This episode was produced by UIC communication students Kristin Nedialkova ‘16, Araceli Gonzalez ‘16, and Katie Gregory ’16. Focused on information privacy and inspired an early 2016 case of FBI vs. Apple, this episode explores how public (mis)trusts the government and the private sector in the post-Snowden era. Robert Sloan (UIC) was the guest on the show.
This podcast is a class exercise and it does not represent the views and opinions of the University of Illinois at Chicago or any of its departments.
Produced: Spring 2016.
Transcript
[MUSIC: InfoNation theme music and intro] Welcome to InfoNation, UIC’s very own podcast created by students, for students. At Infonation we discover how media, information and communication are created, governed, and used. Produced by upper level students in the department of Communication, info-nation brings academic research to help make sense of our increasingly mediated society. We go to the library so you don’t have to!
[KRISTIN NEDIALKOVA] We have something amazing planned for you today. My name is Kristin and I’m here today with Araceli and Katie.
In today’s episode we will be discussing privacy and trust in our government and private corporations in regards to the Internet and personal data. Our special guest is Robert Sloan, Professor and Department Head of Computer Science at the University of Illinois at Chicago. He recently published a book with Richard Warner titled Unauthorized Access: The Crisis in Online Privacy and Security. There will be more to come about this later in the segment.
We’d like to begin this episode with a recent story which has made headlines. Apple’s very own, Tim Cook, released a letter on February 16 informing consumers that the FBI has requested Apple to build a new key code, which can possibly unlock any iPhone in the world.
An easy, but sometimes difficult question to ask is, so what does this mean for you?
Well it means that the US government, once again, is stepping over the line between privacy and national security while using a major company to do it. With this in mind, how is it that Americans still trust government agencies and companies, such as, Apple with their information? Do people even trust that their data is protected or are they forced to give up their data in order to reap the benefits of new technological inventions? Are the government and private companies there to protect us or to try and control us and make a profit? In the modern world, can we really trust anyone to protect us? These are questions we should be asking ourselves every time prior to sharing any personal information through our cellphones, computers, apps, social media and anything else that you can think of.
In order to effectively address these issues we would like to define what we mean by privacy and trust in relation to private companies and government. We think that it is important that we all agree on what we are discussing.
Author Zhulei Tang and scholars discuss the definitions of privacy and trust in “Gaining Trust Through Online Privacy Protection: Self-Regulation, Mandatory Standards, or Caveat Emptor.” In their article they define privacy as “the ability to control the acquisition and use of information about one’s self” and “trust is the willingness of one party to be subject to the risks brought by another party’s actions.” By trusting another party we believe that the other party will not commit any actions which may harm the reputation or well being of an individual by using any disclosed personal information. Furthermore trust involves people knowing how exactly their information is being used at all times.
Given these definitions we can begin think about how government agencies have handled our personal information and we can begin thinking if we can trust them.
For those of you not familiar with Edward Snowden; he is a former CIA employee who revealed thousands of national classified documents to journalists about several secret NSA global surveillance programs.
According to Mathias Schulze, Snowden disclosed information about programs such as PRISM, Tempore or Xkeyscore which can collect information from our emails, listen to our phone calls and see any kind of internet activity. Katie, Araceli and I don’t think there is good enough reason for government agencies to have that much power over people. This sort of government power strips us of our privacy without giving us the option to voice our opinion. This is not to say that these specific programs cannot help prevent acts of terrorism, sure they can, however at the expense of government legitimacy; which within itself causes deep trust issues. Finding out that we have been spied on for years certainly does not give us reasonable proof to believe that government agencies are being honest about what our information is used for.
To take this a step further. Let’s forget about national security and trust and think simply about privacy. Privacy of the NSA versus privacy of each individual in America. The NSA invaded our privacy by secretly spying on us and acted as it it is not problematic, but when Snowden invaded their privacy they sought a legal remedy. Yes, yes, yes I know what you’re thinking…did she just say forget about national security? Yes, I did because the national security that our government is defending is may as well be a tyranny. An oppressive big brother society where they know everything and control everything. This puts us in a situation where it’s us vs them. Corporations, companies, government agencies, social media versus the people. The 1% vs 99%. The rich vs the poor. US vs. THEM.
