The Snowden Effect: 750 Million People Have Taken Steps to Avoid Surveillance
from the peak-indifference dept
Compared to the initial flood of astonishing revelations provided by Edward Snowden in the summer of 2013, things have gone relatively quiet on the NSA/GCHQ leaks front. So an interesting question is: what impact have all these had on ordinary people? That’s one of the areas that the CIGI-Ipsos Global Survey on Internet Security and Trust explored. Here’s what it found:
Of those aware of Edward Snowden, 39% have taken steps to protect their online privacy and security as a result of his revelations
In a perceptive blog post on the survey, Bruce Schneier notes that the “press is mostly spinning this as evidence that Snowden has not had an effect”:
I disagree with the “Edward Snowden Revelations Not Having Much Impact on Internet Users” headline. He’s having an enormous impact. I ran the actual numbers country by country, combining data on Internet penetration with data from this survey. Multiplying everything out, I calculate that 706 million people have changed their behavior on the Internet because of what the NSA and GCHQ are doing.
In fact, he calculates that there are probably another 46 million in countries not covered by the survey, bringing the total number who have “taken steps” to around 750 million. He goes on:
It’s probably true that most of those people took steps that didn’t make any appreciable difference against an NSA level of surveillance, and probably not even against the even more pervasive corporate variety of surveillance. It’s probably even true that some of those people didn’t take steps at all, and just wish they did or wish they knew what to do. But it is absolutely extraordinary that 750 million people are disturbed enough about their online privacy that they will represent to a survey taker that they did something about it.
And he concludes on a hopeful note:
we have reached “peak indifference to surveillance.” From now on, this issue is going to matter more and more, and policymakers around the world need to start paying attention.
Let’s hope he’s right.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Filed Under: ed snowden, encryption, gchq, nsa, privacy, snowden effect, surveillance
Comments on “The Snowden Effect: 750 Million People Have Taken Steps to Avoid Surveillance”
I'm one of 'em.
I don’t do anything that would warrant a warrant, but I also feel very strongly that my government has no business whatsoever recording my conversations when I have done nothing illegal.
My problem now is that I need to learn more about what is exposed and what is not, and how best to navigate the surveillance to maintain what privacy I still have.
Re: I'm one of 'em.
“My problem now is that I need to learn more about what is exposed and what is not,…”
If it is connected to the internet, it is exposed. Period.
I’ll qualify the above with – If you are individually targeted by a nation state (or associated organization), you have little to no chance of digital privacy. And if you think you might be, the privacy proposition becomes extremely complex and this reply is not directed at you. However, that’s probably not the case. More likely, you’re like the 99.9999% of folks that just realize how dangerous mass surveillance is to democracy, how there is 100% probability that the information collected will be abused (if not yours directly, then someone else’s), and/or simply object to it on principle. For us, there’s quite a bit we can do to avoid being caught in the non-targeted, dragnet mass surveillance currently being conducted by governments and commercial entities.
Keep in mind that hacks are legion, ever evolving, and many are highly dependent on the specific configuration of the hard/softwares you (and those you connect to) use. This means you’ll need to keep up on your reading on the subject as much possible. Also, understand you’re in it for the long haul and it can get overwhelming so give yourself time. Add your privacy protections incrementally and just accept that you will never be done. The goal is to make yourself incrementally more secure against your most likely attackers over time.
IMHO – Here are a few very basic things the average user can start with:
1. Donate whatever you can (i.e., money, time, whatever) to one or more of the organizations that are tirelessly fighting in the courts to defend your privacy and related civil liberties (e.g., EFF, EPIC, ACLU, Privacy International, and many others).
2. Use a VPN. It should be one that does not keep logs. Private Internet Access is cheap ($40/yr) and easy to use – but I encourage you to do your own research. Also, you may want to consider also using Tor (with a full understanding of it’s best use and limitations).
3. Consider using (keeping all updated) the desktop software CCleaner and the Firefox browser (with addons; Https anywhere, Disconnect, AdBlock Edge) and additionally – if you’re okay with taking some time to learn why/how you should use them – consider the addons, NoScript and RequestPolicy. Keep in mind, these are all just suggestions. Again, I encourage you to do your own research.
