AXEL.org

Privacy

The 2021 Guide to Online Privacy

According to a 2019 survey, nearly three-quarters of Americans are “more alarmed than ever” about their online privacy[1]. This concern is well deserved, as it seems every day there’s another story about shady corporate data collection policies or a major data breach.

So, how can you protect yourself? Luckily, you don’t have to live off the grid without electricity while hoarding military surplus MREs from the Cold War to prevent total surveillance. While most of the Big Tech offerings don’t make user privacy a top priority, some alternatives do. Here, we’ll look into the common ways you can stay private online.

Web Browsers

The most popular web browser, by far, is Google Chrome[2]. Unfortunately, it’s also the worst for privacy. In fact, you may notice a running theme throughout this guide; stop using Google! Google is one of the top privacy offenders, and its suite of software and services is absolutely massive, so you probably use them frequently. Safer ways to surf the web include the following solutions.

Firefox. Developed by the non-profit Mozilla corporation, Firefox provides a wealth of privacy settings. However, many of these options are not on by default, so you will want to dig into them a bit to set things up how you want.

Safari. This is the standard web browser for iOS and macOS. As far as Big Tech companies go, Apple stands out as being better about privacy than the others, which holds true for its browser. Again, you will need to optimize the settings for privacy, but the interface is clear and intuitive. Apple makes its money from high-priced hardware, so it has less incentive to collect and sell as much data as possible.

Brave. Brave is a newcomer to the browser game, and it has made its name on protecting privacy. It blocks ads, trackers, scripts, and more. It offers high-performance compared to its competition too! However, there are two caveats; It serves you ads by default (although you get paid for viewing them and you can disable them), and it’s built off of the Chromium browser, which uses the same code base as the nefarious Chrome. On the plus side, this does make it compatible with popular Chrome extensions, so it really boils down to your risk-reward calculations.

Search Engines

Stop using Google! Just don’t. Now, for some searches, Google will likely return better results. But for the vast majority of occasions, one of the following alternatives will get the job done without tracking your every move.

DuckDuckGo. This is easily the most usable privacy search engine. It has most of the same features (Videos/Images/News/etc.) as Google, and they never track your behavior. It doesn’t employ invasive algorithms either; it parses search results via a simple traffic calculation, so you also don’t get the censorship prevalent on Google.

For most users, DuckDuckGo is going to be the way to go. Other privacy search engines are significantly more niche, but we’ll still cover a few of the more interesting ones.

Ecosia. This is a front-end for the Bing search engine, but it ditches the trackers associated with Microsoft’s product. So, you get the power of Bing without the drawbacks. One of the more novel aspects of this solution is that the Ecosia organization plants trees when you use it. Of course, to fund this, you have to deal with ads, but at least you’re not being surveilled.

Peekier. Peekier says it’s “The most privacy-oriented search engine,” and its official privacy policy is impressive. It uses its own algorithm and generates results with thumbnail images of the sites themselves. So, it’s aesthetically pleasing, albeit a bit more bandwidth-hungry (just something to be aware of if you’re dealing with low data caps from your internet service provider.)

SearX. This is a very interesting option that’s completely decentralized. In fact, you can set up your own instance of the search engine to help out with the project! It has helpful advanced search capabilities that can assist with finding particular files. Unfortunately, it’s also the least user-friendly (you have to click on an instance before searching) and can be buggy. Still, it’s definitely one to keep an eye out for if the team can iron out the kinks.

Virtual Private Networks (VPNs)

One of the easiest ways to hide your location and identifying information when online is to invest in a VPN. They’re starting to become mainstream, as you’ve probably heard advertisements for them on your favorite podcast or YouTube channel.

With a VPN, you’re using a service that masks your network’s IP address. So, trackers online think the computer is in a completely different part of the world. Another benefit is the data sent between your computer and websites is encrypted and unreadable to would-be snoops. We recommend everyone use a VPN if they want to remain private on the internet. Many VPN providers are available, and we encourage you to do your own research about which is suitable for you. A quick DuckDuckGo search should put you on the correct path (see what we did there?)

Android vs. iOS

As we previously detailed, Apple is generally better with privacy. Android, a Google product, is pretty hopeless out of the box, but if you’re a tech whiz, it can be improved. If you need to get an Android phone for compatibility or price reasons, we recommend getting one you can install custom ROMs on and download a third-party privacy-based operating system. This isn’t for the everyday user and only works on specific phone models. The most popular privacy ROMs are LineageOS, CalyxOS, and GrapheneOS.