We are firm believers that the government was put in place to protect us, not work against us. Although the right of privacy is not directly mentioned in the constitution, the Supreme Court has said that several amendments create privacy. Of course, some will argue that by spying on us, the government is protecting us,however we do not believe manipulation to be an effective technique of protection as giving someone power to hold over us and trusting them not use it creates a society of fear.
Coming back to the story with Apple, once again the government is asking to inflict our privacy. This time apple seems to be on our side, although we think that they have to draw a line in their relations with the government or they will lose their consumers and after all sellers are nothing without the buyers. Of course, we are not here to tell you what to think. Let’s turn to Araceli for more information about private companies usage of our personal data.
[ARACELI GONZALEZ] Well Kristin, it is interesting that you bring that up because it seems that by actively engaging with others online, we are unwarily contributing to our data collection.Through our constant use of social media sites and mobile applications, we are putting a lot of our personal information at risk. We are not always aware that by consenting to the terms and conditions we are allowing third parties and advertisers to obtain our information. According to the 2014 research conducted by Nancy Paterson, even after Snowden exposed the NSA’s access to our metadata, we (the users) seem to not understand the way in which companies such as AT&T, Verizon, Facebook, and Google can use and share our personal information. A 2014 Pew Research Study showed that 69% of adults were not confident that social media sites would keep their personal information private and secure. And honestly, judging from what we have heard about these companies, we don’t blame them. In a report conducted by Privacy International, Facebook was charged with severe privacy flaws. Facebook’s data mining and policy (which claimed to reinforce the company’s ability to collect information about its users through other sources) was probably one of the reasons for such low rating. Since, Facebook has altered their data policy by giving us the opportunity to control the information about us that is being shared with apps and websites. However, Facebook’s data policy isn’t all peaches and cream. Moreover, their policy also states that they may share information internally within their sister companies and third parties. According to the documentary, “Terms and Conditions May Apply” when we accept the terms and conditions we (1) authorize companies to use our personal data (2) we acknowledge that the terms can be altered at any time and (3) we agree to have our information shared with 3rd parties.
To further explain the issue, let’s talk to privacy expert Robert Sloan to see what he has to say.
[MUSIC]
[KATIE GREGORY] Good afternoon and welcome to InfoNation. Thank you for joining us today. Please start by telling us a little bit about yourself.
[ROBERT SLOAN] I’m professor Robert Sloan, for UIC purposes professor Sloan, I am a professor of CS and also the department head of Computer Science.
[GREGORY] Fantastic, we know that you focus on many topics and are well versed in all things computer science, but today we would like to primarily focus on your work on privacy and security on the Internet. Can you please tell us a little about the book you published with Richard Warner in 2013 titled Unauthorized Access: The Crisis in Online Privacy and Security?
[SLOAN] That book perhaps, unfortunately focused entirely on corporate surveillance of online behavior, targeted advertising and the like, the book released in 2013 after the Snowden revelations, which we didn’t talk about for two reasons. First of all, we didn’t know about during the release of the book and second of all there has been a lot of interest in the subject of government surveillance dating back a long time and there was somewhat less about what the private sector is doing.
[GREGORY] We began our podcast by discussing the case of Apple versus the FBI and the issue of creating a backdoor key to unlock the iPhone. What is your opinion on the matter?
[SLOAN] As you probably know, and it has come out in just the past few days that the FBI hired a hacker for about 1.3 million dollars. Overwhelmingly, the case was not about constitutional issues, it was not about the 4th amendment search and seizure that people think in such cases, because the phone was owned not by the deceased terrorist but by the county, which is his employer. The brouhaha was about the correct interpretation of the All Writs Act and it says that companies and individuals have to assist judicial inquires so the question is how much they have to cooperate.
