Technocreep
Page 23
While a Safeway representative shrugged off the impact of this “odd sort of prank” in a media interview, if enough people did things like this, it might actually have an impact on their big data analytics.365
There are definitely times when having “another you” can be an important tool to protect your privacy:
Make up a “straw man” for medical tests.
New testing techniques are revolutionizing medicine, and also raising major privacy issues. Your test results may reveal current diseases, genetic predilections to future diseases, and even facts about your close relatives. Of course, if you are in the hospital and they send your blood down to the lab, you don’t have much choice about how it’s identified. But increasingly, tests are coming out that are optional and driven by the consumer’s choice and even curiosity, not medical necessity.
One U.S. company offers (subject to restrictions in a few states) a “Comprehensive Wellness Profile” of over 50 tests that they claim provides “a thorough Biochemical assessment of your health, and includes the basic cardiovascular tests as well as diabetes testing.”366 There’s also a whole menu of à la carte tests that give a whole new meaning to “playing doctor.” Think you’ve been exposed to zinc? They’ve got a test for that, priced at $37. By default, the results are only available to you, in online form. If you want them sent to a health care provider, you have to specifically request that service.
Direct-to-consumer genetic testing is booming and, even with some bumps in the road, is certainly around to stay. The laws about how companies and governments can use your medical results are still being written and debated, and, as we saw earlier in Technocreep, they vary widely around the world. But one thing is certain: they cannot discriminate against you if they don’t know who you are. So, when submitting voluntary medical samples or other data, you may want to consider becoming someone else. Such as your pet dog, cat, or chinchilla.
But is it legal to use a false identity?367.
The laws about this vary depending on where you live. In general, it is illegal to impersonate a real person but not to create a fictitious identity for yourself. A further caveat is that you may run afoul of the law if you use your false persona to defraud someone or if your false identity is that of a public official such as a police officer.
The New York Penal Law, for example, makes it a crime to impersonate someone else and then do “an act in such assumed character with intent to obtain a benefit or to injure or defraud another.”368 So, regarding those fake name medical tests, unless you are submitting the bills to an insurance company, or lying on a job application, it’s hard to imagine that you are gaining any benefit other than protecting your privacy.
Yes my name is I.P. Freely and this is my prepaid credit card.
Prepaid credit cards were introduced to serve the “unbanked” as well as provide “financial training wheels” for children and teens too young for the real thing. They also play a function as gifts when you can’t think of anything better, and are even doled out as incentives for attending boring online webinars. You can buy them in grocery stores, drug stores, even gas stations.
The best thing about prepaid credit cards is that they are not linked to your real identity. You can pretty well be anyone you want to be, living anywhere. One particularly popular use is for Canadians to impersonate Americans to buy things, e.g. in the U.S. iTunes store, which is restricted to U.S. residents by IP-address geo-fencing and other measures. The founder of the website howtogetitincanada.com explains this and other hacks, and notes that “all of our guides were written using Canada only as an example. The same steps should work from anywhere outside of the USA.”369
The list of things that people would prefer not to have on their personal or business credit card bills is as long as the human imagination. Porn sites. Skimpy lingerie for a mistress. Locksmith equipment. Industrial chemicals. Even if none of those appeals to you, perhaps you enjoy the occasional trip to a fast food outlet. I have heard of one executive who pays for his Quarter Pounders and fries in cash. The day may come, he reasons, when people will lump eating fast food, or even consuming meat, in with smoking or heavy drinking—still legal but socially undesirable. He is savvy enough to know that his digital trail might someday betray him.
Have an email for every purpose.
Nothing is worse than missing an important work-related email because it was buried in a bunch of marketing spam. If you have this problem, you probably don’t have enough email addresses. While most email services provide ways to tag or categorize emails, having multiple accounts is an even better way to ensure separation.
That way you will not get cross-over between emails going to your child’s PTA and your R-rated family photos. Don’t laugh; a school official was suspended because a link in his wife’s email signature file contained a link to a private (but not private enough) family photo album with tasteful, non-frontal nudity.
It is worth noting that when you create accounts, for example at Gmail or Outlook.com, information about your IP address and other data is recorded by the email provider. The same thing happens when you sign up for services such as investment discussion bulletin boards. I have been an expert witness in a court case where one such company was able to produce detailed logs of which IP address posted which comment, and exactly when it was posted.
This should not be a problem unless you do something to attract the attention of law enforcement or somehow get swept up in a government surveillance program. Since the purpose of this guide is to help protect your privacy, not to assist with illegal or nefarious activities, with any luck you will never be in this position. However, by simply doing a Google search on “anonymous email” you can find many providers that will give you a disposable email address if you do ever need one of those.
Could I make my doppelgänger’s online profile more credible?.
Assuming that you wanted to do this, there are plenty of ways to build credibility for the fake person you’re creating. You could very likely turn that prepaid credit card you’ve created for I.P. Freely or Seymour Butts into a legitimate-looking Zoominfo profile. Facebook probably wouldn’t object either—after all you’re not trying to create a profile for a cat or a fetus.
