|

Offhand but on record

More and more people are using computers to chat with each other, but there's no such thing as a passing conversation on the Web

by Bruce Schneier

Facebook recently made changes to its service agreement in order to make members’ data more accessible to other computer users. Amuse, Inc. announced last week that hackers stole credit-card information from about 150,000 clients. Hackers broke into the social network Twitter’s system and stole documents.

Your online data is not private. It may seem private, but it’s not. Take e-mail, for example. You might be the only person who knows your e-mail password, but you’re not the only person who can read your e-mail. Your e-mail provider can read it too — along with anyone he gives access to. That can include any backbone provider who happened to route that mail from the sender to you. In addition, if you read your e-mail from work, various people at your company have access to it, too. And, if they have taps at the correct points, so can the police, the U.S. National Security Agency, and any other well-funded national intelligence organization — along with any hackers or criminals sufficiently skilled to break into one of these sites.

Think about your Mixi or Facebook site. You’re the only one with your password, but lots of other people can read your updates and look at your pictures. Your friends can see a lot of information about you — that’s the whole point of these sites — and you don’t really know who they share their information with. A lot of your stuff is public by default, and you probably keep it that way. You might respond to quizzes, and who knows where that data goes or who can see it. Workers at Mixi and Facebook can see everything, of course. They also grant access to portions of your data to third parties who want to sell their products to you.

You could set every privacy setting on your Mixi or Facebook site to maximum, but few of us do that — most of us don’t even know how. You could encrypt your e-mail, but almost no one does that — and, anyway, that doesn’t work with Webmail very easily. Maintaining your privacy is hard, even if you’re an expert.

Cloud computing exacerbates this problem. If your company uses software- as-a-service providers such as Salesforce.com, contact management or MessageLabs e-mail filtering, those companies have access to your data. If you use Google Docs, Google has access to your data. But even if you leave your data in your computer at home, you have to worry about your family or roommates, burglars, police with warrants and Internet hackers and other criminals as well.

It’s not just your online data that is at risk. It’s your cell phone data — both the phone numbers you call and who call you, and the SMS messages you send and receive. It’s your buying history, sitting in some credit card company’s database. It’s your medical records. It’s the itemized list of everything you buy when you use a card that identifies you.

These risks are new. Twenty years ago, if someone wanted to look through your correspondence, they had to break into your house. Now, they can just break into your ISP. Ten years ago, your voicemail was on an answering machine in your office; now it’s on a computer owned by a telephone company. Your financial accounts are on remote Web sites protected only by passwords; your credit history is collected, stored and sold by companies whose names you probably don’t even know. Your digital data is no longer under your control.

And more data is being generated. Lists of everything you buy, and everything you look at but choose not to buy, are stored by online merchants both in Japan and abroad. A record of everything you browse can be stored by your ISP if they choose to. What were cash transactions are now credit card transactions. What used to be a face-to- face chat is now an e-mail, instant message, or SMS conversation — or maybe a conversation within Mixi or Facebook.

Think of the number of people and companies that can know your location. Your cell phone knows where you are. Your air-travel history is stored in various airline databases, and unless you buy your tickets anonymously, your rail travel history is stored in JR’s and other databases. Even your credit card company can reconstruct your whereabouts from your purchases.

All these systems are ostensibly private and secure, but many people have legitimate access and even more — such as hackers and criminals — can get illegitimate access. Japan’s Personal Information Protection Act provides only some protections and may not apply if the computers that store your information are located in some other country.

Anonymity doesn’t help much. Mixi might not know your real name and address, but there are many ways to link your identity to your account. Maybe your e-mail address identifies you or your ISP knows who you are. Your cell phone identifies you and your computer might, too. Use a credit card from your account and that identifies you. True anonymity is very difficult; we regularly identify ourselves online even if we think we do not.

The lesson in all of this is that little we do is ephemeral anymore. We leave electronic audit trails everywhere we go, with everything we do. This won’t change: We can’t turn back technology. But as technology makes our conversations less ephemeral, we need laws to step in and safeguard our privacy. We need comprehensive data privacy laws, protecting our data and communications regardless of where it is stored or how it is processed. We need laws forcing companies to keep it private and delete it as soon as it is no longer needed, and laws giving us the right to delete our data from third-party sites. And we need international cooperation to ensure that companies cannot flaunt data privacy laws simply by moving themselves offshore.

Laws can only go so far, though. Law or no law, when something is made public, it’s too late. And many of us like having complete records of all our e-mail at our fingertips; it’s like our offline memory.

In the end, this is a cultural issue.

The Internet is creating the greatest generation gap since rock ‘n’ roll. We’re now witnessing one aspect of that generation gap: The younger generation chats digitally, and the older generation treats those chats as written correspondence. Until our CEOs blog, our Diet members all Twitter, and our world leaders send each other LOLcats — until we have a national election where all the candidates have a complete history on social networking sites from before they were teenagers — we aren’t fully an information age society.

When everyone leaves a public digital trail of their personal thoughts since birth, no one will think twice about it being there. Some of us might be on the younger side of the generation gap, but the rules we’re operating under were written by the older side. It will take another generation before our privacy laws catch up with the death of the ephemeral conversation. Until then, we’re just going to have to live with this loss of privacy.

Bruce Schneier is a leading computer security specialist and the author of “Secrets and Lies: Digital Security in a Networked World.” Read about him at schneier.com