The first two attempt to replicate the functionality of Android while maintaining a semblance of privacy. GrapheneOS, on the other hand, goes much further and is recommended by people such as Edward Snowden. Be warned, while this will provide the most privacy possible, many people will be put off by the learning curve and lack of features/common applications.

There aren’t many non-Android or iOS alternatives. You could try out the Linux-based PINEPHONE, which offers a pared-down Linux experience and physical switches that can turn off the cellular radios, microphones, and more. It’s an inexpensive way to get robust privacy, but again, you will experience tradeoffs in usability.

One more privacy tip regarding your cellphones; don’t go with the major carriers. They will undoubtedly run credit checks and require all of your personal information when you sign up. Avoid these invasions by going with prepaid services. With these, you typically don’t have to give up any personal data if you don’t want to, and you can buy refills with cash at a variety of retail stores. They also tend to be significantly less expensive overall, and you’re also not locked into a burdensome contract. Furthermore, they all use the same networks that the big names do. It’s a no-brainer!

Alternative methods of payment

One of the worst feelings is seeing unaccounted-for charges on your credit card statements. It’s a hassle to reverse, and you may be without the stolen funds for days or weeks before it gets sorted out. It’s a situation that seems all too common in modern times, and most people accept it as a necessary hazard when putting your credit card information online. This doesn’t have to be the case!

You can protect your banking information by using payment services that provide users with masked credit card numbers. Companies like Abine Blur let you load up prepaid virtual cards that can be used anywhere (even for booking hotels). For privacy-conscious people, it allows the peace of mind that’s so sought after when making online purchases.

Social Media

Social media is tough to replace. The first recommendation we have is not to use Facebook. For businesses and those wanting to keep in touch with friends, this is a tricky proposition. If you don’t absolutely need it, however, do not use it. If you must, only put the bare minimum amount of personal information on it. There have been multiple scandals and instances of Zuckerberg’s company selling user data and behavior analysis to third parties without consent. This goes for its popular acquisitions, too, such as Instagram and WhatsApp.

As far as other platforms go, we recommend:

Invidious. This is a YouTube front-end that doesn’t track your behavior. It has other great features, such as the ability to download videos in various formats/qualities. Invidious also blocks all advertisements, and you can listen to the audio when the screen is turned off, making it fantastic for podcasts.

Like SearX for search engines, you have to use a specific instance, and we recommend www.yewtu.be, which doesn’t have much downtime. With this instance, you can even create an account not linked to your identity where you can maintain subscriptions to your favorite content creators. It’s the best way to enjoy YouTube.

Mastodon. Mastodon is a Twitter replacement that’s fully decentralized. It’s an open-source project that is entirely un-monetized. So, you’ll never see advertisements or promoted posts, and there’s no incentive to collect data since it won’t be sold. Of course, the community isn’t as large as Twitter’s, but it is growing steadily and is engaging enough to try out.

Messaging

Messing apps are an important way to talk to friends and family without using insecure SMS text messages. However, if you’re using Big Tech solutions like Facebook Messenger, GChat, or even the end-to-end encrypted WhatsApp (owned by Facebook), your communications aren’t necessarily private. If you want a more secure messaging app, use open-source, encrypted options like Telegram and Signal.

File sharing

Sending and storing files via the cloud is a convenient way to have all your documents at your fingertips. However, if you use common programs like Google Drive, Dropbox, and OneDrive, your content is also at the greedy fingertips of Big Tech. Prevent corporate surveillance and data mining by using the decentralized, distributed AXEL Go.

AXEL Go combines secure blockchain technology, the InterPlanetary File System, and hardened military-grade encryption to provide the best privacy platform for sharing and storing your data. Sign up today and receive a free 14-day trial of our Premium service with all features unlocked.

The privacy revolution

As you can see, protecting your digital privacy isn’t impossible. You may have to make concessions or change your daily workflow a bit, but with the growing community around privacy-based software and services, you can stay out of the watchful gaze of Big Tech while still enjoying the utility of the internet.  We hope you give some of our suggestions a shot and see that the current reality of corporate surveillance and censorship doesn’t have to carry on into the future.

With your help, we can usher in a new era of the internet that delivers on its initial promise of expanding human interaction and knowledge without privacy issues. Join the privacy revolution. Change the world.

