Items tagged with: SurveillanceCapitalism
- Shoshana Zuboff
pg. 126, The Age of Surveillance Capitalism
@aral called this "institutional corruption". It seems more like infiltration to me. It is more consistent with their government lobbying efforts and swapping of employees between the US government agencies and Google.
This doesn't mean that EFF is corrupt as a whole, but Google infiltrates some of their employees into it, Facebook hires some EFF employees as privacy specialists etc.
But given a long enough time span, it might even lead to institutional corruption once the employees appointed by surveillance capitalists rise in ranks at these institutions.
Why does a vegan get ads for ice cream?
My friend, let’s call him Jake, has been a #vegan for years, long before it was trendy.
He said the other day, “Okay, Bill, you’re the one who keeps telling me about the terrible things the #internet can do (he usually ignores most of my advice) so how come I get #ads for Ben & Jerry’s in my emails on my Mac? They keep screaming at me “Hey, Jake! Buy Ben ‘n’ Jerry’s now!”
I try to ignore the irritation I feel that he hasn’t even installed an #adblocker yet and ponder the problem. “Hmm, which email provider do you use, Jake?”
“Hotmail,” he said, sheepishly.
I gave a weary sigh. As some in the Federation know, Hotmail and Gmail collect keywords in our private subject lines and contact list and sell them on to advertisers without our knowledge or permission – especially if we don’t fix our privacy settings.
I asked him if he had any people in his contact list called Ben or Jerry. He had a think. A flicker of recognition shone in his eyes and we both knew.
“Stop using it, Jake,” I said. “Use Tutanota or Mailfence at least…”
He is addicted to convenience.
He is still using Hotmail.
#apple #consumertech #privacy #tech #Google #locationtracking #surveillance #monitoring #adblockers #ads #digitaladvertising #internetmarketing #gmail #hotmail #outlook #microsoft #mail #data #corporations #telemetry #mass-surveillance #surveillance #tracking #trackers #spyware #surveillancecapitalism #icecream #icecreamcone #mac #ios #ipad
Which websites featured on the Federation have the worst privacy?
My last post highlighted how ticking the OEmbed box to add a website picture to a post can compromise Federation users if it contains a tracker.
I also mentioned tools, like Disconnect, we could use to detect websites which track their users. In this post I reveal some of the most popular reference websites on the Federation with low privacy and high tracking rates.
I believe Federation users should consider not embedding, or at least warning their readers about the surveillance techniques carried out by these sites.
A Princeton University study identified almost a million websites that track their users. Here are just 5 examples of websites whose stories are commonly quoted on the Federation:
Wired is a popular website referenced on the Federation by many users because it publishes great tech-based stories. But how private is it?
Although it offers an ‘ad-free’ version for subscribers, normal visitors are ruthlessly fleeced for their data.
WIRED has embed deals (agreements to embed tracking codes into their pages for money or gain) with a staggering 171 third parties including Google, Amazon, Facebook, Vogue, GQ, Golf Digest, Bonappetit and Vanity Fair.
Some tracking beacons embedded on WIRED and captured by Ublock Origin
151 of these third parties are known tracking or advertising companies like Google, Amazon, Facebook, Turn, Add This, Scorecard Research, Adobe, Twitter Analytics, Typekit, Criteo and Quantserve. Aggressive trackers like Google Tag Manager (GTM), Add This and Turn are present here.
Below is a screengrab of the many scripts NoScript has blocked from the WIRED website, the 33 scripts, gifs and beacons blocked by Ublock Origin and a couple by Disconnect.
WIRED sets 25 short-term and 28 long-term cookies itself, while allowing its third party partners (including 69 tracking companies) to set 26 short-term and 133 long-term cookies.
It uses Google Analytics without the anonymization feature enabled, so user details are sent to Google servers.
All WIRED servers are based in the US so GDPR privacy rules can be ignored.
Websites loading this many scripts/cookies are usually blacklisted by most users, not least because they drain a device’s battery.
WIRED claims that subscribing with them will mean an ad free experience, but I find it hard to believe that a subscription to WIRED will suddenly load a clean page without a single tracker retrieving data. But then I am not a WIRED subscriber. Please comment if you are and have no trackers.
Seen by some as a safe pro-privacy resource celebrating Free and Open Source Software, FOSSPOST lets its users down by digitally fingerprinting their devices and loading 19 trackers into a browser.
FOSSPOST has embed deals with 27 third parties, making its embed renting in the ‘low’ category, including Google, Amazon, Creative Commons and WordPress.
13 of these are known tracking or advertising companies like Google, Amazon, Mailerlite, One Signal and the data-hungry caterpillar that is WordPress.
FOSSPOST sets 2 short-term and 2 long-term cookies itself while allowing its third party partners (including 3 tracking companies) to set 4 long-term cookies.
