“We have to remember that, you know, we’d had— we had had terrorists living in this country for a number of months and we didn’t know about it. What else didn’t we know? And so there was a great deal of concern about the fact that— that we not only could not connect the dots, we could not collect the dots.” – ALBERTO GONZALES, White House Counsel, 2001-05
“Look, let me give you the existential complaint of the American intelligence community, OK? Here’s how it works, living inside America’s liberal democracy, of which, by the way, the Intel guys are really a part, OK? American political elites feel very empowered to criticize the American intelligence community for not doing enough when they feel in danger. And as soon as we’ve made them feel safe again, they feel equally empowered to complain that we’re doing too much.” – MICHAEL HAYDEN, NSA Director, 1999-05
— VIA —
Is it possible to have 100% security and 100% privacy? What are we willing to give up? What are we hoping to gain? What is really the goal, and how shall those goals be achieved? Who do we ultimately trust? Is there anything we can — or ought — to do anyway about it all?
This is perhaps one of the most poignant examples of an unresolved tension that will continue to challenge and sway us, especially as a variety of current events contextualizes our dilemma. It is Michael Hayden’s quote above that is perhaps the most illuminating to this reality. Thus, I would opine that anyone with absolute certainty, or crystal clarity on what is right would have violated the most fundamental principle of life’s tensions, to never reach resolution. For both national security and the privacy rights dictated by the Constitution are both at stake. And when they both vie for our affections at the cost of each other, we must recognize and fully accept that the entire enterprise of freedom is fundamental an exercise in sacrifice. The question is what, how much, and in what order do we sacrifice?
Podcast: How to Protect Yourself (and Your Data) Online
By now we all know our personal data is at risk online. It can be stolen by hackers, scooped up by the government, and stockpiled by companies like Google and Facebook. But could you live without the Internet? Imagine losing the convenience of online shopping, navigating roads with only a paper map, or having to crack open an encyclopedia to answer a question.
So what do we do? How do you draw the line between privacy and security? Does privacy even matter if you have nothing to hide? Is there a practical way to unplug?
I’m Sarah Childress, and today, for our latest FRONTLINE roundtable, we’ve asked two privacy experts to help answer these questions.
Joining me today is Julia Angwin, journalist and author of Dragnet Nation. She spent an entire year trying to disconnect. Welcome Julia.
ANGWIN: Great to be here.
FRONTLINE: We also have Hanni Fakhoury, a senior attorney at the Electronic Frontier Foundation who’s worked on some tough cases on tracking and surveillance. Hi Hanni.
FAKHOURY: Thank you for having me.
FRONTLINE: So Julia I want to start with you. What is the average person’s digital trail? How much data is out there?
ANGWIN: Well there’s a lot of data out there about all of us. I tried to find my trail and I was shocked at how vast it was. I identified more than 200 data brokers that had my name and address and personal details for sale. I found all my web searches stored on Google servers dating back to 2006. Everyone I’d ever friended or declined their friend request of on Facebook — all of it was stored in all these different servers. And that was just the tip of the iceberg.
There’s so much data out there about me that I’ll never get to see, the companies that follow you around online and track your movements, and show you those ads that follow you around. The people who are watching the data that comes out of my cellphone without my knowledge. So there’s just a vast digital trail that’s almost impossible for people to control unless they don’t use these devices. But that’s very few people.
FRONTLINE: And Hanni, who is gathering all this information that’s out there?
FAKHOURY: Well there are a number of different, I don’t know if you want to call them groups or entities, that are collecting them. There’s obviously private industry and private companies that make money off of your data — data brokers. And they have mysterious-sounding names like Acxiom, and companies like Experian that do your credit checks. There’s also more well-known companies like Facebook and Google and Twitter, and they’re collecting information about you in order to sell you ads, to cater their services to you, which is really just another way to sell you ads.
