Column

Privacy Please!

This column is already dated. Why? Because privacy – or the lack thereof – is daily news. Facebook just announced their privacy policy would be called a “data use policy”. Before that it was Google’s announcement that they would be combining all the data collected by their individual web properties (YouTube, Gmail, Blogger, Google, etc.) about you into one single place, covered by one single “privacy” policy. Security has always been in opposition with ease of use. The conflict between wanting the convenience and interaction of the free web and trading privacy for the privilege is difficult to resolve.

So, what does this all mean for lawyers? Well, Jim Calloway sums it up like this:

While I still do not believe this information will be shared with advertisers in ways that compromises client confidentiality, any benefit I might get is not worth the history being saved. A lawyer who does an arraignment for a high profile client that has media coverage may not want any record outside of his office that he did a dozen searches on the Twinkie defense that week. You can come up with your own examples.

It isn’t just advertisers to keep in mind. Google’s One-Policy-To-Rule-Them-All states they will “never sell or share your information without your permission (other than rare circumstances like valid legal requests)”. And Lori Andrews, a law professor at Chicago-Kent College of Law, writes in an opinion piece for the New York Times that outlines uses of aggregate information including stereotyping to determine credit worthiness, weblining to deny health insurance, or even influencing population segments based on the ads they receive.

So, what to do while we wait for all browsers to tighten up their “Do Not Track” options and the Consumer Privacy Bill of Rights to work its way into law? Start with the simple things first. Don’t put personally identifiable information in your online profiles, including your address, family names, birthdate and other things that could help identify you individually. Use a form filler/password manager like Roboform or LastPass to fill in forms and passwords instead of your browser. Set your browser to delete cookies and web history when you close it. Log out of Google, Gmail, Facebook, Twitter, Pinterest, Bloglines, etc. when you leave the sites. Pay attention to what permissions you give downloaded apps. Don’t use your Google, Facebook, or Twitter accounts to login to other accounts – no matter how convenient it is.

Google actually provides a lot of ways to be aware of what you are sharing, and turn it off or manipulate it. For one stop shopping try www.google.com/dashboard, which shows you every account you have with Google from your Android device to your Picassa Album. The site provides links to each Google property’s editing and privacy options. Google also posted a master list of privacy tools they provide, from the aforementioned dashboard to the ads preference manager, a Chrome Opt-Out extension, how to encrypt your searches, off the record Google chats and more. See, they aren’t so bad are they?

While Google may be helpful about leading you to privacy fixes, not all sites are so forthcoming. In fact, it can be confounding to even find privacy settings in some sites. Mypermissions.org takes you straight to the settings for app permissions in Facebook, Twitter, Dropbox, and more. Drop by and make sure you recognize and want the listed apps to have their claws in your social sites. Curious to see who might be mining data on sites you visit? One browser plugin, Ghostery, works with all the major browsers, as well as providing a mobile browser version for iOS. It detects, displays, and blocks tracking from over 800 data collection services. Users can see what is blocked and allow certain functions, for instance ShareThis, to remain active on specific sites.

Firefox, Chrome, Internet Explorer 9, and Safari all offer a “safe” browsing mode. InPrivate(IE9), Icognito (Chrome), Private Browsing (Firefox, Safari) do not store history, cookies, temporary internet files, or downloaded files and disables autocomplete/password filling. While this might be useful for getting unbiased search results from Google or for logging into a different Gmail account without having to log out in your main browser window, it isn’t truly incognito.

Enter the Tor Browser for the serious privacy proponent. Tor readily admits that some things won’t work the way they used to. After all, they block browser plugins like Flash, RealPlayer, or QuickTime. They encourage users to encrypt all traffic to and from the browser with HTTPS Everywhere, and use the Tor bridge relay to mask the fact that you are even using the Tor browser. If you are in need of true cloak and dagger activity, this might provide it. More user friendly, and if you just need truly private searching try the Startpage.com search engine from IxQuick. Startpage provides search results from Google, but does not record your IP address or anything else about your search. It has settings like always on SSL, remove search suggestions, and lets you save these settings without cookies.

The Electronic Frontier Foundation, often at the forefront of assisting webizens with privacy issues, offers some of the tips above and then some in the “Six Tips to Protect Your Search Privacy”. Some of the suggestions would take a good bit of extra effort. However, the trick is finding a balance between security and ease of use. At least with some of these tools you can finally get some privacy.

Comments are closed.