4. Encrypt everything.
5. Here are some other basic things you might want to become familiar with:
~Determine your threat model(s). Keep in mind your TM might change by activity.
~Understand the difference between privacy and anonymity.
~Understand compartmentaization as it applies to your privacy.
~Understand how “free” services are monetized (as many of the privacy-invasive practices are a result of this effort).
~Appreciate how any segment of your digital data (i.e., on your phone, computer, wherever it sits in the cloud, etc.) can be brought together to provide great detail about you.
~Weigh the privacy-to-convenience (or privacy-to-neato or privacy-to-free) tradeoff when considering which software/services you use and/or how you use them.
~Be able to concisely articulate why privacy is necessary in a democratic society (for when it comes up in conversation with those not so enlightened).
~Understand what a man in the middle attack is (MITM attack).
~Understand that any http connection is subject to easy monitoring and man in the middle attack. Https can also be gamed (either by hack or legal process), but has a much higher probability of being secure.
~Stay as far away from the Internet of Things (IoT) as possible. Or at least make sue the value-to-privacy tradeoff is worth whatever you think you’re getting out of it.
Good luck.
The switch to https is a significant action by a few people that impact millions of bit of information passing over the Internet. Even if it is compromised, it significantly increases the computer power needed by the spy agencies, as the need to decrypt packets before they can scan them.
Re: Re:
Add to this encryption by default by Android and Apple. The haystack they have to sort through gets bigger every second. Every move they make accelerates this further out of their reach.
750 Million People have something to hide
Look at all those presumed terrorists!
See, we now need an even bigger budget! — NSA
Re: 750 Million People have something to hide
Sorry, we’re broke. You’ll have to start robbing rich people and corporations more.
Re: 750 Million People have something to hide
Ha! That’s probably close to what they use as justification..
“There are 750 million people using more exotic methods of data shaping. We need a larger budget to acquire the hardware,SIGINT, and HUMINT resources required to effectively and proactively isolate these perspective threat markers”
I’ve made the move to automatically switch to https if the website supports it and installed ghostery.
Yeah, I doubt that would protect me from invasive and targeted attacks but it’s something at least.
I have also taken steps to hide my activities. The government has no business snooping on my porn habits.
We are finally seeing real numbers about the damage Snowden has done to this country.
Re: Re:
If three quarters of a billion people around the world learning how to protect themselves online counts as “damage”, long may the damage continue. 🙂
Re: Re:
We are finally seeing real numbers about the enlightenment Snowden has brought to this country.
FTFY
Re: Re: Re:
FTFY.
Re: Re:
If by “damage to this country” you mean “enlightenment in the world”.
Re: Re: Re:
It goes to show how skewed some people’s utility functions are. Consider:
A: Some government suit with a vested interest in the surveillance state claims that the leaks might hypothetically have prevented a hypothetical attack from being hypothetically stopped.
B: The better part of a billion people worldwide are more conscious of their online security, and measurably safer (not just from government intrusion, but from other criminal activity) as a result.
If A is more significant than B, then you might be a toady. Or a managed persona.
What i wouldnt give to see 700 million people knocking on the “rulers” door
What you can do … easy peasy steps.
1… put duck tape over that video camera on your lap top. Especially if you never use it. If you do use it, tuck tape some cloth over it that you can lift when it’s not in use.
2…”dirty” your face book account. Ever law enforcement agency in the world is going to take a peek ? Give them something to look at. Befriend some transvestite hookers, a selection of heavy metal bands , and possibly put in a link to one of the more peaceful muslim organizations. Oh you don’t have to actually read that crud. Just put in a link to distract law enforcement.
3… when the grocery story asks for your postal code, make one up. They have no business asking for the real one.
4… “Customer reward Cards” are a way of tagging your name to everything you purchase, and half of them arn’t worth the effort for their meager savings. Unless they’re offering a really awesome deal , and you don’t mind every advertiser on the planet now knows what you purchase every week , dump them.
