I recently picked up the new title, ‘Privacy is Power: Why and How You Should Take Back Control of Your Data’ by Carissa Véliz (Penguin: 2020). I chose the audio version for a few reasons- I have been experiencing some major screen fatigue since moving to remote work in March, but also I was anxious to get immediate access and not wait for my preferred print format to be shipped. I am admittedly a newbie to audiobooks, and I felt that the narrator for the audio version (Emma Gregory) added a level of urgency and intensity to the book. Privacy is Power outlines the many ways that modern life is really not conducive to privacy. To me, the book is designed to be a wakeup call (or for those of us who have been more tuned into privacy, perhaps a stern reminder) to think about some of the most common (and invasive) data collection practices that impact just about every person in modern society (or really, anyone who owns a cell phone, laptop, smart TV, etc.). The book serves as a reminder to see if you have that Post-It note still attached to your video camera on your laptop, or if you’ve thought about all the ways private information can be collected throughout the course of your day.
The opening lines of the book were sobering (especially with the audio format, as I was home alone and even looked over my shoulder as these first lines piped through my headphones): “They are watching us. They know I’m writing these words. They know you are reading them. Governments and hundreds of corporations are spying on you and me. And everyone we know. Every minute of every day. They track and record all they can.”
One main theme throughout the book is how a person can be more conscious and aware of constant data collection practices in email, apps, fitness trackers, etc., and also how to control and opt out of data collection. The author reminds us how complacent we have gotten as a society with constant privacy violations in almost every part of our professional and personal lives. Véliz also apologizes for using surveillance capitalism to deliver her message, and she adds “The purpose of this book is to empower you.”
The first chapter outlines a typical day of how invasive data collection can be, from the moment you wake up. As soon as you reach to check your cell phone on the nightstand (or perhaps data was being collected all night if you wear a fitness tracker to bed), your life is constantly emitting a multitude of data points. Véliz frequently backs up part of the narrative with interesting studies and related articles, like how automatic content recognition (ACR) can track television watching habits, and how researchers found that one samsung smart TV had connected to more than 700 internet addresses after just 15 minutes of use. And reminding us that anything with a microphone may be recording, collecting and monitoring, even when not in use. Or how IMSI (international mobile subscriber identity) catchers around the Houses of Parliament in London can eavesdrop on anyone in the immediate area (or, as Véliz frames it, have their data “hoovered up” for purposes unknown by government entities). Later in the book, the author likens the constant data collection by a variety of devices to be akin to an ankle bracelet, only without the glaring physical constraint of a tracking device as a violation of privacy.
Véliz talks about the necessity of privacy in culture and society, to provide a person with the space of not being surveyed to be able to think freely. Autonomy is lost or limited when under surveillance (or knowledge of surveillance), if someone is watching or accessing what we search for, and our habits also change under surveillance. Autonomy is essential for democracy, particularly as a whole. We can opt out individually, but need this practice to be collective for a true democracy.
The author also addresses those who may feel indifferent to data collection, those who may shrug off any privacy concern by stating they either have nothing to hide, or that their life is not that interesting. Véliz points out that once data has been collected, it is often very unclear how this information can be sold, re-sold, and later used for a variety of purposes. Perhaps the most egregious to the author is genetic DNA tests, which violate not only the most immediate family members, but also future generations as we do not know how this information can be used in the future (particularly around health issues). Véliz adds the reminder of how data can be re-identified (mentions a study by Latayna Sweeney where 87% of data from a study could be reidentified by birth date, gender and zip code). And later in the book, the author talks about the consumer information file; a file of collecting information from a variety of companies about an individual consumer, though there is not much about how this information is collected and how this can impact our lives over time. And further, Véliz feels that consumers should have access to this file and also be able to make any corrections of errors.
What I enjoyed the most from this title was the reminder that we should each be a privacy advocate in both our professional worlds and private ones, and continue to ask questions as to why information is tracked, and why some businesses require email addresses, etc. for promotions. Véliz suggests one could use fake emails, and if one is feeling especially cheeky to use something like ‘firstname.lastname@example.org’. Véliz feels that by and large we are more aware of privacy than we have been in the last decade, which is good, though is also likely due to well known examples of data breaches, such as Cambridge Analytica and Equifax.
