The transparent user

Cache me
if you can

What's the big deal if Facebook knows our age and relationship status? "I don't really have anything to hide anyway" is the response of many people who dismiss the issue of data protection. Ben sees it differently. The software developer knows that age and relationship status are merely the tip of the iceberg. In this interview, Ben explains what is happening beneath the surface of the ocean of data called the "internet," what else Facebook & Co. know about us, and how Ben protects his privacy.

Ben, what's happening beneath the surface of the ocean of data called the "internet"?

I recently did a self-test to figure that out. I wanted to carefully examine the extent to which data about me is collected and passed along without my noticing it. For this purpose, I have analyzed all data movements that take place while surfing the net. Those related to Facebook, Netflix, Google and many others. After visiting only three websites, all the data generated by me was transferred to 141 third-party servers. After 15 minutes, it was already 505 servers. With this data, all 505 of these servers are in a position to create an individual profile of me and to continue processing it.

505

connections to external servers had been established after 15 minutes, mainly to tracking and advertisement services

What do Facebook, Google and other portals know about us, and most importantly: from what sources?

With our consent, Google records, for example, an exact location history of our smart phone. This is why Google probably knows better than we do how long it takes us to get home from work, for example, or when we last went to the dentist. With our permission, Alexa and Siri listen in on our conversations. With our OK we authorize all kinds of transfers; watching habits from our smart TV, the heartbeat from our running app, the sleep profile from our sleep app. Our car notifies the manufacturer, among others, about when we drive fast or hit the brakes hard. The popular dating app Grindr knows exactly who is gay or lesbian and also what your HIV status is if you have registered and entered the relevant data. "Privacy is old school," as Facebook CEO Mark Zuckerberg has said. The list could go on and on. With every data privacy statement that we agree to, internet services collect data about our digital life. The good news is that more and more online services now offer comprehensive privacy settings that allow us to turn off the above-mentioned loggings or limit them to meet our needs. This even includes Google and Facebook.

different kinds of personal data about you is stored by Facebook, according to netzpolitik.org. Among them the size of your flat in m², the age of your car, and how many loans you've taken out.

What do these portals do with our private information?

They create precise digital profiles of us in order to "improve" the quality of their service. The more Google knows about our interests, for instance, the more effectively the search machine can find tailored results for us on the internet, or show us advertisements that fit our interests or life situation. Everyone is probably familiar with the banner showing the exact shoes they just looked at three days earlier on a completely different device. We also must not forget that many services that are offered for free online are financed by the revenue that they receive from banner ads. Among these you'll also find many independent newspapers that provide valuable journalism. These are a bedrock of our democracy, yet they probably couldn't survive without this revenue. This also holds true for other free online offers, such as weather reports.

The problem with all this, however, is that our private data doesn't necessarily end up in reliable hands. An investigation by the independent Norwegian research organization SINTEF found that the dating service Grindr, for example, has sold the HIV status of its members to third-parties. In the recent Facebook data scandal, 87 million profile records found their way into the hands of the company Cambridge Analytica, which is said to have used this data to sway the election in favor of Donald Trump. I also wouldn't want to imagine what hackers could get up to with my down-to-the minute movement profile should they get hold of this data. And of course, the more they know about us, businesses could come to decisions that are to their benefit and our disadvantage. Insurance companies, for example, could use our HIV status or sporting behavior to decide whether to insure us or not, or at what rate. If we willingly disclose this information, this would be, without question, a completely legitimate practice. Knowledge is power. Not everyone uses this power to our advantage, however - we should be aware of this. For example, when we purchase a vacuum robot or search for strategies online against burnout.

Must we withdraw into the forest and put an end to our digital life if we want to protect our privacy?

I don't think so. What need is more awareness in our interactions with media. In 1983 we fought back against being subject to a census by filing a lawsuit before the constitutional court. Today we will willingly let our cell phones be traced around the clock and entrust our digital life and much of our private information to all kinds of online services. In those days, the constitutional court had ruled that privacy protection was part of our basic rights to dignity as human beings. The "Post Privacy Movement" predicts nowadays that as a result of our increasing connectivity, we must give up any claims to privacy.

Whether or not we let it reach this point also depends on each and every one of us. We must ask ourselves: How important is our privacy and human dignity? Because there are many things we can do to protect our privacy without foregoing the use of convenient and beloved online services. For this purpose, I have personally made simple changes to some habits I have when dealing with apps and surfing the internet.

How can we protect our privacy?

With its new General Data Protection Regulation, the EU has laid a significant foundation for improvements in how our data is protected. Yet effective protection is something that only we ourselves can provide. I pay attention to a few simple things. Here are some examples:

1The weather report

Let's say you're looking up the weather in Hamburg three days from now. It can just so happen that your travel plans end up in your digital footprint, to which countless servers have access. Many apps, especially the free ones, collect lots of data about us, then in turn sell it so that they can finance themselves with the earnings. Among these you'll also find weather apps. Unlike a weather website, the phone's system enables a weather app to have far more access rights to it and the private information that it contains. That's why when using apps especially, I pay particular attention to which access rights I grant them. Or I look for similar online alternatives that are easier for me to limit. Because while using a website, you can make sure that your search takes place anonymously. The article Dive into the Darknet explains how this can be done.

2Cautious Wi-Fi use

For security reasons, everyone should enjoy public hotspots with caution, as they are often unencrypted and hackers can easily exploit them. Deutsche Telekom's hotspots, in contrast, offer a secure connection, as they establish what is known as "VPN" connections. These are encrypted and anonymized. For privacy protection reasons, it is generally advisable not to keep the WiFi permanently activated, as this will enable you to prevent a potential recording of your movement profile. Such a profile can be generated when the Wi-Fi connection has been activated. That's why I pay particular attention to when I turn on my cell phone's Wi-Fi function and when I don't.

3Search with an invisibility cloak

Online searches are a tricky subject when it comes to privacy protection. This is because everything I search for discloses very personal information that can be stored in my digital footprint and analyzed. Fortunately, there's a search engine explicitly dedicated to privacy protection: Startpage.com. It utilizes the Google search results. But in contrast to Google, Startpage.com doesn't store any personal information or search terms, doesn't set any tracking cookies, involves no third-party supplier code and only collects the data it uses for internal statistics in a completely anonymous way.