[1] Statista, “Share of internet users who are more alarmed than ever about their online privacy vs. their willingness to accept certain risks to their online privacy to make their life more convenient as of December 2019, by country”, Statista.com, Dec. 2019, https://www.statista.com/statistics/1023952/global-opinion-concern-internet-privacy-risk-convenience/

[2] Statista, “Market share held by leading desktop internet browsers in the United States from January 2015 to March 2021”, Statista.com, March 2021, https://www.statista.com/statistics/272697/market-share-desktop-internet-browser-usa/

Apple and Facebook Fight Over Privacy

Apple and Facebook are currently ranked 1 and 6 respectively in the list of biggest companies by market cap[1]. These tech behemoths wield immense influence in both the business and social spheres. They also have different, seemingly opposing views on the nature of privacy in today’s society. These disparate philosophies have increased tensions between the two tech giants, and recently it’s escalated. We’ll break down the history and the sources of the standoff.

A brief history

Things weren’t always so frosty between the organizations. In fact, according to a 2012 biography, Apple CEO Steve Jobs admired Facebook CEO, Mark Zuckerberg[2]. So much so, it was a driving force in the reluctance of Apple to start a competing social network. However, after the death of Jobs in 2011, things cooled off considerably when current CEO Tim Cook took over.

Perhaps sensing the way things were going in the industry, Cook came out in 2014 with an open letter that took indirect jabs at Facebook and Google[3]. In it, he claimed Apple was not in the business of creating detailed user profiles on individuals through the use of data mining. While he did not mention his competitors directly, it was obvious who he was denouncing.

That same year, Zuckerberg fired back in an interview with TIME Magazine[4], stating

“A frustration I have is that a lot of people increasingly seem to equate an advertising business model with somehow being out of alignment with you customers. I think it’s the most ridiculous concept. What, you think because you’re paying Apple that you’re somehow in alignment with them? If you were in alignment with them, then they’d make their products a lot cheaper!”

We’d recommend reading this article. Perhaps everyone was a bit naïve at the time, but re-reading it through the lens of 2021 with an understanding of the path Facebook took, the plan Zuckerberg outlined seems much more nefarious and a good example of real-life supervillainy. What could go wrong with the CEO of the world’s most invasive social platform wanting to bring internet connection to the entirety of the world?

We digress. Throughout the next seven years, the two CEOs traded barbs on issues such as the Cambridge Analytica scandal and Apple’s monopolistic control of its App Store. In the end, the arguments usually boiled down to Tim Cook accusing Facebook of invading users’ privacies and Zuckerberg saying Apple products cost too much or that the company is an unfair gatekeeper.

We tend to fall on Cook’s side of the argument. It’s true Apple products cost significantly more than competing hardware solutions. But, as we outlined in a previous blog about free software, trading privacy for free or cheap products has serious drawbacks. Now, back to the feud.  

Tensions boil over

Fast-forward to today. In late 2020, Apple started requiring software on the App Store to come with informative “privacy labels” that clearly state the data the app collects on its users. This was great news for AXEL, but not so much for Facebook. Facebook Messenger alone has a privacy label that reads more like a novel than a brief overview[5].

The labels, combined with the most recent update, have sent Facebook reeling for solutions. The latest update goes a step farther than labels and provides users with the oft-talked-about ‘Opt-In’ scenario regarding data collection[6]. ‘Opt-In’ is a concept that requires users to agree to corporate data collection formally. This is a major step forward in the fight for digital privacy rights. It’s much better than current United States privacy regulations in states such as California and Virginia. Those pieces of legislation mandate companies provide an ‘Opt-Out’ option. While better than nothing, the fact is that consumers are busy. They don’t have the knowledge or desire to scroll through layers of confusing websites to exercise their right to opt-out.

This makes Opt-In the preferred way to offer privacy. It makes privacy the default, which will vastly increase the number of people exiting the corporate surveillance scheme. Unsurprisingly, companies like Facebook are not happy about this! Personalized advertising is the company’s lifeblood, and without user data to gather and analyze, ad revenues will likely fall.

Facebook’s response

Facebook hasn’t taken these changes lying down. Their argument centers around the effects felt by small businesses due to Apple’s changes. Facebook frames its data collection around its usefulness to small businesses. Without the ability to target people most likely to buy, these companies will feel the brunt of the impact, causing many of them to close.

Facebook started a public relations blitz, using television commercials and full-page ads in popular newspapers[7] to drive home the point. It has received some mockery for this in the mainstream media. It certainly does appear to be a rather transparent way to further its own goals while seeming to have more profound principles.

Facebook also raised another issue, and though it didn’t receive as much attention from the media, it probably has more merit. They claim that Apple’s recent privacy push isn’t out of any benevolent intentions for consumers but rather greed. Apple receives anywhere from 15-30% of App Store sales, depending on the developers’ overall revenue. By giving consumers the choice to opt into data collection, they must know that most users will decline. This could cause a shift from free apps that generate revenue based on advertising to more paid apps. In turn, Apple receives more money from downloads since more of them are paid. If true, it’s a very sneaky way for the tech manufacturer to make more money while playing the good guy.

