Technocreep
Page 24
The rise of “wearables” such as fitness wristbands, and even more advanced devices like glucose monitoring sensors in contact lenses, will make lifelogging the norm for most people.379
Make your computer or smartphones your personal spy.
“Phone home” anti-theft software can be remotely activated to track a lost or stolen device, make it take pictures at regular intervals, even howl an alarm. Some products to do this include LoJack, Find My Phone, Find My iPhone, and Prey (www.preyproject.com). Prey is open source and free for up to three devices. You might even pinpoint the precise Starbucks where your thief is slurping his latte while using your laptop. That program can also lock up your device tight as drum, and make it display a “This is a stolen computer” message.
One clever user in Brazil, who could not find any company that would insure her electric bicycle, placed an inexpensive Android phone inside its tailbox, and used Prey to create her own anti-theft system.380
Track your stolen computer through its attempt to access Gmail or Dropbox.
If you have neglected to install anti-theft software you still might luck out when your stolen device connects to the Internet. Through services such as Gmail or Dropbox you may be able to see the latest IP address of the AWOL device and do some sleuthing. This could require help from law enforcement, but there have been success stories.
Another trick that has worked is to have your phone automatically upload photos you take, say to Facebook. Yes, this is a potential privacy risk for you, but it’s an even bigger one for people who steal your phone and use it to take “selfies.” In a delightful U.K. case, police are looking for a “brainless thief” who not only used a stolen phone to upload self photos but also ‘disclosed, via instant messaging, that he lives in south London.”381 News reports on this story carried a picture of the suspect, proving that guys who steal a phone from a twelve-year-old kid at a tube station have no reasonable expectation of privacy.
My favorite device recovery story is the tale of New York jazz trombonist Nadav Nirenberg, who left his iPhone in a livery cab. The new “owner” of the phone was using it to send messages to women using a dating app. Nirenberg sent him a message offering a date, and including a picture of a pretty girl. “When the culprit arrived at Nirenberg’s Brooklyn apartment building with wine,” reported the Associated Press, “the musician greeted him with a $20 U.S. bill while holding a hammer—just in case.”382
Protest Loudly but Carefully.
What can you do when you catch a company selling your name without your permission, targeting you unfairly with ads, or treating you in some other creepy, shoddy fashion? First, you need to make sure you did not actually agree to whatever behavior is offending your sense of personal privacy. As shown in the terrific movie Terms and Conditions May Apply, in most cases you will find that you somehow consented to this use of your information, and that’s the end of it. If you are sure you’ve been wronged, there are many options available:
Send a polite but firm email, probably to a bot-monitored mailbox.
You could start your complaint process by sending an email to the company’s “customer service” (or whatever) department. If, as is often the case, you can’t find that on their webpage, you could try sending the mail to abuse (at) whatever web domain is associated with the malefactor. Be warned that companies have often set up unmonitored mailboxes and auto responders and there’s no guarantee you will actually reach a real person.
If they are using a free email service like Gmail or Outlook.com, and you provide enough evidence of nastiness, the provider might even yank their account, though of course real bad guys will simply move on to another one.
Escalate to emailing an executive.
Depending on how annoyed you are, you could find the contact information for executives at the company, and gripe to them. It may be a little early to call your lawyers, though, as the legal framework around business-to-business information selling is still evolving. The sticky part is proving that you have actually suffered harm from a company selling your information. In a 2013 decision in Delaware, U.S. District Judge Sue Robinson dismissed a class action lawsuit against Google even though they had sneakily bypassed cookie blocking software by exploiting a loophole in the Safari web browser.383 The plaintiffs could not prove that they had suffered actual harm from the tracking cookies. Google did not get off scot-free, however. The company paid $17 million in civil penalties to 30 U.S. states, and promised not to be so evil in the future.
Complain to government agencies and consumer watchdog groups such as The American Civil Liberties Union and the Electronic Frontier Foundation.
As discussed earlier in Technocreep, a string of U.S. Federal Trade Commission rulings, decisions by Privacy Commissioners in Canada, and similar actions in other countries show that valid complaints can be pursued through this channel. The caveat is that it may take a long time, there may be costs in some cases, and there are no guarantees of success because the laws around privacy-related issues are still being written and interpreted.
Go to the media, or make your own media.
Most TV stations, and even some other media outlets, have a reporter assigned full or part time to the “consumer beat.” They love David and Goliath stories of wronged consumers fighting back against bad treatment from impersonal corporations. Often, just having the reporter call a company is enough to sort things out.
Or you can take a more direct approach. Musician Dave Carroll put his 2009 luggage handling complaint against United Airlines to music as “United Breaks Guitars.” The video has garnered over thirteen million views on YouTube.384 He even turned it into a book, United Breaks Guitars: The Power of One Voice in the Age of Social Media. If you lack Carroll’s musical talent, or the $150 he says the video cost to produce, you can just try holding up your story on cards in front of you while wearing a woeful look. That approach seemed pretty effective for the Occupy Wall Street protestors.