And then of course, lurking on top of all of this is the government in a very abstract way, in the sense that both at the state and local level type of law enforcement — your police departments and sheriffs’ offices — as well at the federal level at both the FBI and of course the NSA, are taking advantage of this data explosion and seeking to use this data about you in order to solve crime, investigate national security threats, analyze where crime is going to potentially occur in the future.
There’s even been some discussion of trying to predict who will commit a crime before a crime has been committed. And so you have a confluence of the government and the private sector sharing and taking this data to sell you ads and keep us safe, in a sense.
FRONTLINE: So is there a difference between what the government knows and what companies know?
FAKHOURY: You know that’s a hard question to answer. In a sense that anything a company knows about you the government can find out about you as well, and in a sense they’re partners in that way.
In the NSA scandal, if you will, there’s been much discussion about how the NSA has attempted to get not only information directly from some of the companies by directly accessing servers and the lines that are carrying our communications, but also just submitting requests for all of a person’s telephone metadata for example over an extended period of time. And the companies are just turning that information wholesale over to the government under these requests by the government for that information.
ANGWIN: One thing I think is really telling about the government and company cooperation is if you look at voting records. So if you want to register to vote, which is your duty as a citizen of our democracy, you go to your state and give them some information about yourself — usually your name, address, sometimes your birthdate, oftentimes your party affiliation and a few other details.
Most states sell those lists to commercial data brokers, and then those data brokers buy extra data about you and enhance that, and then often times they sell it right back to the government. So law enforcement might buy those files. Many of the files I looked at about myself from data brokers are ones law enforcement uses all the time, routinely, in investigations. And even some lawmakers buy that data for their campaign targeting. They want to send the right marketing message to different constituents.
So you see it’s a really symbiotic cycle. Both parties benefit from it. And the thing that was so amazing about the Snowden revelations was it was even more symbiotic than we thought. The idea that the NSA was going to such lengths. I mean we sort of knew they might show up at the front door of Google with a court order secretly saying, “Get me the communications of this one particular bad guy.”
But we didn’t know that they were jumping on the traffic, for instance one of the documents showed how they were trying to break into the traffic between Google data centers. Or that they were jumping on the traffic and intercepting the traffic that allows those ads that target you online to follow you around. So even the most innocuous data out there, they’re scooping up.
FRONTLINE: What’s the harm? If you have nothing to hide, does it matter if law enforcement is sharing all of this data if it means you get better product recommendations on Amazon? Does it matter if ad companies are tracking you online?
FAKHOURY: I think the answer to that question is, everyone has something to hide. When you meet someone for the first time you don’t ask them for their social security number and their home address and their sexual orientation or preferences, because there’s some pieces of information that we should want to keep to ourselves, or only disclose to certain people in certain instances after we feel comfortable with that person, or confident they’re going to keep something sensitive about us close to their chest and they’re not going to reveal it to anybody.
I think the second thing is that, I understand oftentimes there are tradeoffs to be made in terms of surrendering a little bit of that autonomy and giving over some of the information about yourself in order to receive some sort of service or benefit or convenience. And I don’t think there’s necessarily anything wrong with that in the abstract.
The problem becomes when people don’t realize there’s a tradeoff for the benefit that they’re getting. When you sign up for a Gmail email account through Google, you are allowing them to scan your email so they can serve you advertisements, and some people may feel that tradeoff is worth it and other people feel that tradeoff is not worth it and they don’t use the service.
But the key important fact to remember is there has to be a clear ability for the person to decide whether to use the service or not. They have to be totally aware that that’s what’s happening. And there should also be alternatives in our market place so people can chose to use an email service that doesn’t scan your emails and they don’t have to necessarily pay for it. Or they would have to pay a smaller cost for it. And I think that’s where the real problem is: that we don’t necessarily have great alternatives to some of these wonderful free services, and some of these wonderful free services are not really detailing what they’re doing.
FRONTLINE: Julia what do you think?
ANGWIN: I think what you should know is that information is power. People who have information about you have power over you. This is definitely just true in life, right?