The reality is that both Facebook and Apple are profit-driven mega-corporations looking to protect their businesses. You can’t blame either of them for this feud, although it seems obvious that Apple comes out ahead from a public utility perspective. Whatever the root cause, any initiative to substantially increase digital privacy is a good thing in our book.

AXEL’s commitment

AXEL is dedicated to fighting for digital privacy rights for everyone. The concept of data custody and forging lasting trust between consumers and technology is embedded into our corporate philosophy. We develop our products and services to live up to these lofty ideals.

If you are looking for a privacy-focused cloud storage and file-sharing platform, try AXEL Go free for 14-days. During the trial period, you receive all Premium features, including removing file-size restrictions, Secure Fetch functionality, and storage encryption. AXEL never collects personal information to sell to third parties or mines your content for advertising. We’re an alternative tech company you can trust. Secure your files. Secure your digital future with AXEL.

[1] “Largest Companies by Market Cap”, CompaniesMarketCap.com, April 30, 2021, https://companiesmarketcap.com/

[2] Emil Protalinski, “Steve Jobs admired Zuckerberg too much to compete with him”, CNET.com, July 17, 2012, https://www.cnet.com/news/steve-jobs-admired-zuckerberg-too-much-to-compete-with-him/

[3] Steve Musil, “Tim Cook explains Apple’s privacy policies in open letter”, CNET.com, Sept. 17, 2014, https://www.cnet.com/news/tim-cook-explains-apples-privacy-policies-in-open-letter/

[4] Lev Grossman, “Inside Facebook’s Plan to Wire the World”, Time.com, Dec. 15, 2014, https://time.com/facebook-world-plan/

[5] Ben Lovejoy, “App privacy labels show stark contrasts among messaging apps”, 9to5mac.com, Jan. 4, 2021, https://9to5mac.com/2021/01/04/app-privacy-labels-messaging-apps/

[6] Ian Sherr, “Apple’s privacy battle with Facebook just became all-out war”, CNET.com, April 26, 2021, https://www.cnet.com/news/apples-privacy-battle-with-facebook-just-became-all-out-war/

[7] Megan Graham, “Facebook blasts Apple in new ads over iPhone privacy change”, CNBC, Dec. 16, 2020, https://www.cnbc.com/2020/12/16/facebook-blasts-apple-in-new-ads-over-iphone-privacy-change-.html

A Breakdown of Google’s Alternative to the Third-Party Cookie

In an effort to distance itself from its less-than-stellar reputation on privacy, Google is developing and testing an alternative to third-party tracking cookies. It’s called the Federated Learning of Cohorts (FLoC), and the company claims it solves commonly-cited privacy issues with personalized advertising. Skeptical?

What is a cookie?

While most people know the term “cookie,” they might not understand precisely what they do. Before getting into Google’s replacement, here’s s a brief synopsis:

A cookie is a small file that stores pieces of user data to improve their web browsing experience. Each web server collects visitors’ browsing history, settings, or preferences and saves the data in a file. The next time the user visits that site, the server pulls the cookie’s information and provides a customized experience. This can manifest in several ways, such as saving:

  • Display language preferences.
  • Shopping carts between sessions.
  • Login information.
  • Authentication data so that users don’t have to enter a CAPTCHA.

These are examples of first-party cookies. The website you visit actually collects the data. It is difficult to imagine an internet without first-party cookies. Nobody wants to input all of their information every time they view a site. However, there is another type called third-party cookies.

Third-party cookies

Unaffiliated domains create third-party cookies, which track users across multiple sites. They use this data for retargeting campaigns and personalized advertising. Third-party cookies are receiving backlash from consumers and privacy advocates alike.

These are unlikely to be anonymized in any meaningful way, which leads to persistent tracking. So, unknown to the end-user, advertisers can craft detailed profiles on individuals and market directly to them across the entire internet. Not only is this a blatant invasion of privacy, but it is also susceptible to abuse from predatory companies.

Google’s response to the cookie crumbling

Google recently decided to ban third-party cookies across its ad platform and block them by default on its popular Chrome browser[1]. So, has the search giant finally seen the light and found a newfound commitment to privacy? One peek at their advertising revenues should tell you all you need to know (over $37 billion in Q3 2020[2] alone). Google will not stop tracking people through mobile devices and will still target individuals with ads based on user behavior on their first-party application. Google is large and diverse enough that even first-party cookies pose a problem.