Watch your back when you protest.
The fact that companies are taking online consumer protests seriously is, by and large, a good thing. United Airlines, for example, reportedly uses Dave Carroll’s video in its employee training. But sometimes you can hit so close to the nerve that a company bites back, which in America tends to mean “goes after your money.”
In 2009, a woman from Utah bought some merchandise from a company in Michigan. She was unhappy with the company and wrote a critical review on RipoffReport.com. Because of the way the company subsequently acted, that’s probably enough details, though there are ample news reports about the case.385
The amazing thing is that the customer was then caught in a bizarre situation where the merchant was threatening her with a $3,500 “fine” for violating an obscure non-defamation term on its website. The money would be due, and potentially damage the customer’s credit rating if not paid, unless the offending review was removed within 72 hours.
However, RipoffReport.com says they “never remove reports.” The only option they offer is their “VIP Arbitration Service” in which the complaint is reviewed by a private arbitrator, who might even be a retired judge. The catch? There’s a $2,000 “filing fee” for this service.
This case turned into wonderful demonstration of what has been called the “Streisand Effect,” the result of that singer’s 2003 attempt to suppress photos of her Malibu home, which generated even more publicity around them. The company that threatened to fine its customer is now the subject of negative reviews posted all over the Internet. News stories have been done on the plight of this harassed consumer. There are even outraged reports on RipoffReport.com from people who have never done business with the offending firm, hence never accepted their bizarre “terms of service,” and who therefore cannot be “fined.” All promise that they would never buy a thing from the company.
Future-proof yourself, your technology, and your knowledge.
If the remarkable revelations of Edward Snowden and the astonishing privat
e sector forays into creepy technology discussed in this book teach us anything, it’s that Technocreepiness will continue to change and expand on a daily basis. As I said at the start of the book, most technology is not what it seems. It is more than that, with wheels turning within wheels and systems interlocking in ways that most people don’t even know exist.
This is both blessing and curse. We will never “fix” our security problems or “deal with” creepy technology. Even if we move to a cabin in Patagonia, there will be drones and satellites overhead. The best we can hope for is to have the right knowledge and mindset to understand the latest antics of the NSA, the GCHQ, and that big shopping mall down the street.
Since you probably have something else that’s your full-time job, here are some ways to keep informed about technocreepiness, and benefit from the knowledge of others:
Use a search engine to stay up to date.
Yes, the major search engines do capture your information, sell it to advertisers, and even try to track you. Still, nothing beats a quick online search to figure out, for example, if you should download one of the programs mentioned in this book, in an article, or elsewhere. Thanks to search engine ranking, the first few hits (though not always the first one—there have been cases of search engine spoofing) will usually give you a good idea of whether something has a good or bad reputation.
Check for scams.
A simple but powerful trick is to put the word “scam” or “ripoff” into a search engine along with whatever you’re interested in. As an illustration, a search on a major travel site, coupled with the word “scam,” produced the warning that if you buy an airline ticket from a certain travel bidding site, “I can assure you that you will be the last one the airline rebooks. That’s the price you can pay for buying a deeply discounted ticket.”386 It makes sense that an airline will take care of its best-paying customers first, but that information probably isn’t displayed on any official policy page.
Anticipate the next “DNA fingerprinting” type of breakthrough and prepare for it.
A few decades ago, criminals were oblivious to leaving their DNA at crime scenes because there was no feasible way of identifying them. Even semen samples left by rapists were only identifiable to the blood group (A, B, AB, O) level. All that changed in the 1980s, when a technological advance (DNA sequencing) combined with legal changes to bring about the world we know today through television shows like CSI: Crime Scene Investigation. It behooves us to think now about what the next revolutionary technologies will be, and to understand that they won’t just be used to hunt down criminals. We may all be targets.
If I had to put money on one thing that will be haunting people in even creepier ways in the very near future, it’s their voluntarily shared photographs and videos. Teenagers who are posting X-rated shots of themselves today will be looking for jobs in a few years, and those images will be eminently findable. Facial recognition technology is moving so fast that the Minority Report scenario of being identified on the street the street, even in a crowd, will become reality. There is zero doubt in my mind that many computers, both governmental and private, are sucking up every digital image we share, just waiting for the day when it can be indexed and cross-referenced the way the LAPD did with tattoos back in 1959.
Conspire with Like-Minded Folks and Participate in the Societal Dialogue.
It may seem odd to conclude with a call to conspiracy. However, I hope you now appreciate that you are already the target of many technology-fueled conspiracies, so it seems only right that you should have the tools to fight back.
Hang with some hackers.