But why stop there? Your fake friend could become famous. A Los Angeles-based hoaxer named Ken Tarr claims to have talked his way onto eight different reality shows in five different cities. In a delightful Village Voice article about him, he explains that he calls producers with semi-believable stories and, if they reject him, he simply calls back with another crazy yarn. He advertises on Craigslist for confederates to join him on the show, and they split any winnings.
So, as writer Graham Rayman explained, “for Judge Joe Brown, he pretended to be a drunken Gypsy clown who trashed a bathroom at a kid’s birthday party … for Unfaithful, a show produced by Oprah Winfrey’s network, he was an international security expert who was cheating on his girlfriend—who was also cheating on him.”370
You mean people lie on the Internet?.
Online disinformation is rampant, with holy wars being played out daily on Wikipedia and other sites. One person puts in a “fact,” which is then challenged and debated. Sometimes passionate users create “sockpuppets” (fake user accounts) to advance their cause. Wikipedia has created a formal dispute resolution process and has even had to lock down some of the more controversial topics to stop continuous online combat.
A professor at George Mason University in Virginia required his students to create a credible Internet hoax as a class assignment. T. Kelly Mills teaches a course called “Lying About the Past,” and his students have, at least temporarily, convinced the world that a woman opened a steamer trunk and found clues that her long-dead “Uncle” Joe was a serial killer. In other hoaxes, they faked up a beer recipe from 1812, complete with a webpage, beerof1812.com, and invented the tale of a pirate who roamed Chesapeake Bay in the 1870s. Mills has taught this course since 2008, and, as was observed in an At
lantic article, the Internet community is getting better at detecting online hoaxes.371 The one that his students tried in 2012, about the serial killer, was debunked on reddit within twenty-six minutes.372
Mince Your Metadata.
The revelations of Edward Snowden brought the word “metadata” into the public’s vocabulary. Until then, it was mainly a term for librarians to discuss at their conferences. Now we all know that when you make a phone call, the numbers involved and length of the call are captured, and that’s a whole different issue from eavesdropping on the actual conversation. Many court cases have hinged on metadata, such as exactly when certain files were created, changed, or deleted.
In a similar fashion, your computer, smartphone, perhaps even your TV or cable box is tracking your activities. On February 1, 2004, when Janet Jackson’s costume malfunctioned during the Super Bowl halftime show, digital video recorder maker TiVo was able to report that it was the most searched and replayed TV moment in history. This announcement revealed that the company is tracking viewing habits at a detailed level, and, indeed, we now know that it sells that information to advertisers.373
Here are some ways to make your metadata go away, or better yet, avoid generating it in the first place:
Set your camera, smartphone, and other devices to “location off” mode.
Yes, it is handy to be able to find your way to the mall, or the Apple store in the mall, using smartphones navigation. In fact, people who have tried Google Glass say the navigation feature is its greatest asset though you might get a ticket for using it while driving.374 One cheeky friend tweeted a photo of the stop sign as you leave the Google campus from his rental car, moments after receiving his “Google Glass Explorer’s” version of the product.
For occasions where you actually want GPS functionality, it’s no big deal to enable it temporarily. This is a true example of having to make a trade-off, because GPS (and other location capabilities such as the nearest Wi-Fi tower) provides one of the fastest-growing ways to track you with your own devices.
If you have captured location data on a photo, remove it as soon as possible.
There is really no need to be reminded that you took that photo in front of the Taj Mahal or the Grand Canyon, and, frankly, for selfies and twoshots in bars, you’re probably best off forgetting the precise details. Find a piece of software that will “delete EXIF data.” It’s true that major services like Flickr and Facebook strip off this data before posting, but do you want them to have your exact location? People have been embarrassed, and worse, by emailing photos with GPS data intact.
Curious if a photo still has location data on it? If you don’t mind uploading it to a website, www.exifdata.com will show you if there are GPS coordinates on an image, as well of a plethora of other information about the camera that took it.
Alter your phone usage habits.
Throughout Technocreep, I try to debunk the idea that if you have nothing to hide, you have nothing to worry about. Most people hold that belief at their peril. As just one example, the revelation that the National Security Agency captures almost 200 million SMS messages per day should give phone texters pause to consider.375 Who has not, in a moment of anger, or cheekiness, sent a text that might send the wrong message? Something along the lines of “I’m going to kill you” or “I hope her plane crashes” or even some hilariously inappropriate message that was invented by the phone’s attempt to correct your typing.
A fun website, www.damnyouautocorrect.com, contains priceless examples of autocorrection goofs like “Spent all day fisting with my dad,” which was supposed to be “Spent all day fishing with my dad.” Of course this might have happened because the phone’s custom dictionary contained the word “fisting” and did not contain “fishing,” but let’s not go there.