But at least they won’t be sharing individuals’ data with third-party advertising companies anymore, right? The technical answer is “right,” but it’s a bit more complicated. What they’ve really done is create a different way to track people for personalized ads. They have many projects aiming to replace the functionality of third-party cookies under a less toxic name.  The proposals seem to follow an avian theme for some reason, such as PIGINTURTLEDOVESPARROWSWANSPURFOWLPELICANPARROT, PARAKEET, and so on. But one idea has really taken flight…

Enter the FLoC

The FLoC project is deep into its testing phase and has been already delivered tangible results to advertisers (approximately 95% return on ad spend compared to third-party cookies[3]). FLoC stands for Federated Learning of Cohorts. A name that not only rolls right off the tongue but is also definitely not confusing and immediately makes its meaning known.

Snark aside, a FLoC clusters larger groups of people with similar interests together under a shared ID number (their “cohort”) and serves those within the group personalized ads. It uses sophisticated Machine Learning algorithms to analyze variables like the URLs visited, website content, and the typically nebulous “other factors.” So, Google still pulls this data from browsing history, but the information gets calculated on the user’s device rather than sent back to a Google server. This local data gets compiled with thousands of other users to remain private.

Privacy advocates, however, don’t see this as a suitable solution.

Issues with FLoC

Even looking past Google’s dubious past (and present) regarding privacy, the FLoC project raises concerns.

  • Fingerprinting. Millions of websites use hidden code to pull details about their visitors’ computers, and therefore, identities. With FLoC, Instead of distinguishing an individual’s browser from hundreds of millions of others, advertisers only have to worry about how many reside in a particular cohort (thousands?). Google is trying to mitigate this, but there’s no solution coming soon, and the project is already rolling out. Evidently, it’s not a top priority.
  • Contextual identification. Companies could combine a cohort ID with other information, such as data obtained from having a ‘Login with your Google account’ option to identify people. Furthermore,  advertisers can infer demographics from a particular Cohort since people with similar browsing interests can likely be siloed into fairly accurate groups. Google claims it will protect ‘sensitive info’ like race and sexual preference, but its effectiveness is unknown. There’s less recourse for this when it does happen, too, because they’ll have plausible deniability about targeting these ‘protected’ entities.
  • Exploitation. FLoCs could result in the proliferation of exploitative practices. For instance, a cohort of people visiting sites about credit repair could receive ads for payday loans or other manipulative products and services.

Conclusion

This project is already well underway. The days of personalized advertising are here to stay. There’s simply too much money at stake for it to go away without explicit regulation. FLoC only applies to the Chrome browser, which happens to be by far the most popular web browser. If you don’t want to participate in these shenanigans, you’ll have to use a privacy-focused browser. FLoC seems like a step in the right direction over third-party cookies, but it’d be hard to be worse than them. Valid concerns still exist, and privacy-oriented people likely won’t celebrate this stopgap.

Stay private

AXEL promotes the concept of data custody and prioritizes keeping user data secure and private. If you don’t want Big Tech companies like Google mining your information and tracking you incessantly, break free from their hegemony. Share and store files online without anxiety. AXEL Go is a safe, privacy-focused platform that utilizes blockchain technology, the InterPlanetary File  System, and AES 256-Bit encryption. Take back control of your digital privacy. Try AXEL Go today. For $9.99, you can upgrade to a premium account and unlock all of its unique features.

[1] David Temkin, “Charting a course towards a more privacy-first web”, Blog.google, March 3, 2021, https://blog.google/products/ads-commerce/a-more-privacy-first-web/

[2] Kim Lyons, “YouTube brings in $5 billion in ad revenue as Alphabet and Google bounce back”, TheVerge.com, Oct.. 29, 2020, https://www.theverge.com/2020/10/29/21531711/google-alphabet-ad-revenue-youtube-waymo-cloud-search

[3] Chetna Bindra, “Building a privacy-first future for web advertising, Blog.google, Jan. 25, 2021, https://blog.google/products/ads-commerce/2021-01-privacy-sandbox/

A Breakdown of Virginia’s New Privacy Law

On March 2nd, Virginia Governor Ralph Northam signed a comprehensive data privacy bill into law, making it the second state behind California to enact formal privacy regulations[1]. While it’s difficult to argue this development is a bad thing, the fact that it had widespread approval from Big Tech opens it to scrutiny. Here, we look at the law’s provisions, compare it with California’s measures, and assess the areas where it’s lacking.

Who does this affect?

