Facebook was down for several hours last week. Wise people considered the incident “a good start.” This came after testimony before a Congressional committee in which Facebook was shown to be engaged in the promotion of things harmful to children in order to make a buck.
Twitter has busied itself suspending the accounts of users — known around here as “twits” — who were critical of Red China. Meanwhile, totalitarian regimes use Facebook and Twitter to broaden their control.
Facebook, Twitter, and Google are the big three. There are others. They make money off of you and are betting they’re too big for you to do anything about it. A good friend of mine, who thinks that no private enterprise can be as bad as government meddling (and in general, but not this time, he’s right), is simping for Facebook, lest controls be placed upon it. He thinks that market forces cure everything.
There are exceptions to every rule. Sometimes an enterprise can become so overwhelming that nothing but government can bring it under control. This is not good news. Have you ever watched a Congressional hearing in which a tech celebrity CEO is being questioned? It is here perhaps better than anyplace else that we might find evidence that we’re governed by dimwits.
“My little grandson knows more about these computers than I do,” might laugh a Congressman, thinking that it is endearing. “You’re an expert on these things,” says another. “So could you show me how to turn down the volume on my phone?” This kind of nonsense really does take place. If the House of Representatives were other than 435 showboating clowns, they’d let staff do the questioning. But they aren’t, so they don’t. How much useful help might we expect from their most profound deliberations?
Which means that if we are to battle the forces of digital evil, we must do it in the fashion we hope to get into Heaven: individually.
You might have no Facebook or Twitter account. You might have changed your browser to use DuckDuckGo as your search engine (and if you haven’t you should, and if your browser won’t let you, then get a different browser; in fact, if you’re using Google’s Chrome browser or for that matter a Google-owned-Android cell phone you should get a different one anyway). And thus equipped, you might think that you’re outside the reach of the three-headed monster. But you’d be wrong.
To declare independence from the unholy trinity you need to do much more. I’ll not provide a comprehensive guide here, but I can provide enough information to get you started.
The basic browser, and probably the one you should be using, is Mozilla’s Firefox. It’s the descendant of the original commercial browser, Netscape. It is not especially secure out of the box (despite claims on its website that it is), but it can be made secure to some extent, capable of doing its part in guarding your personal information.
Oh, did I mention? Facebook, Twitter, and Google have their websites, but their business is advertising and advertising support that comes in the form of learning as much as possible about you, usually without your knowledge. They then use that information or distribute it to anyone willing to pay for (or steal) it. They’re happy to harvest the data from people who have no idea at all that its happening, people who never use Facebook or Twitter or Google and therefore have never granted them permission to do anything.
Don’t believe me? Download and install the latest Firefox. Then download and install the Ghostery plugin. This lets you know how many companies are trying to follow your activities online. Navigate to some website; let’s say The Washington Post — after all, its slogan is “Democracy dies in darkness” so it is surely upfront about who it lets track its users, right? Wrong. Once you’re there, click on the little blue Ghostery ghost icon and see how many tracking companies would be going after you on this page if Ghostery hadn’t blocked them. I did it right now, Tuesday afternoon, and there were seven bad guys trying to harvest my information with neither my knowledge nor my permission.
Now, for fun and additional protection, install the DuckDuckGo Privacy Essentials plugin. Among other things, this confirms the information from the others, lets me know whether I have an encrypted connection (harder for third parties to intercept) and the worst offenders among the would-be trackers. By far the worst, at 51 percent of all attempts, is Google.
But it doesn’t stop there. The chances are that your email provider has buried somewhere in the fine print its intent to scan your incoming and outgoing email and sell whatever it finds. This might be objectionable to you. It certainly is to me, so when my ISP announced in 2018 it was adopting that policy, I that very day signed up with the excellent ProtonMail. It ensures that no one can read my mail from the time it leaves my computer to the time it leaves ProtonMail’s servers. Of course, most of the time it’s going to someone who has taken no privacy precautions at all, so my only victory is against my ISP.
That’s something, but it’s not as if my data are safe. Anything that's not end-to-end encrypted — including mail headers — is being harvested by anyone who really wants it. The best we can do right now, alas, is the rule cited by burglar-prevention systems: You can't make your home invulnerable, but you can make it a little harder to break into than the next house over is, so a little less attractive to the bad guys. It can be made enough of a pain that the evildoers might give up on you.
Another thing I’d recommend as part of anyone’s declaration of digital independence is subscribing to a good VPN or virtual private network. There are many bad ones that won’t let anyone else harvest your data but who do it for their own purposes. A lot of these offer as their major pitch that they let you log onto Netflix as if in a different country, so as to watch shows you can’t get here. Most VPNs you’ve ever heard of are not good ones. I did some research and chose ProtonVPN, definitely one of the good ones. (And no, I pay for it just like everyone else; I get nothing for mentioning it.) With it, it’s far more difficult to determine even where I am; if I want, I could indeed seem to be in a different country. This prevents the data harvesters from getting much that’s useful.
Even so, they’ll get more than nothing no matter the efforts we make, even down to using a Tor browser.
What's needed is a federal law (and in Europe, Britain, etc., modification of the GDPR) to this effect:
No person or organization may sell or otherwise distribute information pertaining to its customers or users without the express written consent of those customers or users. The permission may not be assumed ("opt out") but must be specifically chosen ("opt in"). Customers or users who opt in must be provided a complete list of all recipients of their information and all purposes to which it is to be and has been put. The permission is non-transferable and no person or company may sell or otherwise distribute information received from a data aggregator without the express written consent of the customers or users whose data is to be conveyed, and must be provided a complete list of all recipients of their information and all purposes to which it is to be and has been put. No person or company may deny access to customers or users who refuse to opt in.
Punishment: Violation of this provision will be punishable by a fine of \$1 million and/or imprisonment of not less than five years nor more than 50 years for each customer or user whose information was distributed.
We’re not going to get that kind of law. We’ll get hearings and photo ops, task forces and bureaucracies that ultimately would make it harder for us to file a complaint than it would be to bring the bad guys to justice. The existence of laws, as we’ve seen in Taliban Joe Biden’s regard for existing law (and Supreme Court rulings), is demonstrated daily at the southern border. And the unholy trinity are firm in putting their thumbs on the scale in favor of Bugout Joe’s party.
So for now we must do our best to defend ourselves, to declare our personal digital independence and to enforce it at least within our families. That means having no truck with Facebook, Twitter, or Google and guarding our email and other online presence. It means not communicating by email with people who refuse to secure their own email. If we have confidential information to impart we do not do it by email or any other online method if the recipient is a non-serious person. At this point it's as if the phone company announced it would listen in to all calls and capitalize on anything it heard that's of use.
Facebook and Google and Twitter all provide “free” services — a social platform, email service, web search, and the ability to make a total ass of oneself in 280 characters or less.
But there is an important internet rule, that applies except for the admirable free software community: If the product is free, then you are the product.