Let’s face it, if major government spy agencies want to track your phone calls, web surfing, or emails they will find a way to do it, perhaps with the help of an entity in another country to get around the “don’t spy on our own citizens” rules. However, you can make yourself somewhat less visible and harder to track through the use of “burner cell phones,” which are not tied directly to you (buy them with cash) and using soft phone services like Skype or a VOIP provider. Without wanting to endorse any of those, one does claim enhanced security if you use their service along with the Cisco secure VPN Router–007VoIP Special Edition. “Your browsing, Email correspondence and VoIP Telephony will not only never (be) intercepted any more,” they say, “Even your internet provider (ISP) will not know what data you are transferring.”376
That’s probably overstating the case because of “deep packet inspection tools” and other sophisticated technologies. But there’s no doubt that sometimes this kind “security through obscurity” can work in your favor. And sometimes not. There are rumors that spy agencies and law enforcement lavish special attention on those using techniques like TOR (The Onion Router) because they may have something to hide. Security guru Bruce Schneier explains how they do this on his blog.377
Clear the history from GPS devices.
Earlier in Technocreep, we saw an example of a car renter who incurred significant extra charges because the car’s GPS tattled on him. That unit was hidden and he couldn’t do anything about it. But you can control the GPS that you use, both in rental cars and ones that you own. If there’s any reason you might not want to be pegged at a certain place, it’s a simple matter to “erase all.”
Turn each new technology back on itself.
As technology moves forward, the opportunities to turn it back on itself will also increase. For example, as discussed earlier in Technocreep, advertisers are now looking for ways to figure out where you are, either from your location on your smartphones or even from background noise like a stadium announcer.
Two can play at that game. smartphones apps like Lexa’s Fake GPS Location allow you to “teleport to any place in the world with two clicks!” It’s handy if you want to check in on a location-based service like Foursquare from a place far from your actual location. As for the background sound, Spoofcard (mentioned earlier) has recently added a feature for its subscribers that allows them to make their call “sound like it’s coming from a nightclub, or near traffic.”
Use a virtual private network.
One of the biggest pieces of incidental data transmitted when you use the Internet is your IP address, which can provide a good idea of your location. For a few dollars a month (or even for free if you’re willing to put up with their advertising), a number of companies will rent you IP addresses in other countries and route your traffic through them. This service, called a Virtual Private Network (VPN), also allows you to access services that are only available in certain parts of the world. Of course, with the proper legal documentation, VPN companies may be forced to cough up information on you such as your credit card number, so you probably don’t want to give them anything genuine other than our friend I.P. Freely’s prepaid credit card.
Set Your Own Info-Traps.
While the technology deck may seem to be stacked against the average person, there are powerful ways to fight back against the encroachment of technology into our lives.
Vary your name.
A simple place to start is how you tell companies your name. Savvy magazine subscribers have long used varying forms of their name or address to keep track of how their information is being sold to advertisers and other companies. It is true that postal standards are starting to restrict address creativity, but there are still 26 possibilities for your middle initial. And who says you’re limited to just one initial?
The same principle can be transferred to the online world. Besides name variants, you can have fun with your salutation. Aeroplan.ca, the frequent flyer program associated with Air Canada, offers a fascinating array of titles to choose from when you sign up. Beyond the boring Mr./Mrs./Ms./Master, you can be Captain, Senator, Rabbi, Professor, Judge, and the ever-popular Père. Do try to avoid Doctor. I was on
ce called to help a sick passenger in-flight and had to explain that I wasn’t that kind of a doctor.
Set traps in your email accounts.
Many email providers, including Google’s Gmail and Microsoft’s Outlook.com, support the “plus convention.” Anything you put after the plus sign in the name portion of your email address is ignored by the mailer, but carried along so you can track it. This will allow you to monitor the proliferation of spam, and figure out who the guilty parties are.
Have your own surveillance cameras.
Dash cameras have become widespread in many countries, and have become a “must have” on Russia’s wild and woolly road system. They serve as a countermeasure against organized crime gangs that stage car accidents then try to extort money from innocent drivers on the spot.
Even in North America, people are grabbing footage of car crashes and other events and giving or selling it to media outlets. Police cars routinely have dash cameras. You should just assume that you’re being photographed whenever you drive (or ride the bus, tram, subway, etc.) and behave accordingly.
Record your life (just in case).
Why not just record everything from a camera on your body? Cameras that do “lifelogging” have been around for years, but the problem is who really wants to relive their life moment by moment? Makers of the Narrative Clip are betting that people will want to “tell their life stories in photos” as their inexpensive and unobtrusive camera grabs a photo every 30 seconds.378 It also stores up to four thousand pictures and they can be transferred to a computer. Unless you are a rock star, a spy, or a politician, you are likely to find that most of those images don’t need to be transferred because you’ll never want to look at them again.
Of course, if your body camera is stolen, or smashed by police in a riot, you’ll lose what may be the most important pictures of the day. Cameras and smartphones apps are now springing up that will upload your photos or videos continuously to a server, so your vicious beating video might live on after you. Just remember to leave the password in your will as part of your “digital legacy.”