The Virginia Consumer Data Protection Act (VCDPA) will significantly affect entities known as ‘data brokers.’ A data broker can be one of the high-profile corporations from Big Tech (i.e., Google, Amazon, etc.) or the lesser-known companies operating in the shadows that gather, analyze, package, and sell consumers’ personal information. According to the VCDPA, data brokers must hit specific thresholds for the law to apply to them. These stipulations include:

  • “Persons” (remember folks, corporations are people too) must do business in Virginia or sell products and services that target Virginia residents.
  • The organizations have to control the data of at least 100,000 Virginia residents. (This number is decreased to 25,000 residents if the company receives half or more of its revenue from selling personal information)

There are several exemptions, however. For example, organizations do not have to abide by these regulations if:

  • The data they collect from individuals pertains to employment or other commercial information. This means employees aren’t protected from their company’s data collection, and business-to-business data is still a free-for-all.
  • They are in the financial services, research, credit reporting, healthcare, or educational industries.
  • They are a designated non-profit.

So, already there appear to be some loopholes.

What are the new privacy provisions?

The VCDPA outlines new expectations that applicable data brokers must follow.

  • Data brokers must gain explicit consent before processing “sensitive data.” This would include racial makeup, religious beliefs, health records, sexual orientation, genetic data, or a person’s precise geolocation.

It also grants consumers a variety of new data rights.

  • The right of access. Now, Virginians can request to know all the information a company collects on them.
  • The right of correction. Consumers can request a company correct wrong information, and they have to comply.
  • The right of deletion. Individuals can request the deletion of their data.
  • The right to opt-out of targeted advertising, data selling, and profiling.

Unfortunately, there are more exemptions for these too. Organizations can get out of many of these information requests if they feel it cause an “unreasonable burden.” They also do not need to comply if the data collected is pseudonymized (meaning they replaced identifying info with pseudonyms.)

Starting in 2023, any company found in non-compliance with the terms of the VCDPA will have 30 days to correct their course or be subject to a $7,500 fine for each violation.

Compared to the CPRA

California is the other state with data privacy laws on the books. The recently passed California Privacy Rights Act (CPRA) set the national standard. How does the VCDPA stack up? Overall, they’re very similar. There are a few key differences, though:

VCDPA is more limited in scope. It’s a bit semantic, but where the CPRA exempts specific personal data types, the VCDPA exempts entire industries like healthcare and education. This slightly shrinks the net of data protections.

VCDPA doesn’t apply to employees or commercial data. Under the CPRA, employees have the same protection as consumers. Unfortunately for Virginians, the VCDPA explicitly excludes employee or business-to-business data.

VCDPA has no private right of action. This means that residents aren’t allowed to sue offending companies for damages. California’s privacy law enables individuals the right to sue for up to $750 for violations.

Criticism

Privacy groups like the Electronic Frontier Foundation (EFF) levied scathing critiques of the bill[2]. Other than the lack of private right to action as mentioned above, it was also slammed for facilitating ‘pay-for-privacy’ programs, where businesses could charge consumers not to collect and sell their information.

Another complaint is that the law would force consumers to opt-out of collection rather than opt-in. Obviously, this creates an unnecessary barrier to privacy and makes the default invasive. Most people are too busy to go searching for opt-out links. It’s why some privacy advocates believe it protects the interests of companies more than consumers. The fact that Big Tech behemoths Amazon and Microsoft both offered support for the bill[3] backs up this assertion.

Regardless, it’s better than nothing. And, like the CPRA following up the CCPA after only a few years, it is possible to improve on privacy regulations in the future. Nothing is perfect, and in squabbling over the details, sometimes advocacy groups lose sight of the forest for the trees.

Any regulatory improvement is good, and the process is likely to be iterative over time. The VCDPA may not be a giant leap toward the end goal of robust data privacy laws, but it’s a healthy first step. One they can build upon and provide an example to the rest of the country. At some point, federal data privacy laws will be on the table, and having test programs like this will inform lawmakers about what works and what doesn’t.

Building solutions and bringing awareness to data custody

AXEL is committed to providing data custody to its users. We never sell your information to third parties or mine your account for data. Our developers design privacy-based software solutions that keep your content away from the greedy hands of data brokers and Big Tech. AXEL Go is a blockchain-backed file-sharing and storage platform with optional encryption features. You can share and store files online without the worry of who else can see them. Take data privacy into your own hands. Ditch Big Tech and try AXEL Go today.

