Rewiring our mind to reclaim privacy online
hey guys i’m sun i’m a privacy and a
security researcher and recently became
a youtuber
today’s talk is going to be about
privacy now we are the product uh that’s
something that you may have heard and my
research definitely confirms that that’s
true
now the interesting thing that i
discovered while preparing for today’s
talk
is we actually have been the product for
quite some time and that actually
is traceable to the early days of radio
and television
which brought me to question what does
radio
and television have in common with
and gmail for example well the answer is
quite obvious
ads both are designed to
get our attention our attention is the
product
now the question that really got me
curious is what they don’t have in
common
and the answer is facebook and gmail
are bi-directional that means that
the users are both content creators
and content consumers and that means
that
people are now sharing an increasing
amount
of very personal information on
these platforms now comparing this to
the traditional business model of tv for
example
where lady gaga will be invited as the
artist
of the super bowl while putting together
the
halftime super ball show is extremely
expensive it requires a stadium
an audience it requires essentially
millions and millions
to produce the content compare this with
the new social media business model
which by the way blows my mind well a
bunch of developers
can create an app that will be used by
billions of people and
generate billions and billions in
revenue
now looking at how you know
advertisements were actually targeted to
users in the days of television while
say
lily was watching planet earth while
lilly
was likely to be interested by anything
related to the planet perhaps animals
and that was it so advertisers would
place ads on content
compare this with social media where
facebook knows that lily
watched planet earth twice because she
shared it that lily shared a youtube
link to planet earth with a few of her
friends
charles jenny and john and that
lily attended earth day manifestation in
new york
with her friend jenny that lily is
probably roommates with john because she
actually lives in new york and they all
use the internet from the same public ip
address and that lily is in a
relationship with charlie
and charlie actually donated to
greenpeace
what does that mean for advertisers well
that means that
lily will likely vote for a specific
political party
if she’s targeted with pro-environment
content and it actually also means that
she’s gay
that blows my mind so back to this
initial idea
if something is free we are likely the
product
well what else is free uh now
preparing for this talk made me realize
that the real question is
what isn’t now uh if we think about
facebook which is free well
instagram messenger and whatsapp all of
this
is also free uh besides gmail
well you know chrome google google docs
youtube google maps waze google pay
all free and all owned by alphabet now
uh in the context of microsoft well
microsoft bing
edge skype linkedin if you’re a
developer you probably know about visual
studio code github
npm all of this stuff is free and then
there’s snapchat and tick tock whoo
now to make things more confusing
privacy conscious apps that i actually
recommend to my viewers
such as firefox duckduckgo and
signal all of those are also free
which blows my mind and clearly blows
the minds of
pretty much everyone which leads people
to just decide to trade their privacy
because well we live full lives we don’t
have time to worry about all of this
stuff
a question that i’m asked all the time
is is why should
we care why should we carry so much
information i have nothing to hide those
are all things that i hear all the time
well let’s look at tree case studies
as you may be aware edward snowden he
was a contractor for the nsa
leaked a whole bunch of documents that
revealed
that the nsa and the cia have backdoor
accesses to all of those data sets so
all of those emails that we’re sending
on gmail
i know i’m not but anyways all of those
things are being shared on facebook
all of those things or conversations
that are happening on skype all of this
stuff
is accessible by nation state
surveillance programs
and to make things worse there’s also
this
alliance alien alliance between
the united states of america and
13 other countries which forms what we
call the 14 i’s
and what they are doing is that they’re
all using their own
tapping devices to tap the internet
backbones when data is flowing between
countries and what you can see here well
that’s
a map of the trans-oceanic lines fiber
lines that are connecting
continents together that’s where the
data is flowing
and that means that there’s a few points
that can be tapped
that will intercept huge amounts of data
now if that’s not enough another person
leaked information about a scandal
that’s called a cambridge analytica
scandal and the cambridge analytica
scandal
is a way that this special
political data analytics firm
in the uk was using an app that was
installed by 50 million
americans that allowed them to get very
personal insights into how those
americans
think and therefore leading to micro
targeting
them with ads in the context of
the trump election not this one the one
before
and we thought that everything would
change at that point in time but
actually very little has that means that
all this information that we
are sharing becomes information that
political parties can use to target
