DecryptedTech

Wednesday07 December 2022

Despite Congressional Sabre Rattling; Online Privacy Has and Will Always Be a Concern


Reading time is around minutes.

bill-of-rightsPrivacy is the big watch word these days. We are hearing more and more about how this app or that one gathers personal data or how Social media uses (or abuses) our personal information. We are even hearing the rumblings of congressional hearings on the subject with the US Congress demanding answers from a multitude of app providers on how they are addressing personal data privacy. It is a good thing that Congress is there to protect us… Oh wait, is this the same Congress that wants to enable internet monitoring and allow ISPs (Internet Service Providers) and corporations the power to collect and read all traffic that passes over their networks?

While the issue with Privacy online, on your phone and even in your work life is a real concern (and one that goes back a long way) it has not been a concern for the government until recently. Let’s be honest here; until the HUGE public back lash over SOPA, PIPA, ACTA and now the Cybersecurity Act of 2012 the US Congress has not done much about personal privacy on the net. All of the acts above would grant the monitoring of your internet traffic almost without restriction. As we have covered before the Cybersecurity Act of 2012 is so non-specific that even something like a Trace Route (finding the hop or routers on the internet from one location to another) could be viewed as a “threat indicator”. SOPA, PIPA and ACTA call for the use of DPI (Deep Packet Inspection) which is capable of reading even secure traffic (and in some cases can read traffic over a VPN if done right).

Does this mean that the recent call from Congress to answer questions about Privacy is all a sham? No, well at least not entirely. There are many in the Government that try to do the right thing, they are just seriously outnumbered by the ones that are too busy listening to the lobbyists that continually whisper in their ears.  Still it is important to remember that until very recently most of this activity (including employers looking at your Facebook pages) was going on without any comment from our lawmakers.  Google was still allowed to combine its privacy policies and we imagine that Facebook will be allowed to omit privacy all together from the wording of their new “data usage policy”. In the meantime while there are demands from the Committee on Energy and Commerce out to some 34 app developers we doubt that much will be done about this issue (just like the CarrierIQ issue) and the companies in question will continue to have a grab at your personal data; especially the free applications.

The mining of data from users is a big business that fills the many pockets while the technology needed to grab it is so simple that it is hard not to implement. The question now is, should the OS developers (Google, Apple, Microsoft, RIM, Etc.) be held responsible for these losses and the ease that developers have in getting to all of your data? On the one hand they are the responsible party for the platform and as such share some of the burden to ensure your data safety, but since almost no handset or tablet maker uses the stock version of the OSes (with the exception of iOS) you also have to drag the handset makers into this, just as we saw with CarrierIQ. It is unfortunate that because of this situation there is almost no one entity to call into accountability for making sure your information is safe and secure when you own a smartphone or other internet connected device.

The mobile data market is actually becoming more dangerous than the desktop market in many ways. We forget how easy it is to exploit our handsets (which we use every day) and grab at personal information (even banking information). Meanwhile the software that is designed to protect us is in its infancy which puts your phone or tablet at an even greater risk. Do not even get us started on connected device; right now there is nothing to prevent them from being a huge opening in your home security (I will never forget seeing a proof of concept that opened the disk tray on my XboX through my firewall).

What you can take away from all of this is that despite Congress rattling its sabre at App writers and demanding laws to protect users’ privacy online, it is all up to you. As with Malware, Viruses, and everything else YOU are the first line of defense. Make your Facebook Profile private, add HTTPS to it (it is pretty simple to do both of these), do not click on every link, and of course read what access applications have to your phone or tablet before you install them. If you do this it will make it much harder to abuse your right to privacy online and for people to monitor you. For the truly paranoid there is always TOR and setting up a VPN to a private relay, but that is for another article.

Discuss this in our Forum

Last modified on Sunday, 25 March 2012 11:50

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.