My own introduction to the techno-conspiratorial mindset came decades ago, as I attended some of the New York City meetings of a group called 2600. This club took its name from the not-so-secret “operator mode” frequency (2600 Hz) that could unlock some of the wonders of the phone system. Their meetings were held at a midtown Manhattan office tower that had a large bank of public phones. Periodically during these informal gatherings, small groups would wander over to those pay phones to try out some trick they had just learned. I was pleased to see that NYC2600 is still meeting in roughly the same neighborhood, and has even managed to strike an ironic truce with Citigroup Center’s building security folks, who seem to let them convene in peace in the building’s food court to discuss ways to exploit flaws in security.387
Face-to-face hacker meetings may seem quaint in an age when ideas can be passed around the world in a heartbeat through the Internet. Still, they provide that extra creative spark. I highly recommend the DEF CON and Black Hat conferences as places to really understand those “wheels within wheels” that make technology so fascinating. I have had the privilege to speak at both events and enjoy them immensely.388 389 I always learn something. A lot in fact.
As a guide to groups that are doing deep thinking about technology issues, at least in North America, you could certainly start with the ones who show up at the DEF CON conference each year.390
One of the best things at DEF CON 2012 was that the exhibit floor organizers managed to intersperse the recruiting tables of government agencies (the NSA, CIA, FBI) in between privacy watchdog groups like the Electronic Frontier Foundation and the American Civil Liberties Union. Just sitting next to somebody different for four days undoubtedly did everyone a lot of good all around. Sadly, the government agencies were told they were not welcome (at least in their official suits) at the DEF CON 2013 conference, so this opportunity for human-to-human interaction was lost.
Trade consumer information and reviews.
Consumer conspiring is not limited to high tech issues, though the tools to accomplish it are often high tech. Coupon sharing sites and “where to find the best price for gasoline” webpages have popped up. Online travel bidding sites like Priceline have their own secret pricing formulas, so sites like biddingfortravel.com have arisen. On that one, you can find out things you are not really supposed to know, like which hotels in a city fall into which star categories. Customers also share winning and losing bid information, strategies, and even the secrets of the “free re-bids.” It levels the playing field between consumer and company, though of course it creates a new divide between customers who have the insider information and those who don’t.
While they can be the victim of bogus entries, there are now excellent review sites for travel, electronic products, cars, and almost anything almost anything you might want to investigate. Some even push the envelope a bit, such as when Flyertalk.com notifies its members about those ultra-cheap “mistake airfares” that airlines occasionally post and sometimes even honor for public relations reasons.
These techniques might not help you hide your identity or protect your personal information. But they are indicative of a mindset that says the consumer has the right to turn the tables on companies by using their own technological innovations.
Accept the responsibility to stay informed, speak out, and vote on Technocreepiness.
With these tools and knowledge comes a responsibility to participate in the societal discussion of how much creepy technology we are willing to tolerate, for exactly which benefits.
Different societies will undoubtedly make different choices. In Estonia, for example, a single, mandatory, government-issued identity card is used to vote, pay taxes, shop, get medical care, and even ride public transit. Privacy advocates in the United States have staunchly opposed such a national ID card, fearing it could be misused to create a police state.
The revelations of Edward Snowden, Chelsea Manning, and others have revealed a previously hidden and creepy governmental addiction to surveillance and information hoarding.
The front pages of many science, technology, and medical journals have hints that creepier things are coming our way, at an increasing pace.
The maturing of the “digital natives,” who have always known and accepted 24/7 connectivity, will alter our social discourse on what is creepy and what is cool.
&nb
sp; One thing is certain. The hairs on the back of our collective neck are going to be working overtime for the foreseeable future.
You have been warned.
Acknowledgments
I am extremely grateful to my family, friends, and colleagues who have supported me in the adventure of researching and writing this book.
My loving wife, Keri, and my delightful son, Jordan, have been there for me every single day with advice, energy, encouragement, references, criticism, and great ideas. Henry Mullish of New York University awakened my interest in technology way back in the 1960s. By allowing a teenage nerd to assist him in preparing some of his books, he also inspired a great love of the craft of writing.
My students and colleagues at the University of Calgary, and from 25 years of the Shad Valley Program, have all played a role in shaping the ideas behind this book. I’d especially like to thank Robert D. Acker, Paul Dickinson, Cullen Jennings, Zak Karbalai, Kingson Lim, Brian Lynch, Kathy Macdonald, David Moloney, Nate Dekens, Hervé St. Louis, and the robot at Google Alerts for sending me such amazing and creepy ideas and stories on a regular basis. They bring me great examples of technocreepiness, often with the same proud look the cat has when he carries in a half-eaten mouse.
Dr. Duncan Chappell and CBC Producer Dave Redel played a seminal role in this project when we worked and played together in the 1980s creating Crimes of the Future for CBC IDEAS. Drs. Simone Fischer-Hübner and Penny Duquenoy have kindly involved me in the activities of the European privacy community through the FIDIS project. Countless stimulating presenters at the DEF CON, Black Hat, 2600, and Computers, Freedom, and Privacy conferences have given me terrific ideas, which are gratefully acknowledged. Dr. John Demartini, an inspired thinker about human behavior, gave me a framework that kept me from creeping myself out while researching this material.