Category: privacy

Posted on

A radical proposal to keep your personal data safe

By Richard Stallman who is president of the Free Software Foundation.

Journalists have been asking me whether the revulsion against the abuse of Facebook data could be a turning point for the campaign to recover privacy. That could happen, if the public makes its campaign broader and deeper.

Broader, meaning extending to all surveillance systems, not just Facebook. Deeper, meaning to advance from regulating the use of data to regulating the accumulation of data. Because surveillance is so pervasive, restoring privacy is necessarily a big change, and requires powerful measures.

The surveillance imposed on us today far exceeds that of the Soviet Union. For freedom and democracy’s sake, we need to eliminate most of it. There are so many ways to use data to hurt people that the only safe database is the one that was never collected. Thus, instead of the EU’s approach of mainly regulating how personal data may be used (in its General Data Protection Regulation or GDPR), I propose a law to stop systems from collecting personal data.

The robust way to do that, the way that can’t be set aside at the whim of a government, is to require systems to be built so as not to collect data about a person. The basic principle is that a system must be designed not to collect certain data, if its basic function can be carried out without that data.

Data about who travels where is particularly sensitive, because it is an ideal basis for repressing any chosen target. We can take the London trains and buses as a case for study.

The Transport for London digital payment card system centrally records the trips any given Oyster or bank card has paid for. When a passenger feeds the card digitally, the system associates the card with the passenger’s identity. This adds up to complete surveillance.

I expect the transport system can justify this practice under the GDPR’s rules. My proposal, by contrast, would require the system to stop tracking who goes where. The card’s basic function is to pay for transport. That can be done without centralising that data, so the transport system would have to stop doing so. When it accepts digital payments, it should do so through an anonymous payment system.

Frills on the system, such as the feature of letting a passenger review the list of past journeys, are not part of the basic function, so they can’t justify incorporating any additional surveillance.

These additional services could be offered separately to users who request them. Even better, users could use their own personal systems to privately track their own journeys.

Black cabs demonstrate that a system for hiring cars with drivers does not need to identify passengers. Therefore such systems should not be allowed to identify passengers; they should be required to accept privacy-respecting cash from passengers without ever trying to identify them.

However, convenient digital payment systems can also protect passengers’ anonymity and privacy. We have already developed one: GNU Taler. It is designed to be anonymous for the payer, but payees are always identified. We designed it that way so as not to facilitate tax dodging. All digital payment systems should be required to defend anonymity using this or a similar method.

What about security? Such systems in areas where the public are admitted must be designed so they cannot track people. Video cameras should make a local recording that can be checked for the next few weeks if a crime occurs, but should not allow remote viewing without physical collection of the recording. Biometric systems should be designed so they only recognise people on a court-ordered list of suspects, to respect the privacy of the rest of us. An unjust state is more dangerous than terrorism, and too much security encourages an unjust state.

The GDPR makes much of requiring users (in some cases) to give consent for the collection of their data, but that doesn’t do much good. System designers have become expert at manufacturing consent (to repurpose Noam Chomsky’s phrase). Most users consent to a site’s terms without reading them; a company that required users to trade their first-born child got consent from plenty of users. Then again, when a system is crucial for modern life, like buses and trains, users ignore the terms because refusal of consent is too painful to consider.

To restore privacy, we must stop surveillance before it even asks for consent.

Finally, don’t forget the software in your own computer. If it is the non-free software of Apple, Google or Microsoft, it spies on you regularly. That’s because it is controlled by a company that won’t hesitate to spy on you. Companies tend to lose their scruples when that is profitable. By contrast, free (libre) software is controlled by its users. That user community keeps the software honest.

Copyright 2018 Richard Stallman. Released under Creative Commons No Derivatives Licence 4.0

First published in The Guardian. 3/4/2018

Posted on

Supporting citizens with protecting their privacy online

This post is based on a talk our contributor Aude gave at the CILIP Conference on 6th July 2017, which was written-up for K & IM Refer: Journal of the Knowledge and Information Management Group (CILIP). This article has been published online (also on Aude’s own blog) as part of K & IM Refer Autumn 2017 issue.