If you’re going on to a car dealership lot you don’t want the guy to know your income and what models you’ve been looking at, and what other deals you been offered at other dealerships. So we have a basic understanding that there’s certain information we want to keep close to the chest at certain points of our life and other times we don’t.
But our ability to do that is really curtailed these days. In fact one of the stories that my team wrote at The Wall Street Journal was exactly about this issue, at a car dealership. They had learned to scrape the web browsing history of people who were making appointments to come to their lot. And so they already knew what car you were looking for, and they could add on information from data brokers about your income, etc.
So our ability to negotiate everything in life could be affected by this. We could get worse deals on cars, and we could get targeted at a store where they think we’re not going to be a good customer and they don’t treat us well, or we can have the government make a mistake and look at our data and think we’re a threat just because of some browsing pattern we’ve been having.
So the thing is, the harms are real. Ted Kennedy was put on the no-fly list briefly before they realized that was a mistake. So bad data can lead to bad outcomes. You could not get a loan or not get a job.
FRONTLINE: How much do we have a say in what’s collected about us from a legal point of view? Hanni?
FAKHOURY: Well that’s a tricky issue because there’s a very complicated regulatory scheme that’s supposed to govern some of these things. But I mean at its most simplest core, you’re kind of stuck with whatever you agree with. So when you sign up for a service and there’s that huge block of text that says “OK, in exchange for using this service for free we reserve the right to scan your email to sell you advertisements, we will turn over information” —which nobody reads, right?
What those big long legal disclaimers oftentimes will do will give up your ability to really raise any legal challenges in two ways. One- they’ll oftentimes basically say that by clicking and agreeing to use this services you’re agreeing to data collection that we’re engaging in without you really fully contemplating it, and B- if you decide you’re mad about this and you want to sue us, you’re going to have limited remedies, you’re going to have to go through arbitration instead of bringing a lawsuit, and your lawsuit can only be brought in a certain jurisdiction, or in a certain district etc. And there have been some attempts to restrict what these companies can do, but they are kind of hit-and-miss to a certain extent.
Under federal law there are laws that basically say that companies can resell certain forms of data or share other forms of data with other companies to make money, etc. as long as they make the data anonymized. Meaning they can’t turn over “Julia looked at this web browsing history.” It could be “this specific user, who we won’t tell you who that person is, had this specific web browsing history.” The problem with that is that there have been a lot of studies that show anonymizing this information isn’t really a great safeguard, because it’s pretty easy to figure out who that specific person is with just a few data sets.
FRONTLINE: So you’re never really anonymous.
FAKHOURY: Exactly. The idea is that a person’s online behavior is so unique to them specifically, it’s pretty easy to figure out who that particular person is.
FRONTLINE: Have there been cases where people have been harmed by this kind of data collection? I’m just going back to asking what the harm is. Are there cases where this has been abused?
ANGWIN: Even the most innocuous data for instance, the ads that follow you around: even I, as a person who really cares about privacy, don’t feel that horrified about the ads that follow me around, because usually it’s just a pair of shoes and you know, who cares? But in my book, I tell the story of a woman who was checking her Facebook page at work, and one of her colleagues leaned over and looked at her screen and said, “Why is every ad on your page for gay and lesbian things?” and then it dawned on him that she had a particular sexual orientation which she hadn’t shared with her colleagues.
So just that amount of targeting was an inadvertent disclosure that outed her to her colleagues. So it’s just one of these things where it seems really innocuous, and in many cases it may well be, but there are moments where you don’t want that data to be shared out of your control, and it can happen. And obviously even more egregiously, people have definitely lost jobs and not gotten credit and various things because of data about them. And that’s been true for a long time. The thing that’s different now, is so much more data is available.
FRONTLINE: So let’s talk about what the average person can do to protect their privacy. Julia I know you tried to do this for about a year. How difficult was it to opt out?
ANGWIN: It was pretty difficult. I spent a year doing things that probably most people would consider too much of a hassle, and at the end of it I felt like I had been probably only about 50 percent successful. But I’ll tell you the things that worked and the things that didn’t.