Véliz also states that it is very difficult to regain control of privacy once it has been violated or breached. And perhaps most concerning are the changes that occur after events like 9/11, where privacy is surrendered for national security measures (cites Naomi Klein, The Shock Doctrine, when disasters used for extreme testing). We need to be more vigilant in regard to data collection, even when the violations are not obvious. Data can eventually be misused and may not be blatant or flagrant misuse at first. And importantly, the retention of data is also important. If information is no longer of use or need, we need to be advocated for the deletion of data. (Véliz also mentions one of my favorite books on this topic, Delete by Victor Mayer-Schönberger, and how programmable forgetfulness can be a virtue in society). “We have never remembered as much as we remember today. Both as individuals and as society.” What is the fallout from infallible memory and instant recall of endless banks of information? It is both easier and cheaper to remember than forget (or delete).
In the last chapter, the author provides some ways to prevent data collection throughout online searching, such as using one browser to log into accounts, and another to browse/search the web (browsers cannot share information) as a safety precaution. And adds “Our search engines know more than our spouses”. Véliz also includes some names of privacy-geared search engines, extensions and applications (DuckDuckGo, Qwant, PGP (Pretty Good Privacy), Proton email, Brave browser, Tor Project, NOYB (None of Your Business) etc). By and large, the author asks each of us to ask more questions as to why data collection is necessary and perhaps collectively we could be the change to common practices if companies keep receiving privacy requests. And recent legislation like the GDPR and the California Consumer Privacy Act point to the slow and gradual move by lawmakers in the direction towards increasing the transparency of data collection practices and protection of an individual’s privacy.
While it does take effort, Véliz implores us to regularly read privacy notices, make selections to opt-out of data collection, and be a privacy advocate, particularly for those who work in IT industries. The author calls for a culture of privacy rather than of data collection by default. “We are our own worst enemies with data”, particularly in the sharing culture on social media platforms. I admittedly did not think twice years ago when sharing pictures on facebook of my niece, who was a toddler at the time. But when I had my own children a few years later, I found I am now overwhelmingly concerned about sharing their photographs or any other information on social media platforms. I now strive to create as much of a “digital blackhole” for my children as I am able. The author mentions a teenager learning of how much information her mother and sister had shared about her before she was allowed onto social media sites (“I’m 14 and quit social media after discovering what was posted about me”).
How many times do we click through privacy policies without reading the fine print or knowing what the implications are around data collection? Are most of us guilty of having unused applications on our cell phones that are continuing to track information? (Since I picked up this book, I noticed an email about one of my most used apps, Gas Buddy, was now sending out a monthly email that indicated the collection of much more information than I had been aware of before!)
The last part of the book addresses some ideas around change that could work towards privacy protections, asking if we could be our own data brokers. Could there be a trustworthy application that could serve to protect the collection of personal data rather than another that would use the data to exploit us later? Why is personal data both valuable and apparently cheap for companies to buy and use, and resell? Who ultimately owns the applications and things that we use daily, and most importantly, why are they collecting any information at all? How can we go analog in some of our daily patterns and habits to discourage data collection? (Véliz notes that audiobook users such as myself are bleeding out information as they listen and engage with the audio version).
And to conclude, Véliz states that we are in need of the right set of technology(ies) with the right rules to live in a world where privacy is both valued and protected. A world with privacy policies that are succinct and easy to digest and where opting in would be the default rather than the norm. I can’t say I will sleep easier after finishing this book, but I thought this was an excellent reminder to keep calm and carry on the privacy battle.
Virginia Dressler is the Digital Projects Librarian at Kent State University. Her specialty areas are project management and digitization, working primarily with the university’s unique collections. She holds a Master’s of Library and Information Science from Kent State University (2007), a Master’s of the Arts in Art Gallery and Museum Studies from the University of Leeds (2003) and a certificate in advanced librarianship (digital libraries) from Kent State University (2014). Her research areas include privacy in digital collections and the Right to be Forgotten. She is author of Framing Privacy in Digital Collections with Ethical Decision Making (Morgan & Claypool, 2018).