us and try to manipulate us now
if that’s not enough we can have a look
at what’s happening in china so china
has deployed
huge systems of facial recognition to be
able to follow citizens around there are
cities where
if you cross this the street at a red
light
you are fined and the money is withdrawn
from your bank account so essentially
all citizens are ranked and
labeled and tracked throughout what they
do in the physical world and on the
internet and to make matters worse the
great firewall of china will actually
censor what kind of
information they can see that leads me
to say that i care about privacy because
i believe in freedom
and democracy that i am totally
uncomfortable with the fact that my
conversations
interests relationships and whereabouts
are surveilled i mean that that freaks
me out
uh so here are a few steps that you guys
can follow
if you want to reclaim some of your
privacy step
one is consciously choose apps
why is an app free there are a few
business models that can explain why
things are free
the first one is open source if the
product is developed by the community
for the community
well that explains why it’s free
other things are advertisement or
advertising
i should have said based usually that
means that there’s a lot of data mining
that’s happening unfortunately
then there are the freemium apps those
are apps that you can start using for
free but then you’re encouraged to
upgrade
and there are in-app purchases uh so
that’s how tick-tock works for example
uh and then there’s kind of more obscure
business models true partnerships so
that’s how
uh whatsapp actually earns its revenue
right now
although i mean yeah more on that in a
second
google pay and firefox if you don’t know
firefox is actually
owned by mozilla which is a non-profit
and mozilla
is mostly funded by google so google
can set google search as the default
search engine in firefox
now looking at this uh we could think
that oh if we’re not in the advertising
uh line we’re okay but the truth is a
lot of those
businesses will do a lot of data mining
as well so usually a business can have
more than one business model to make
things
again more complicated um but we need to
ask
ourselves why something is free then we
need to ask ourselves
what is the governance of that specific
project and that is pretty interesting
when we’re looking at whatsapp
versus signal both pretend to be not pre
i’m taking this back both in theory
use ntn encryption actually whatsapp
uses the signal protocol but then when
i’m looking at those two options
which on the surface may look the same
if we look at their governance
i am totally going for signal so
one is owned by you know facebook
which is run by mark zuckerberg and the
others run
signals run by moxie who’s a cypherpunk
who really believes in privacy
we need to ask ourselves who are running
those companies and why
and then we need to figure out how much
data is being collected and why and
there are things that we can do in our
smartphones or in app configurations
to decide what we’re sharing sometimes
we have no control
but at least we need to be conscious
about this and try to share as little as
possible only what’s necessary
to benefit from the product now the
next thing that we can do is learn as
much as we can about technology
so we’re just going to peek at the
rabbit hole right now because i’m
running out of time but
email is not private when you send an
email to someone that email
is stored on your email providers
servers and on the recipient email
provider servers
when on those servers it’s in clear text
so you can imagine
email being the same as sending a postal
card anyone
in between can likely read the message
another misconception is that private
mode when you’re browsing is private
private mode is not private at all from
the outside world it’s just private
between
users of the same computer another
misconception is that vpns will make
people
anonymous vpns do not make anyone
anonymous
it just moves the trent model of being
surveilled from
the internet service provider to the vpn
provider so
we need to choose vpn providers wisely
another thing that we always need to
keep in mind is that the clipboard when
we’re copy pasting stuff
that is shared among apps and that was
really uh alarming when we learned that
tiktok was essentially capturing all of
this
so i understand that all of this is a
lot
learning about this is a lot and that’s
why i’m really trying to share as much
as i can on my channel
but if you don’t have time to learn all
of this
there are a few things that you can do
first things first
please use a browser that is open
sourced and that does not
track its users such as firefox when
well configured
then using duckduckgo instead of google
or bing
is a great way to make sure that those
searches are
not surveilled and one last thing here
is using signal for messaging or phone
calls when
the subject matter is private signal
uses something called end-to-end
encryption
meaning no one can look at this content
except you
and the recipient or someone that
physically compromises
your devices so yeah
thanks for caring i think together we
can really bring change
in the technology landscape we can
rewire our minds to be comfortable with
the fact that ping for an app
makes total sense that paying for a web
service make total sense
and together we can force those
companies to change their behavior
and start putting technology to the
service of humans
and not the other way around
you