All the technology around us – cameras, phones, our internet use, online communications, etc. – collects data about us. For example: most of us carry a smartphone around all the time. How many of us are fully aware that if the GPS is on, our phone company can pinpoint where we are with an accuracy of 5 to 8 meters? If the phone company knows, who may also have access to our location data? Are we comfortable with this situation? Would you change your behaviour and turn off your GPS when you don’t use it now you know this, or would you decide the convenience outweighs the disadvantages?

Privacy is about choice. As citizens, we need to be aware of this situation to be able to make informed decisions about whether we want to protect some of our data and how much effort we are ready to put into protecting our privacy. Once we have the facts we also need the skills: we need to know about tips and tools available to help us protect our information.

Libraries defend people’s rights

I believe that libraries exist to defend people’s right to enrich and improve their own lives, their environment and society. We library and information professionals make this happen by facilitating access to and the sharing of information, knowledge and culture.

In many sectors library and information professionals already devise and deliver digital skills training, ranging from a basic introduction to computers to searching online resources effectively. Knowing how to protect one’s privacy online is part of those digital literacy skills everyone should have; that’s why at Newcastle Libraries we have started looking into how we could best help our citizens.

Learning about privacy issues and tools

Our team’s awareness of privacy issues originally came from reading technology articles or from initiatives in libraries in other countries such as France or the USA. American librarians have created very useful materials that are a good place for us in the UK to start learning – I would particularly recommend the Library Freedom Project and the Data Privacy Project.

In Scotland the Scottish PEN has also been delivering “Libraries for privacy: digital security workshops” with support from CILIP Scotland and the Scottish Library and Information Council. I was able to attend one of those workshops, which inspired me to create a short training session for colleagues at Newcastle Libraries. I initially ran two sessions for librarians and senior managers in March 2017, and will be rolling it out to as many staff as possible this autumn. The first two sessions included time for us to discuss and decide what we wanted to do in our service regarding online privacy.

Initiatives for citizens

We wanted to offer information and training about protecting one’s privacy online to local citizens. In 2016 we had already co-organised two cryptoparties; we decided we should host some more. A cryptoparty is an informal gathering of individuals to discuss and learn about tips and tools for privacy and security in our digital world. We co-organised ours with local members of the Open Rights Group who have the relevant technological knowledge that we might lack (!) – in partnership with the same individuals, our next cryptoparty will take place in November.

We have also noticed that cryptoparties tend to attract citizens who are already aware of privacy issues. How do we reach out to those who do not (yet) have that awareness? It is something that we are still exploring. One idea we want to implement is to include privacy among the topics covered in our digital skills sessions, but we are also trying to find other ways to, in a way, talk about privacy in a skills session without first telling people that we are.

Standing up for citizens’ privacy

With Newcastle Libraries colleagues we felt that we could not be teaching citizens about tools to protect their privacy on the Internet and yet say: “By the way, this does not apply when you are using library computers or services”! We want to offer our computer users an Internet browser with enhanced privacy features – ideally, this would be Firefox with DuckDuckGo as the default search engine plus add-ons such as HTTPS Everywhere and Privacy Badger. I would love for us to offer Tor Browser or even for the library to be a Tor relay; however, I thought asking first for Firefox would be a lot less controversial… We are in conversation with our IT department; they have objections but these are about the practicalities of applying updates to the Firefox browser, which they cannot manage centrally like they currently do for Internet Explorer and Google Chrome.

An easier thing we can and will do is to be more transparent to citizens about how their information is handled when they use Newcastle Libraries services. When you use a library computer, you should be aware that our IT department records which websites you visit and that this information is kept for 12 months. When you use our e-books platform, we should tell you before you login what our supplier does with your data. It may take some time but it is relatively easy for us to add this kind of information on our website and other materials.

Once we start with this work we can review what we record – should we really be keeping your browsing history for this long? What is it used for; are we legally obliged to do so? Regarding third-party providers of library services, we should be requesting that they take steps to protect your data to our standards.

In truth, what we need is a privacy policy –  the American Library Association Office for Intellectual Freedom has some fantastic information and templates adapted to the US context but that still gives us some useful pointers. Privacy terms and policies is a bigger piece of work but it is one we can build one chapter at a time, in order to support citizens with protecting their privacy online.

This post is licensed under a Creative Commons Attribution 4.0 International Licence.