So things that worked were I was basically able to protect my web browsing by adding a bunch of technology that would block a lot of the online ad tracking. I was able to have anonymous web searches by switching from Google, which keeps a record of everything you search either by IP address or by your login if you have a Google login. I switched to Duck Duck Go, which is a privacy protecting search engine so it doesn’t store any data, doesn’t have any history of my searches and doesn’t know who I am or where I am.
I quit LinkedIn. I unfriended everyone on Facebook so I didn’t have a list out there of all the people I associate with. And I got better passwords and sort of basic security so hackers wouldn’t get me, and I put little stickers over my camera so no one could take over by remote-control my camera and film me. And so I think most of those things were pretty successful. That was the low-hanging fruit of privacy.
But what was really hard was my cellphone. It’s the perfect tracking device. I carry it around everywhere, I have no ability to modify it without breaking the terms of service basically to prevent it from sending data I don’t want it to send. I turned off location, I turned off Wi-Fi, I cut back on my apps, blah blah blah. But eventually I realized that really the only way to ensure that it wasn’t transmitting when I didn’t want it to was to block the signal physically.
So I basically wrapped it in tinfoil for a day. This guy who was an ex-CIA guy, I’d been telling him I was going to buy a special bag to put my phone in to block the signal and he was like “Oh you don’t need to do that, just wrap it in foil it works fine.” So I thought, “OK, I’ll try it.” So I did, I wrapped it in foil, and it blocked the signal. I tested it, I called it, it didn’t ring, nothing happened, it was just sitting in front of me looking like a crushed sandwich. But it was so terribly depressing the whole day to be carrying around a phone—
FRONTLINE: — That doesn’t work.
ANGWIN: –wrapped in foil. In meetings sort of unwrapping it to check my phone. So I did buy eventually the bag that I keep it in that’s called a Faraday case that blocks the signal. It’s basically a metal-lined bag.
FRONTLINE: So Hanni what do you do? Have you tried any of these methods? Do you keep your phone in tin foil?
FAKHOURY: I do not keep my phone in tin foil, mostly because of the incessant work emails that come through and have to be responded to in an orderly fashion. But what I do do is, as a lawyer — I have some unique perspective on this, because as a lawyer I have to be careful what I say over email to potential clients, and I try to preserve privilege — so basically, what I tell clients is, do not email me at all ever. You can email me, “Hey, can we talk? When’s a good time to talk?” And then I will call them or schedule a time to meet with them in person, but I do not communicate over email with clients, and I minimize that as much as possible.
I’m very conscientious of what I say online and what I post online, both in a professional and a personal capacity. So I have a Twitter account and I use it for work purposes. I never post pictures of personal stuff, nor do I tweet about personal stuff. I only use it for work purposes. I’m also pretty conscientious of what I say and try not to say anything stupid and try not to say anything that’s going to get me in trouble at work, or offensive or rude to anybody. So I try to take a common sense approach to that.
But ultimately I’m a sophisticated user, and even I’m not doing the sorts of things Julia was talking about. There are a lot of people who don’t realize what they’re doing or haven’t taken steps to control their privacy at all. What’s interesting is Julia was talking about cellphones, and Consumer Reports just two or three weeks ago issued a report that the majority of smart phone users in this country have no security on their phone at all. So you know how when you have your cellphone you have to put in a four-digit password to get into the phone?
FAKHOURY: Consumer Reports found that I think about 33 or 34 percent of all Americans with a smart phone that they surveyed did not have a four-digit pin set up. And it was only a small sliver of people who had installed antivirus software, had installed a kill switch on their phone — had done something more aggressive than just install a four-digit pin. And I think that’s where we need to start thinking about how we can encourage people to really take privacy into their own hands.
And so I think we have to start encouraging the technology companies and the innovators to come up with user-friendly ways to allow people to keep their communications private in ways that aren’t onerous and a big burden, and don’t involve tinfoil and Faraday bags and 60-digit passwords. There has to be an easier way to do those sorts of things.