 

[1] Cat Zakrzewski, “Virginia governor signs nation’s second state consumer privacy bill, The Washington Post, March 2, 2021, https://www.washingtonpost.com/technology/2021/03/02/privacy-tech-data-virgina/

[2] Hayley Tsukayama, “Virginians Deserve Better Than This Empty Privacy Law”, EFF.org, Feb. 12 , 2021, https://www.eff.org/deeplinks/2021/02/virginians-deserve-better-empty-privacy-law

[3] Cat Zakrzewski, “The Technology 202: Virginia is poised to pass a state privacy law”, The Washington Post, Feb. 11, 2021, https://www.washingtonpost.com/politics/2021/02/11/technology-202-virginia-is-poised-pass-state-privacy-law/

Should Privacy be a Human Right?

With the advancements in the mass surveillance technology used by governments and corporations, maintaining individual privacy has never been more important. AXEL believes privacy is a fundamental human right that these powerful institutions need to acknowledge. Without a vigorous defense of this position, influential organizations will inevitably erode privacy protections and lead society down a dark, Orwellian path.

Privacy law – not a new thing

Citizens demanding basic privacy is not a new phenomenon. Formal privacy law goes all the way back to 1361 AD in England[1]. Nevermind modern accouterments like cellphones, back then niceties such as plumbing and an easily traversable road system weren’t fathomable. It was the time of King Edward the III, with England and France engaged in what was to be known as ‘The 100 Years War.’ In other words, a LONG time ago.

The Justices of the Peace Act outlawed peeping toms and eavesdroppers under the penalty of imprisonment. It was a way to stop the town weirdo from spying on neighbors from behind a cow or haycart.

Today these concerns seem quaint, as every computer, cellphone, smartwatch, digital assistant, or any other piece of internet-connected technology is the equivalent of an eavesdropping creep. On the plus side, medicine advanced past the practice of bloodletting as a cure-all. So, we’ve got that going for us.

A decree from the United Nations

Fast-forward over half a millennium to 1948. The newly-formed international coalition, the United Nations, released the United Nations Declaration of Human Rights[2]. This short document outlined various human rights for all people. Article 12 states, “No one shall be subjected to arbitrary interference with his privacy, family, home, or correspondence, nor to attack upon his honor and reputation. Everyone has the right to  the protection of the law against such interference or attack.”

While these UN guidelines are clear and concise, they lacked any true enforcement capabilities. Fantastic ideals in theory; often ignored in practice.

United States privacy law history

Unfortunately, The United States Constitution doesn’t explicitly guarantee privacy as a right. However, not all is lost. Throughout the years, there have been legal arguments that other liberties imply privacy rights. Examples include:

  • Stanford Law Review April 2010. A piece in the prestigious legal journal by Orin Kerr outlined an argument that sought to apply the Fourth Amendment to internet privacy[3]. The focus is on police-related intrusions, specifically dealing with warrant requirements for digital surveillance.
  • Griswold v. Connecticut. This 1965 case set the precedent that the Constitution grants privacy rights against government intrusion implicitly from other liberties established in the Bill of Rights[4]. While the case pertained to marital relations, the ruling set a precedent for the more general concept of implicit rights.

The current state of privacy

Two-thirds of countries have privacy regulations on the books[5]. So, everything’s all good, right? Time for privacy advocates to pack it up and celebrate their victory! No, things are not all rainbows and sunshine in this space. In fact, the situation is pretty bad.

Government privacy intrusions

The U.S. government spying on its citizens is nothing new. The practice dates back at least 70 years. Over this time, many groups (political activists, civil rights leaders, union participants, the far-Left, the far-Right, you name it) became surveillance targets of federal agencies like the FBI, CIA, and NSA. However, the devastating 9/11 attacks combined with advancing digital technology created a perfect storm for privacy intrusion at a scale never before seen.

The details of which were outlined by whistleblower Edward Snowden in 2013[6]. Here are a few significant revelations of the leaks:

  • The NSA collected millions of peoples’ cellphone metadata (i.e., when calls are made/to whom) and location information[7]. A federal appeals court finally ruled this tactic illegal in 2020[8].
  • The NSA can easily break internet standard encryption methods to view private emails, financial transactions, and other personal data[9].
  • The NSA implemented a program code-named PRISM where the Big Tech companies would mine user data and turn it over to the agency upon request[10].

These only scratch the surface of the Snowden leaks. The story received enormous press coverage over the years, putting pressure on the federal agencies for more transparency. It is naive to think organizations like the NSA stopped using these tactics, though. After all, the courts didn’t ban illegal phone metadata collection until seven years after initial disclosure, after multiple other scandals[11].

Corporate intrusions

Of course, the government doesn’t have a monopoly on invading peoples’ privacy. Corporations are big players in the game, too (although, as seen in the PRISM program, the two entities can work together.)

