizen ID projects have been found unsecure, intrusive and only marginally useful in most countries around the world. There’s no reason to believe India will be any different. And when the government insists you cannot get subsidised cooking gas cylinders without a UID, start paying market prices for it.
You can afford to. Of course, you may finally be forced to get a UID, by making it part of the tax filing process, but till that happens stay out of it.

Once you’re done with these, head over to www.encrypteverything.ca and ssd.eff.org to learn about more precautions you can take online, including virtual private networks, encryption and security.