FRONTLINE: Julia, one of the things you talk about in your book is wrestling with what you’re trying to protect against. As an average person, what am I locking my phone for? Why do I need to make sure people aren’t reading my emails? What’s the level of concern? What do we need to be concerned about?
ANGWIN: Well I think everybody needs to be concerned about criminals. And the truth is criminals are using all the same techniques to get into your information that the government and these companies are. And in some ways there’s just a land grab going on for personal data, and criminal elements are in there just as much.
One reason you should have a password is if you lose your phone, at least now that person can’t get into your data and start sending emails to your friends saying “Wire me a hundred dollars I’m stuck in a prison somewhere, blah blah blah.” And that’s the same reason you don’t want them in your Facebook account. And we’ve all seen these scams and they’re only going to continue to get better. And these scams often play on gaining some information from you about your social network in order to infiltrate that network and extract value from it.
FRONTLINE: So are there three sort of concrete things — someone finally says you know I should actually do something about this — what are three things that anyone could do to start protecting their privacy?
ANGWIN: So I would say the three things that are really easy — they’re not something everyone would want to do — but I would say one of the easiest things I did was switching from Google search to DuckDuckGo search. And this is no slam on Google, they provide great search results, I just didn’t want that search history stored for years and done with whatever, whether the government wants it or whether they want to analyze it — I wanted it not in their hands.
Another thing that was a very successful strategy, a little bit controversial, but compartmentalizing your life. Basically you don’t have to have the same accounts for everything, and in fact I recommend having basically fake identities. So I have an email address with a different name that I use just for all those random websites that want you to log in. They don’t need to know everything about you. So come up with a different account that logs into those. And for my kids, I don’t want them to have a digital trail, but they want to be online, and I’m in a very tech-saturated household, so they have fake names they use online. So I basically recommend fake identities. And it sounds kind of illegal, but it’s not illegal if you’re not using it for fraud, or any criminal intent. If you’re just using it because you want to have a name on some network, go for it. Kids should have, in my opinion, Facebook accounts under other names.
And the other thing you should do is just try to lock down your web browsing a little bit. Everyone should use the EFF Https Everywhere extension. You can add it to any browser and it basically just makes sure that your Internet browsing sessions are encrypted. Which protects you from criminal hackers and the NSA, so it’s good for both. And I like to block the ad-tracking technology — these invisible tracking companies that are on most websites that follow you around, collect data on your browsing habits. That’s also fairly easy to prevent with various add-ons such as Disconnect or Ghostery, and EFF just launched one called Privacy Badger. So there are a bunch of those out there that are pretty easy to use and they don’t affect your day-to-day life that much.
FRONTLINE: Hanni, what do you think?
FAKHOURY: Well I agree with all of those — especially the use of the EFF software. But a couple of other things I would add is users have to be aware of what’s going on. I know reading that fine print — I’m a lawyer, and reading that fine print is kind of tedious. But the common user has to at least try to grasp and see “I’m singing up for this service what am I getting myself into?”
I think the second important thing is users have to obviously use some common sense and be conscientious and assume — maybe not assume but recognize — that right now there is a growing explosion in all this data that is being generated and there is access to companies, there is access to the government down the road. And so to be careful and conscientious about what they decide they want to post or say online, or do online and think about, like Julia was suggesting, compartmentalizing some of those tasks so it’s a little bit harder to piece everything together with every person.
And ultimately I think the third thing is people have to care, and I think people have to demand that their privacy and their security be respected. That means both reigning in government surveillance, that means opting out of services if they feel a company is not respecting their privacy, and holding companies accountable to their promises of privacy and security.
ANGWIN: One thing that has been happening, and I’m guilty of this too, is in the last 10 years we’ve seen this incredible explosion in Internet services, and it’s such heady times. And I was very unquestioning for many years too about all this technology. I loved it, I sort of just received it, and I was like, “Wow, now I can make phone calls from anywhere, this is incredible.” I think we’re just collectively waking up to the fact that they’re not free, these services, many of them, they come with a cost.