It uses Google Analytics without the anonymization feature so user details are sent to Google servers. All FOSSPOST servers are based in the US so GDPR privacy rules can be ignored.
Acquired by Yahoo’s parent company, Oath (a company that includes AOL), under the Verizon umbrella, in 2010, this is a popular reference source for researchers and Federation users.
Historically, Yahoo deserves some kudos as they were one of the few big tech companies that objected to sharing their users’ details with the PRISM
The Bush administration threatened them with $250k a day fines until they complied. Verizon bought them in 2017. Yahoo suffered the largest data breach in history in 2018.
The link to this NYT story is not embedded (consider blocking the GTM tracker on the site)
TECHCRUNCH.com fingerprints the user’s device and dumps 2-7 Yahoo trackers in their browser, depending on the page loaded.
TECHCRUNCH.com has embed deals with 27 third parties, including Google, Facebook, Yahoo and WordPress.
15 of these are known tracking or advertising companies like Google, Facebook, Yahoo, WordPress, Atwola, Typekit, AOL and Scorecard Research.
TECHCRUNCH.com sets 4 short-term and 5 long-term cookies itself while allowing its third party partners (including 4 tracking companies) to set 1 short-term and 7 long-term cookies.
It uses Google Analytics but interestingly enables the anonymization feature so some user details are not sent to Google servers.
All servers are based in the US so forget about GDPR privacy rules.
THE REGISTER .co.uk
Although a great resource with well-written and groundbreaking stories, it isn’t as private as I’d hoped.
There is no obvious digital fingerprinting but it seems to have gathered more Google syndication in the last couple of years, (9 of its 16 embed deals are with the Big G). 12 known tracking or advertising companies like Google, Admedo and the Amp Project gather data.
THE REGISTER sets 3 short-term and 4 long-term cookies itself while allowing its third party partners (including 2 tracking companies) to set 7 long-term cookies.
It uses Google Analytics without enabling the anonymization feature so user details are sent to Google servers. Although THE REGISTER’s domain is in the UK, both its data and email servers are based in the US so GDPR privacy rules could be compromised here, though I am not a lawyer.
The Guardian .com
I’ve been sitting on this for a few years now but it’s about time I blew the whistle.
I first noticed the Guardian newspaper’s website was digitally fingerprinting its users’ devices when they published an article on, um, Canvas Fingerprinting.
That page has been removed since, but they still continued doing it, long before Facebook, though not before Google.
I’ve kept quiet about this surveillance because I admire the paper for its incredible journalism, especially exclusives like the Snowdon revelations, and its general championing of freedom issues across many sectors of society. But the hypocrisy has started to wear me down.
Some tracking items & widgets embedded on Guardian .com and captured by Ublock Origin
The Guardian has embed deals with a privacy-sapping 142 third parties, including Google, Amazon, Bing, Twitter, and, despite being one of its main critics, Facebook. 132 of these third party partners are known tracking or advertising companies like Google, Amazon, Facebook, Turn, AddThis, Scorecard Research, Blue Kai, Twitter Analytics, Rubicon, Criteo and Quantserve.
Some of the most aggressive trackers like GTM, AddThis and Turn are present here.
The Guardian also sets 3 short-term and 5 long-term cookies itself, while allowing its third party partners (including 51 tracking companies) to set 10 short-term and 131 long-term cookies.
Yes, we NEED the Guardian’s continued existence, but castigating Facebook et al while allowing them to track its users doesn’t sit well with me.
The website uses Google Analytics but at least enables the anonymization feature, so some user details are not sent to Google servers.
Although The Guardian’s data servers are in Germany, their email servers are based in the US so GDPR privacy rules could be compromised here, though, again, I am not a lawyer.
In conclusion, I’ve given just 5 examples of popular sites Federation users quote in their posts.
I am NOT advocating a boycott of these sites but politely suggest we don’t OEmbed them, just feature a hyperlink and give readers the heads-up about these privacy concerns.
Alternatively, look for other sources featuring the same story. It’s also worth highlighting which websites do NOT add a tracker when we OEmbed a story, or have a low level of surveillance. Please promote those guys.
#news #fakenews #journalism #FreePress #PressFreedom #theguardian
#privacy #tracking #trackers #facebook #social #mass-surveillance #gdpr #google #location #user #device #setup #private #secure #internet #tips #tricks #online #os #windows #apple #ios #advertising #ad #revenue #streams #developers #media #data #corporations #telemetry #consent #spyware #surveillancecapitalism #humanrights, #anonymity #cookies #surveillance #browser #proxy #relay #network #www #leaks #fingerprint #activity #activitytrackers #thefederation #pods #federation #fediverse #friendica #mastodon #pleroma #socialhome # #Gnusocial #Funkwhale #Peertube #pixelfed #hubzilla #Diaspora
"...there are still some 100 workers allocated to the “cost center” associated with Dragonfly, meaning that the company is maintaining a budget for potential ongoing work on the plan."