[GREGORY] Do you believe that this is a matter of privacy or security? Or do they go hand in hand?
[SLOAN] The question is whose privacy and whose security? This was a security issue, the government claim that none of us will be secure unless the government can compel all access to all electronic communication. The reason why I was opposed to the government being able to compel Apple to create a way in is because there are not way in only for good government agents that can’t be used by other parties.
[NEDIALKOVA] Do you think creating a backdoor key to unlock the iphone can relate to the Snowden revelations in the sense that it gives the government another way to spy on citizens?
[SLOAN] Yes, not necessarily very tightly but broadly there has been tension going on around encryption dating back to the Bill Clinton administration. The government has always wanted to access any and all mass communication.
[GREGORY] Today, we have been trying to distinguish between investing our trust with personal data in private entities vs the US government, we have come to a conclusion that either, or our information is in danger and neither promises us too much security. Do you have any thoughts on the subject?
[SLOAN] In general, absolutely. They can, just like a future employer purchase a very detailed profile of you from various credit information bureaus. By enlarge what goes to private companies also goes to the US government. Apple is something of an exception not because in it that they are any more or less likely to share than Facebook and Google, but because the way they make their money is different from Facebook or Google. I don’t think that they are more noble or more moral, everything is profit driven. And, advertising is a big part of the revenue model for most of the giant internet companies , they make at least a little bit more by targeted advertising and that’s gives them an incentive to develop more information about you. Apple’s money maker is the hardware. Especially, the iphone and the ipad, the mac is now a sideline for them. Because they are in the hardware business, primarily, they’re not collecting much information about citizens, which allows them to be the privacy advocates darlings.
[NEDIALKOVA] Do you you think it’s problematic that our information is easily accessible for anyone to find out exactly what they want? Do you think people should fear it?
[SLOAN] I do think it’s problematic, we are getting a mildly bad deal from Facebook and Google, very powerful, compelling services. You guys are both on Facebook, I’m assuming.
[NEDIALKOVA and GREGORY] Yes
[SLOAN] The great deal of profit that they generate from our information, this is a mildly bad deal; the business could be rearranged so they would have mildly less information about us, maybe more than mildly less and still make a profit, a better deal would be to at least give us some of the privacy that we used to have and then a little less profit.
[GREGORY] I just want to switch gears for a minute. So, we touched on Facebook for a little bit and I just wanted to talk a little bit about privacy policies. Please explain what a privacy policy is and how it works? Also if you would like to go a little into informed consent.
[SLOAN] A privacy policy in the sense is a written declaration by an entity like, Facebook or any online company or offline financial or medical company you deal. It says, with your information we’ll do A and B and C and will not do D and E. Nobody reads them, they are not readable. Technically they are a contract. My usual collaborator on this, Richard Warner, is a professor of law, also specialist of contract law, and he doesn’t read them. Nobody reads them. The notion of informed consent is that we are given this information in a form that we can digest, think about and then make a choice, in point of fact, it’s given to us in a form that we can’t digest at all and there is no choice. Your choice is either, you click I agree or you don’t use Facebook and for a middle aged professor it may be an option to not use Facebook but for most people between 15-30, even 15-40, that’s not an option, so this choice of informed consent is broken, it’s not working.
[GREGORY] Finally, can you address the biggest privacy issues we have today? Also, what can we do to protect ourselves?
[SLOAN] Stay alert to phishing schemes, practice reasonable pervasive government security. We do know one way or another, and detailed have changed recently, but the US government has access to every phone call you’ve made or has been made to you, not the content, but time and who you call. And that’s, extremely revealing in there. What the general public can do is making political demands for a change, and resist when you hear a response from them that if you do that the terrorists will win and ISIS will be gunning down people at UIC during finals week. There are detailed profiles of us that any of the private companies are building and are permitted by US law to build. Again, you can’t go live in a cave and you can’t give up your privacy. It’s about demanding political change.
