Table of contents
- Chapter 1: Introduction
- Overall context
- Safety vs Security
- The right to privacy and security
- Why online security and privacy are relevant for 2021 / Reflection on digital revolution post-pandemic
- Why we should pay attention to online security
- Chapter 2: Privacy Awareness
- “I have nothing to hide” argument and other excuses
- The risks of internet privacy
- When online surveillance and profiling exploit our democracy
- Chapter 3: Tips for online privacy and security
- Privacy tips
- Surveillance tips
- Chapter 4: Collection of resources for activists and organisations
- Good habits
- List of various resources, guides, tools
- Appendices
- Appendix 1 – A GDPR mini overview. Learn the law, use the law
The risks of internet privacy
Privacy counts as one of the fundamental human rights: over 130 countries in the world mention it in their constitutions. It is present in the Universal Declaration of Human Rights from UN 1948, article 12, and in the European Convention on Human Rights of 1950, article 8 (the right to respect for family and private life – an important element of this is the right to protection of personal data). While this can be inferred from the general right to privacy, some international and regional laws also set out a more specific right to protection of personal data. Over 100 countries now have some form of data protection law; in the EU, efforts to comply with privacy and security resulted in the General Data Protection Regulation (GDPR).
The big risks we face everyday online are strictly connected to the capitalist economic model we live in. Many scholars are now talking about these years as the era of the digital surveillance economy. At the heart of this is a new form of business model that is predicated on the acquisition and consolidation of very large volumes of personal data, and its exploitation to target advertisements, manipulate consumer behaviour, and price goods and services at the highest level that each individual is willing to bear. In the words of the model’s architects, users are ‘bribed’ and ‘induced’ to make their data available at minimal cost to marketers. The digital surveillance economy harbours serious threats to the interests of individuals, societies and political systems.
Some key concepts we need to keep in mind when we consider this issue are:
- Data acquisition and exploitation. Data does not naturally exist; it rather emerges from a process of abstraction. We call “datafication” the process of transformation of social action into online, quantified data, allowing for real time tracking and analysis. Datafication combines two main processes: the transformation of human life into data through processes of quantification; and the generation of different kinds of value from data.
- Tracking. When you visit a website, tiny tracking files watch what you do online, and develop a profile of your behaviour. Often, a tracking company sells this information directly to advertisers. Advertisers buy ad space from websites at auctions. Some sell your data on an exchange which can combine it with other sources of personal data to be sold to advertisers looking for consumers like you.
- Surveillance. Internet surveillance is the monitoring of online behavior, activities, or other changing information. It mostly refers to the observation of individuals or groups by governmental organizations. Thanks to new technologies like biometric softwares, governments now possess an unprecedented ability to monitor the activities of their subjects.
Within the realm of these systemic risks we can classify the various threats people face online:
- Targeted against an individual: doxxing, spouseware, spear phishing, trolling…
- Targeted against a state or an organisation: data breaches, DDoS, cyberespionage, disinformation campaigns…
- Untargeted: ransomware, cryptojacking, identity theft…