#FuckOffGoogle #FuckCensorship #SurveillanceCapitalism #China
How can Federation users post more safely?
You know how it goes. We find a great story online and we want to share it with our supporters or feature it in our feed with appropriate hashtags for maximum reach.
But do we check the website featuring the story for privacy before we post?
When we embed a link by selecting the OEmbed box (often ticked by default) this displays an image or video on our post from the website we’ve featured.
They may look cool, but these images can contain beacons or other trackers. Embedded trackers also load into the browsers of any user who scrolls down the public feeds.
Should we ensure the website is safe before linking to it?
Actually some do. Posts that don’t feature a website’s images (with the OEmbed box unchecked as below) can actually protect Federation users from a serious amount of surveillance.
Some thoughtful users actually reproduce the article’s main points in their post, to protect their readers from visiting the site itself. They usually supply a link to the original content if one wants more detail and perhaps is protected with tracker blockers. So how do we know a site we recommend is safe?
Here are some privacy tips:
• Consider checking the page’s security/privacy before linking to it.
Using Tor, or a beefed-up Firefox fork or version (for detecting digital fingerprinting), and/or Disconnect, NoScript or Ublock Origin add-ons to reveal a multitude of trackers.
• There is usually more than one website featuring the same story. Consider picking the website with the least trackers and digital fingerprinting.
• Issue a warning in your post about any of the site’s surveillance methods and privacy issues you’ve detected.
• Embedding a picture/video could also make users vulnerable. Consider unchecking the OEmbed box.
In the next post I’ll give examples of a number of websites with low privacy and excessive trackers, commonly featured in the public feeds.
#secure #internet #windows #apple #revenue #streams #developers #Social #media #data #corporations #tracking #trackers #facebook #social #mass-surveillance #gdpr #google #alphabet #location #user #device #setup #private #secure #internet #chrome #tips #tricks #online #os #mobile #ie #safari #apple #ios #ad #revenue #streams #developers #telemetry #consent #windows10 #windows7 #windows81 #microsoft #linux #debian #ubuntu #mate #gnome #grub #iphone #firefox #advertising #android #chrome #browser #browsers #phone #phones #device #Tor #privacy, #humanrights, #anonymity #internet #security #cookies #surveillance #browser #web #onion #router #torbrowser #bridge #proxy #relay #leaks #fingerprint #activity #activitytrackers #spyware #surveillancecapitalism
"Sidewalk Labs, sister company to Google, won a bid in late 2017 to be part of the development of the Port Lands, a part of Toronto's waterfront, roughly the size of downtown Toronto. This project is called Sidewalk Toronto. "
#BlockSidewalk #FuckOffGoogle #FuckOffAlphabet #FuckOffGoogleAndCo #SurveillanceCapitalism
Freedombox , Freedombone and The Age of Surveillance Capitalism
I look at the #Freedombox and #Freedombone projects with interest as I think these will be what the future #Internet will be built on, if we want to move away from #SurveillanceCapitalism. The book written by #ShoshanaZuboff , The Age of Surveillance Capitalism , is a brilliant snapshot of how bad things have got with today's Internet. We need to rebuild a decentralised web if we are to take back control of what was built for the people and not against the people.
Projects like Freedombox and Freedombone have noble intents but how widely are they deployed and at what point will mass deployment on these systems really start making a difference? Until things like #Federverse and #decentralisation hit the mainstream news, are we really going to see a massive shift in behaviors? Are we going to see a change in the way people use the Internet? What we really need is a #MeToo movement that opens people's eyes against the abuses of the big five: #Google , #Facebook , #Amazon , #Apple and #Microsoft. #MeToo was born within #Hollywood, no wonder it got traction ... The new Internet will need its own Hollywood, won't it ...?
*worriedly checks self* Oh, phew, you mean the ones who were up for sale and never really its critics to begin with.
Also see: https://mastodon.ar.al/@aral/101488404889934170
#SurveillanceCapitalism #WhiteWashing #Corruption Via @foggy
"Former Google Design Ethicist: Relying on Big Tech in Schools Is a Race to the Bottom"
#ethics #SurveillanceCapitalism #BigTech #EdTech
At least 61 % of apps automatically transfer data to Facebook the moment people open the app, whether they have a Facebook account or not, or whether they are logged into Facebook or not.
#FuckFacebook #FuckAndroid #SurveillanceCapitalism
Google: Oh yeah, btw, we don’t think you should be able to protect yourself from being tracked on our browser.
Google to break uBlock Origin on Chromium.
