PRISM This! Simple Things to Think about in the post Edward Snowden Era

Lately there hasn’t been a news cycle that hasn’t focused on the NSA and Prism. Debating whether Edward Snowden is a hero or someone who has done the United States wrong is  something the media will do for a long time to come. I believe that’s all just a distraction.

This episode should jolt us all to the stark realization that be it PRISM, the NSA, or private enterprise, the cost to track individuals is lowering, while the incentives for corporations and governments to correlate,use,store and sell your ‘meta’ data (information about your information) are rising. With the advent of Big Data as well as exponentially decaying broadband, processing and storage costs, this kind of tracking we are just starting to see now is really just a “no brainer” evolution in the world of advanced analytics.

Beyond the obvious idea of not posting huge amounts of personal information about your movements, and private life to social media sites, what SIMPLE actions could an individual take to try to stay ahead of the curve when it comes to on-line privacy? Here’s some of my thoughts on this subject.

1) Educate yourself – This one seems frivolous, but it’s probably the most important. Stay ahead of the curve. Understand what it means when you accept the fact that your mobile applications can send or store your location information. At the very least, understand the implications of new technologies – i.e. what it means when your online banking app on your mobile phone requests that you allow it to access your GPS, email, and call history when you install it.

Try to understand that although some technologies seem like they were spawned by tinfoil hat wearing nuts, but also understand that perhaps there are aspects to those technologies which highlight deficiencies in the status quo/incumbent system.

Bitcoin is a great example of such a technology. If you don’t know what I mean? Then you need to take point #1 to heart and start reading. When you do start your own research, you might ask, ‘what does a fully distributed, Peer 2 Peer, cryptographic currency have to do with personal privacy?’. The answer is, the incentives of corporations to pool and analyse your transaction information (credit card, debit, other). and to use big data technologies to link and analyse that information is very large. Believe me when I say that is happening today, and so, to be ahead of the curve you should learn about alternative payment systems that aren’t track-able, aren’t centrally controlled and allow you to spend your money anonymously but also securely. Capiche?

Never heard of the TOR network, don’t know what VPN stands for? How about PGP? What about a PROXY?

These aren’t just a bunch of acronyms for nerds, but if you either don’t know about these technologies or can’t follow them, find a friend who can explain them to you in simple terms. For example TOR is a network that acts to protect your privacy by redirecting your internet traffic in a way that is much harder to trace or analyse using the big data techniques we are starting to hear about in the media today.

2) Set up TOR on your mobile device – I just downloaded the TOR client on my android device. Because my android device is ‘rooted’, it is able to take all of my internet traffic and direct it through the TOR network transparently (without me having to do any complicated settings on my phone or apps). This effectively means that my “meta data” regarding my internet activities cannot be stored or analysed. Better yet, if I turn on the tethering on my mobile and convert it to a WiFi hotspot, anything that connects to my hotspot will be on TOR also. I specifically called out TOR for mobile (search on Google Play) because it literally takes 5 minutes to install and enable, however you should consider either TOR enabling your home machines or at least using a VPN service also. The other aspect for mobile is, that the device is always with you, can track your movements, and via mobile applications and meta data tracking, there just seems to be a much higher incentive to abuse this information.

The best part about TOR is that it’s free.

Read more about TOR here []

3) Use a VPN on your regular PC/home network - I regularly use a service called strong vpn []. For a few dollars a month, I can have all of my home PCs or network traffic securely encrypted and tunnelled through a trusted third party service provider. This has the unintended side effect of making my computers and network appear that it is in the U.S. even though I am actually living in Canada. (This has unintended benefits for services like Netflix and other on-line content restrictions)

A VPN (virtual private network) works by basically being a butler between your traffic and the internet. By acting as a buffer it encrypts your traffic but also in a rudimentary way prevents the outside network from actually seeing where your traffic is coming from.

Unfortunately this service does come at a nominal monthly cost. You may want to do your own research and find your own provider.

4) Encrypt your email – This one is for people who really are paranoid that your emails are being scanned and analyzed. Wait a minute, gmail does that! So maybe you aren’t that paranoid after all. As I said earlier, the cost is dropping, and the incentive is rising. I personally do not encrypt my email, however if you really wanted to start encrypting your email, then start reading up on a technology called PGP. It’s been around for a long time, it’s reliable, and although I find it clumsy, it’s probably your best bet for keeping your email secure. []

That’s a bunch of my quick notes on the subject for now, if there’s enough demand I may do individual in depth how-to posts for some of these technologies.

So have you followed my advice from point #1? If so you’ll know what the following two addresses are, if not…. time to go do some reading!