5… shop at walmart or any other store that has multiple products (groceries AND clothing AND appliances), and use your debit / credit card. A line item that reads “Walmart – 57$” doesn’t tell anyone anything.
Re: Re:
I would refine these a bit.
1. Spot on, I agree.
2. Stop using Facebook at all.
3. When the grocery store asks you for personal information, don’t make stuff up. Just tell them no.
4. Absolutely right, affinity cards are dangerous and unnecessary.
5. Don’t pay with your debit/credit card (speaking in terms of safety and privacy, doing so is no different than using an affinity card). Pay with cash.
Re: Re: Re:
Yes, when the grocery store clerk asks you for your information, the correct answer is “No” or “You don’t need that”.
But keep in mind that she has a job to do and she could get fired or disciplined for not collecting your zip code. Or you may hold up the entire line by arguing with a “drone”-level employee who doesn’t make the rules.
So just make up a zip code and laugh it off when the cashier says she’s never heard of that one before.
Re: Re: Re: Re:
“But keep in mind that she has a job to do and she could get fired or disciplined for not collecting your zip code.”
I seriously doubt that. The clerk could get disciplined for not asking for the information, but I have a hard time believing that any company would discipline an employee because a customer refused to comply. However, even if they did, I am not going change my practice just because the company has an insane employee policy.
In practice, though, I always just say “no”, and 100% of the time the clerk says “OK” and that’s the end of it.
“Or you may hold up the entire line by arguing with a “drone”-level employee who doesn’t make the rules.”
That’s never happened, but if it did, I wouldn’t hold up the line at all. I’d just walk out without completing the purchase.
“So just make up a zip code and laugh it off when the cashier says she’s never heard of that one before.”
I’ll never do that because I want the company to know that I declined to give them the data.
Re: Re: Re:2 Re:
There is one exception to this zip code business: if you’re paying by card in a kind of transaction that requires neither a pin or signature, the payment processor may occasionally require the zip code of the card’s billing address to be entered to complete the charge (as a rather weak security measure). Since I rarely pay with a card, I rarely encounter this — but I have. In those situations, I provide the zip code.
Re: Re: Re: Re:
Fuck sNOwden
He put 320 Million American lives at risk, going off on his own delivering up to enemies of the US data that did not belong to him. He should be put before a firing squad for high treason.
Re: Fuck sNOwden
320 million? Ridiculous hyperbole does not help your case.
Re: Re: Fuck sNOwden
Well, if they’d (Muslims) all declared jihad, they might have managed to threaten you each personally …
1 == 1
Re: Fuck sNOwden
I’ve got nothing to say to this drivel that I haven’t already said.
Re: Fuck sNOwden
Oh for the love of Mike, Barrack, give it a rest already, will ya.
Nobody but you crony fascists and corporate renta-statesmen actually think that Snowden put any real Americans at risk – the only people he put at risk is you pseudo-American corporate-controlled assholes in the White Whore-House and your mob-business bum-buddies in Hollywood.
And we’re all hoping that Snowden’s expose of your crimes in office and crimes against humanity, insure that you ugly fuck dinosaurs see the other side of the extinction equation real soon.
—-
Low level security measures...
I no longer leave my computers on when not in use.
Similar to the idea that leaving your car keys in the ignition could cause a criminally inclined person to steal your car, I consider leaving the computer on when not in use as simply overtly tempting the irresponsible members of the spy networks of the five eyes to use my computer for their nefarious and always quasi-legal purposes.
Whereas the stealer of a car might inadvertently hit someone and thus involve your car in the harm of another, the thieves in the employ of the Five Eyes governments would use your unguarded running computer to cause others – at home and abroad – and possibly yourself, harm and grief, on purpose.
I feel it is my civil duty to do whatever I can to prevent such irresponsible and mentally deranged people from having access to those things, such as my running computers, that can be used by them, to harm others for fun and profit.
—
Thanks for opening our eyes, Snowden. 0_0