In the wake of a forthcoming Donald Trump presidency, all-Republican Congress, and the likely nomination of a strongly-conservative judge in the vein of Antonin Scalia to the Supreme Court, it’s worth re-emphasizing a number of the concerns over privacy and data collection that have accumulated over the past several years. There are three areas of data collection that I’d like to focus on: user-provided data, user usage data, and scraped intelligence data.
User-provided data is the kind of information that we willingly provide on a regular basis to every service. Think about how many different websites have asked for your name or email address at some point, and you’ll get an idea of how much information you provide without necessarily noticing it. It’s become routine to tell a web service what your name is, where you’re from, how to contact you, what you look like, and who else you know. Because it’s so typical, many websites will ask for even more information, like where you went to school, where you work, how old you are, what your favourite music and TV shows are, and who you’re dating or married to. That’s a lot of information to be held by a single company, but consider all of the different companies that you might have given some or all of these data points.
Usage data is the data collection you typically don’t see firsthand, but will definitely notice. Every search you make, every post you like, every link you click, anything you linger on but don’t act upon, every advertisement that loads on your screen, and, increasingly, the other websites you visit — these are all tracked.
Combine both of those aspects of the collected data of a typical user and whichever company or entity has that data can get an accurate and detailed idea of who that person is.
This has always been worrying for many of us. I was in university at the time that the Guardian and Washington Post started publishing stories based on documents leaked by Edward Snowden. A couple of months before that reporting began, I handed a paper in to one of my professors. The paper was about the mechanisms of online data collection. In it, I observed that if a government organization were collecting the same data that Google does on a regular basis,1 it would be considered outrageous. This, of course, is the scraped intelligence data that I’ve written extensively about.
Yet, over the past three and a half years, the amount of data that technology companies are collecting has skyrocketed with the advent of “Big Data,” virtual assistants, and “internet of things” devices. All of these technologies entered the mainstream well after the Snowden disclosures began, and there’s little sign of slowing down.
As was plainly apparent yesterday, the Democrat-leaning bigger cities of the United States — the technology centres of the country — tend to create a comforting bubble of likemindedness. Even though there have been plenty of concerns raised over data collection, there was perhaps a sense of trust amongst some — and I’m not one of them — that any data scraped by intelligence agencies would be handled with a certain amount of delicacy and responsibility.
I don’t think this is the case any longer.
Statements Trump made while he was a candidate included proposals to create a registry of Muslims living in the United States, deporting all undocumented immigrants, reducing the freedom of the press, and increasing the power of intelligence agencies. Trump has routinely shown himself incapable of keeping a steady hand when situations become stressful. With Republicans2 in charge of all three branches of government, plus a significant number of Democrats who support bulk data collection efforts, the users of many of the largest websites and online services are now facing worrying prospects, particularly those who identify as members of groups that have been targeted by Trump’s proposals.
Technology companies can act. They can step up their encryption efforts before any challenging legislation is proposed. Or, quite simply, they can reduce the amount of data they collect and store. We can help by reducing or eliminating our use of services that insist upon collecting unnecessary user data, or retaining it for long periods of time. It isn’t easy, but it’s responsible.
-
I used Google as an example in that paper, but the same observation applies equally to a large number of companies. ↥︎
-
Including many of the same people who began the NSA’s data collection programs after September 11, 2001, and supported the FBI in their efforts to fight Apple on device encryption. ↥︎