FRONTLINE: So what’s the endgame here? Julia you talked about sort of being in the honeymoon period of information sharing. So what lies ahead? And I’d love to hear from both of you on this. Where are we going to be in five or 10 years when it comes to privacy, when it comes to surveillance?
ANGWIN: You know I’m really worried about where we’re going to be in five or ten years actually. I think people are going to start to care more about privacy when their neighbors are surveilling them. It isn’t quite yet affordable for our neighbors to be flying drones over our backyards, or using technology to intercept our emails — although all of that stuff is possible, and will happen. We’re all going to have iPhones that we can hold up and do facial recognition on the people we walk by on the street. And I actually think this may be the moment when we will start to care about privacy, because that threat will seem so real and in front of us.
But I’m really worried about that world, I think it’s going to change something even more fundamental than all the sort of theoretical rights we’ve been talking about. Or even when I’m talking about losing money on a car purchase. There’s something just about the public space that we all occupy together being kind of a surveillance war zone, and who has the best technology, and who’s recording who. It all starts to feel like we’re just in constant litigation with each other. And I just don’t want my kids to grow up in a world like that.
FRONTLINE: Is it going to be too late by then to make the changes that you were talking about?
ANGWIN: Well I always say it’s never too late — this is my motto. You know it took a long time for cars to get seatbelts installed. I think we will also come to moment where we want to confront the underbelly of our information society, and reign it in a little bit. What I am worried about is we’re going to get to a point where the technology is so small and so invisible. The cameras are going to get so small we’re not going to see them anymore. Then I think it just becomes part of the infrastructure, and it’s a little harder to fight against.
Similarly, our ability to watch the watchers, the way that I can look at the traffic that leaves my computer and see where it’s flowing, and that allows me to know actually where my data is going, that is curtailed for instance in the mobile world. I can’t see that as well. So our ability to surveil the surveillers is going to get clamped down as the technology evolves. We’re going to have less power to audit and see how we’re being watched if we don’t come up with some sort of legal mechanism now.
FRONTLINE: Hanni what do you think? What do you see?
FAKHOURY: I think Julia is exactly right. The technology is advancing and developing and part of the problem is it’s advancing and developing much faster than the law can keep up with it. Right now the law is trying to address the problems of the technology as it existed a few years ago, while new technologies are being deployed very quickly. We’re going to see the technology continue to develop, but my hope is that we’ll see the law develop a little bit faster.
We get a lot of calls from lawmakers at the state level who are looking to be more aggressive and put privacy protections for their citizens.
I think people are sufficiently outraged with the NSA situation, for example, that there are a number of bills in front of Congress right now to reign in some of the abuses of the NSA surveillance scandal. And the fact that there is actual legislation out there that would restrict some of these data collection practices is an encouraging sign that there’s recognition by Congress that the American public is very upset about the breadth of the NSA surveillance.
And I think we’re starting to see a similar approach with other forms of surveillance. There’s been a lot of talk about allowing consumers the ability to erase prior data that they’ve put on, for a consumer to get access to information that companies have about you. You’re allowed to get a credit report every year for free, something similar where you can make a request to the company say “What information do you have on me? Share it with me once a year so I can see what’s going on.”
Those sorts of approaches are unique and new and they’re going to be challenged, and there’s gong to be good proposals and bad proposals. But the fact that we’re having those conversations, that there’s legislation picking up across the country is an encouraging sign that we are moving forward and trying to keep people’s information private and protect the details of their lives better than we had in the past.
FRONTLINE: Well I think we’re pretty much out of time. Thank you so much to both of you for being here today. I really appreciate it.
For our listeners, you can visit pbs.org/frontline for more on privacy, surveillance, and the Snowden revelations. And check out United States of Secrets, a two-part investigation into the American surveillance state. You can watch part one, a history of the NSA’s program online anytime, part two on the relationship between the NSA and Silicon Valley premieres on-air and online Tuesday, May 20.
For FRONTLINE, I’m Sarah Childress.