Dust in my eye
...In 2014, Facebook filed a patent application for a technique that employs smartphone data to figure out if two people might know each other. The author, an engineering manager at Facebook named Ben Chen, wrote that it was not merely possible to detect that two smartphones were in the same place at the same time, but that by comparing the accelerometer and gyroscope readings of each phone, the data could identify when people were facing each other or walking together. That way, Facebook could suggest you friend the person you were talking to at a bar last night, and not all the other people there that you chose not to talk to....Not just dust.
Not just Facebook.
A critical point about social media -- or any public or trackable posting of data, is that it leaves identifiers which can be traced back. And these are creating records which are accessible and can be processed at rates and volumes never previously possible. It is a new "data physics". The rules of the universe have changed.
I've long been aware of persistent identifiers -- the pattern of yellow dots that colour laser printers leave, as an example (Whistleblower Reality Winner was caught based on this, due to copies of documents shared with the NSA and posted online by The Intercept), or the patterns of dead pixels in most digital cameras. There are reasons I not only don't post photos of myself but photos from my camera. But even similar patterns of dust on lenses -- an ephemeral identifier -- can be used to match up devices. As can location and timing data, gait data, and more, available from the gyroscopes which let you play pinball or tilt-ball games on your smartphone or tablet.
Or facial recognition of faces in crowds. A Hacker News commenter notes that he and his current partner turned out to have both been in a photo taken at a march before they met, which was auto-tagged after they'd followed one another online.
With 7.3 billion people in the world, all it takes are 33 bits of distinct identifying information. That can come from all kinds of sources, but location, purchase data, facial recognition, device "fingerprints" (ranging from specifically-encoded UUIDs to incidental patterns such as described here) are often sufficient. And centralised systems create repositories from which a tremendous number of such patterns can be sorted, sifted, and matched automatically.
I'm not sure how future options, including distributed and decentralised systems, will change this. But it's something I'm very much keeping in mind.
It's not about Facebook
It's not about Facebook. It's not about whether Facebook does or doesn't do this, or will or won't in the future. It's that the nature of online discussion creates highly persistent, highly detailed, not very apparent to the user data trails that can be used to draw all kinds of connections and inferences between people.
Many, many years ago, when the Web was young, and I was only slightly old, I went on an outing with some friends. We'd had a guide who had a slightly unusual name, linked to a cultural reference, and who mentioned that they'd transferred from one uni to another. I did not remember the name offhand or a last name.
But with that information, in about 20 minutes, I was able to narrow down the list of possibilities to a single person based on the then-prevalent practice of unis of listing student rosters online, as well as track down parents, hometown, and other information.
It's one of a few bits of sleuthing I've done over the years, others have have started from more or less information, produced more or less detail, sometimes been successful, sometimes not. But here was 33 bits of information captured in three pieces of data.
Today there's often a bit more of a shell wrapped around some aspects of this, but with either a very little bit of privileged access (a PI's licence, access to a skip-tracing database, Lexis-Nexis, etc.), there is all kinds of information online. Financial, legal, and other records similarly.
It's not that none of this data existed before. Some did. But it was buried in paper files, or microfiche, and you had to log road or air miles traveling to remote outposts to gather it (or pay someone to do so). And a huge amount of the information simply did not exist. (Though bits did: AT&T's comprehensive calling data files dating to the 1980s.)
I'm still not sure what to make of the difference between having information and knowing it. Trivial case in point -- I'd been looking for information on historical Usenet populations and usage, and discovered that that had been sitting in the pages of a book within a metre of my head for much of the past decade -- John S. Quarterman, The Matrix. I had the information but I didn't know it.
And that's for an individual. How much "knowledge" does an institution have? How many cases do the 13,000 agents of the FBI manage, how many suspects do they "know"? Is the information that they hold knowledge, or does it simply become material to be used as an investigation opens. Either because there is an actual crime in process, or because it's become politically expedient (or of personal interest to some agent) to do so?
Or the NSA, CIA, GRU, MI5/MI6, the Chinese or Indian or Israeli information ministries, etc., etc.
And what of AI. What is the real awareness and subject-knowledge of these systems? How rapidly can they identify individuals within crowds, say? (Some of the demos I've seen are frightening, though they may also be optimistic. Or not.)
And what happens when these capabilities are weaponised. We've seen this happen to online media. There are projections of this happening to weapons systems. What of misdemeanor police enforcement (Chinese healthcare CEO busted for jaywalking as an headshot on a bus advert is registered by a street-based facial-recognition camera), or automated lawsuit filings, or weaponised AI-driven adversarial political research and online media campaign activities in the 2020 election cycle? Drug lords, business empires, white nationalists, whatevvah.
Because that day's very nearly on us if not already here.
#data #surveillance #surveillanceCapitalism #privacy #panopticon #NotJustFacebook #dust #identity #identification
#SurveillanceCapitalism #Google #GDPR