Metadata Collection: At Least We’re Never Alone

Security advocates argue that we shouldn’t expect total privacy — but should rather trade a limited amount of privacy for the benefit of knowing we are safe from threats of crime, such as terrorism. I agree — to an extent. While preventing risk through data collection can be beneficial, there must be restrictions on the extent to which this breach of privacy is allowed to occur. Solove explains that the debate between security and privacy isn’t black and white, but grey — and that proper checks and balances could assure that a justified breach of privacy does not extend past certain boundaries. He writes, “Instead, we should ask: ‘Do you want the government to engage in surveillance without a warrant or probable cause?’”[¹] The question isn’t whether to relinquish security for privacy, or vice-versa — the answer lies in where the boundaries are placed.

There is an importance of sacrificing some privacy for the betterment of society. The fallacy between having nothing to hide and allowing encroachments of privacy is the wrong way to look at the current situation that we find ourselves in. Rather, we must adapt a system of checks and balances to ensure that surveillance doesn’t extend beyond the reasonable boundaries of the law.

As we travel about in our daily lives, I’m sure we see a few security cameras here and there. It seems that we’re being watched, right? Say I take a stroll to the convenience store around the corner…

There may have been a police helicopter or drone in the sky, unknowingly recording my movements as I go about my day — and there are likely real-time satellites recording movement continuously. I’ve lost the source, but I once read a story in which the army was using satellites to track soldier movements on the ground. A soldier was speaking with dispatch who was controlling the satellites, and told them that he doubted the accuracy of the satellites. The satellite controller replied, and asked the soldier to lay out a number of coins on the ground — the soldier did, and the dispatch replied with an exactly correct count of the amount of money on the ground. Mind you, this took place long before the turn of the millennium. If governments had that amount of power back then, imagine what they must have now.

In similar fashion, metadata being collected over the internet is being used to track movement on the web. I’ve written several posts regarding the fact that the government collects metadata on phone calls, internet communication, and nearly everything that uses technology. This is a more serious concern in regards to our everyday lives — there isn’t much that you or I can do to stop this unauthorized collection of metadata. Whether it’s discussing meet up times with my friends, or simply browsing the internet at home — I’m sure that metadata was being collected and stored somewhere. As Henschke puts it, “Metadata ought to be treated with care, and only be accessed by specific government agencies for serious reasons.”[²] I agree with Henschke that consent or probable cause is key in allowing the collection of metadata. One of the first things we discussed in my academic career was informed consent, and this approach should be taken more often than it currently is. 

We’re never really alone, save a few select people who live out in the boonies with no technology. For this reason, I decided to write a few days in a “privacy journal” — here, I have made note of all of the devices in each room I was in on the selected days. I feel it’s important to elaborate on my iPhone settings — tuned to ensure that privacy is controlled as much as possible — which is difficult to do on a big-box company’s device. My microphone and camera are turned off for all apps, and I only allow them for certain apps when I feel okay with letting go of my privacy. I do not use the FAANMG-esque public cloud to store photos or notes, due to the enormous privacy flaws inherent in publicly available cloud systems. To be quite honest, I wish I could throw my phone into the river and never look back — but in a world so rooted with being able to be reached at any time, it is unfortunately essential for me to have one. Don’t misunderstand my words, I understand how fantastic these devices are, but I’d trade it away in a heartbeat to live in a world where only landlines exist. What I wouldn’t do to be a young adult in the seventies…

Looking back at my data over only a few days, I noticed a pattern of browsing in my journal in that I use web browser’s ‘private’ or ‘incognito’ mode when I can, for light browsing, but some websites like Netflix do not allow private/incognito browsing at all. In these cases, I sacrifice privacy for ease-of-use. In fact, I often access school-related portals from a standard browser because I do not care for privacy when accessing school material on the internet. Anytime I browse the clearnet without masking my IP address or activity in some way, I am essentially consenting to being tracked — and I’m okay with that. When I do care for my privacy, I boot TAILS and connect via tor network and browse — this eliminates any worry about being tracked in that moment, other than in the case of controlled exit nodes. Doubt this technology will stay secure for much longer… 

I’ve come to the conclusion that the government has essentially placed a wiretap on the internet. I’ve spoken about this with friends and colleagues briefly, but after doing my own research I’m sure of it. Through the use of deep packet inspection (DPI) via the majority of internet service providers, the government can track every single packet being sent. In fact, I can say with confidence that all but a very few select ISPs are allowing rerouting of packets and DPI through the government x-letter agencies — although I cannot name a source for this. If you’d like a source, feel free to traceroute your personal IP and astonish yourself with the fact that packets are sent across state lines, and sometimes even across country lines.

As our world transforms from one in which the internet is a tool to an ever-connected internet of things, I fear that misuse and surveillance of people will lead to a dystopian society. If nothing is done to limit the boundaries of data collection, it is only a matter of time until privacy is a term of the past. I’ve watched enough Black Mirror episodes to see how this turn of events isn’t good. Call it extrapolating from a work of fiction, and I’ll tell you to give Orwell’s 1984 a quick read. 

I can’t help but wonder, what will the generations that come after me live like? We have the option to sacrifice our privacy for security, which is such a great statement because it means that we still have some semblance of privacy left. Will future generations be forced into a corporate-dominated and government-controlled world, in which they have absolutely no privacy? Only time will tell…