Big Tech has a notorious reputation in this regard. Companies such as Facebook, Google, and Amazon collect so much personal data that their algorithms probably know people better than they know themselves.

The most known scandal involved Cambridge Analytica, a Big Data firm that bought user data from Facebook and used it to serve targeted political ads, allegedly resulting in a shift toward Donald Trump’s election[12].

Regardless of that hypothesis’s validity, data mining and selling are an everyday occurrence in Big Tech’s world. All one has to do is read the privacy policies or terms of service agreements the companies provide to get a glimpse at the breadth of knowledge they have about individuals. Easier said than done since those policies are thousands of words of legalese, but decipher them, and it becomes quite creepy.

Tougher legislation

Data privacy and protection are now mainstream topics. As such, some governments are enacting stronger legislation. The Gold Standard of these laws is the General Data Protection Regulation (GDPR) in the European Union. It is the most comprehensive data privacy law to date.

California took the main framework of the GDPR and passed a similar law called the California Privacy Rights Act (CPRA), which will take a few years to implement fully. While these are the best laws currently in effect, they still have loopholes that will undoubtedly lead to exploitation. Do they go far enough to protect everyone’s personal information? Only time will tell.

Be proactive

The GDPR and CPRA are much needed, but people should take matters into their own hands as well. Stop relying on “free” software from the megacorporations and search for privacy-based alternatives.

AXEL Go is the perfect solution for anyone looking for a private, secure file-sharing and storage platform. It has blockchain implementation, runs on the un-censorable InterPlanetary File System, and utilizes military-spec AES 256-bit encryption to ensure your files aren’t compromised. Sign up for a free Basic account and receive 2GB of online storage and enough network fuel for hundreds of typical shares. AXEL truly believes privacy is an inalienable human right. That’s why AXEL Go has industry-leading privacy features that will only get better. Download it today.

 

 

 

[1] English Parliament, “Justices of the Peace Act 1361”, legislation.gov.uk, https://www.legislation.gov.uk/aep/Edw3/34/1

[2] The United Nations, “The Universal Declaration of Human Rights”, un.org, 1948, https://www.un.org/en/universal-declaration-human-rights/#:~:text=Article%2012.,against%20such%20interference%20or%20attacks

[3] Kerr, Orin S. “Applying the Fourth Amendment to the Internet: A General Approach.” Stanford Law Review 62, no. 4 (2010): 1005-049. Accessed February 24, 2021. http://www.jstor.org/stable/40649623

[4] “Griswold v. Connecticut.” Oyez. Accessed February 24, 2021. https://www.oyez.org/cases/1964/496

[5] “Data Protection and Privacy Legislation Worldwide”, UNCTAD, Feb. 4, 2020, https://unctad.org/page/data-protection-and-privacy-legislation-worldwide

[6] Glen Greenwald, “Edward Snowden: the whistleblower behind the NSA surveillance revelations”, The Guardian, June 9, 2013, https://www.theguardian.com/world/2013/jun/09/edward-snowden-nsa-whistleblower-surveillance

[7] Barton Gellman, Ashkan Soltani, “NSA tracking cellphone locations worldwide, Snowden documents show”, The Washington Post, Dec. 4, 2013, https://www.washingtonpost.com/world/national-security/nsa-tracking-cellphone-locations-worldwide-snowden-documents-show/2013/12/04/5492873a-5cf2-11e3-bc56-c6ca94801fac_story.html

[8] Josh Gerstein, “Court rules NSA phone snooping illegal -after 7-year delay”, Politico, Sept. 2, 2020, https://www.politico.com/news/2020/09/02/court-rules-nsa-phone-snooping-illegal-407727

[9] Joseph Menn, “New Snowden documents say NSA can break common Internet encryption”, Reuters, Sept. 5, 2016, https://www.reuters.com/article/net-us-usa-security-snowden-encryption/new-snowden-documents-say-nsa-can-break-common-internet-encryption-idUSBRE98413720130905

[10] Barton Gellman, Laura Poitras, “U.S., British intelligence mining data from nin U.S. Internet companies in broad secret program”, The Washington Post, June 7, 2013, https://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html

[11] Zack Whittaker, “NSA improperly collected Americans’ phone records for a second time, documents reveal”, Tech Crunch, June 26, 2019, https://techcrunch.com/2019/06/26/nsa-improper-phone-records-collection/

[12] Dan Patterson, “Facebook data privacy scandal: A cheat sheet”, Tech Republic, July 30, 2020, https://www.techrepublic.com/article/facebook-data-privacy-scandal-a-cheat-sheet/