[GREGORY] Okay, thank you for being part of our podcast professor Sloan.
[MUSIC]
[GREGORY] So why does this all matter? Why should we be concerned about who we trust and how our data is being shared?
According to Neil Crockett, CEO of Digital Catapult Centre in the UK, he believes that data sharing is crucial for advancement in a digital society. He believes distrust can put a halt on data being shared and thus hinder us from reaching the full potential of sharing data.
So what issues still remain and who is responsible for building the trust of the people?
We believe that everyone is responsible in building trust from the government, to private corporations, to academic centers of research which we are seeing pop up all over the United Kingdom, and even the people themselves are responsible for educating themselves.
We believe there is still a long way to go in understanding exactly what personal data is and who is responsible for protecting it, but hopefully with podcasts like these we can get the word out and start educating the public.
Although there is no fail safe plan to keep your information private or from getting into the wrong hands, there are actions you can take right now that will make a difference.
Education on digital privacy and building trust is everyone’s responsibility.
One thing you can do now is register to vote and pay attention to the different political platforms on online privacy. Your vote will make a huge difference as to what will happen with the government and how they deal with privacy issues.
If you are interested in how you can get more actively involved, we suggest visiting EPIC.org. EPIC is the Electronic Privacy Information Center. It is a not for profit organization that is doing really great work to educate the people of the United States and they are also involved in Data Protection 2016, a non-partisan campaign trying to make data protection a campaign issue.
Well that’s all the time we have today! We would like to give credit to Maximilien for the sound clip we used throughout the podcast titled News Intro which can be found on Soundbible.com. Special thanks to our interviewee Professor Robert Sloan and of course my co-hosts Araceli and Kristin. Thanks for listening!
[MUSIC: Podcast outro and theme music] Thanks for listening to InfoNation! Coming to you from the University of Illinois at Chicago Department of Communication. Our theme music was created by Shawn Rizvi, a 2015 graduate. We hope we piqued your interest and you learned something new today. Please feel free to engage by rating, commenting or sharing our episodes.
Additional readings
Apple, Inc. (2016). A message to our customers [Press release]. Retrieved from http://www.apple.com/customer-letter/
Bauman, Z., Bigo, D., Esteves, P., Guild, E., Jabri, V., Lyon, D., & Walker, R. B. (2014). After Snowden: Rethinking the impact of surveillance. International political sociology, 8(2), 121-144.
Bechmann, A. (2014). Non-informed consent cultures: Privacy policies and app contracts on Facebook. Journal of Media Business Studies, 11(1), 21-32.
Crockett, N. (2015). Trust In Personal Data: A UK Report. Digital Catapult.
Debatin, B., Lovejoy, J. P., Horn, A. K., & Hughes, B. N. (2009). Facebook and online privacy: Attitudes,behaviors, and unintended consequences. Journal of Computer Mediated Communication, 15(1),83-108.
Facebook, Inc. (2015). Data and privacy policy.
Khanna N., Ramos J., & Hoback, C. (2013). Terms and conditions may apply [Motion picture]. United States: Hyrax Films.
Madden, M., & Rainie, L. (2015). Americans’ attitudes about privacy, security and surveillance.
Orzan, G., Veghes, C., Silvestru, C., Orzan, M., & Bere, R. (2012). Marketing Implications of Information Society Privacy Concerns. Revista de Management Comparat International, 13(5), 733.
Paterson, N. E. (2014). End user privacy and policy-based networking. Journal of Information Policy, 4(2014), 28-43.
Price, D. (2013). Americans no longer care about government surveillance; privacy tapped out. Le Monde Diplomatique.
Schulze, M. (2015). Patterns of Surveillance Legitimization: The German Discourse on the NSA Scandal. Surveillance & Society, 13(2), 197.
Sevignani, S. (2013). The commodification of privacy on the Internet. Science & Public Policy (SPP), 40(6), 733-739.
Tang, Z., Hu, Y., & Smith, M. D. (2008). Gaining trust through online privacy protection: Self-regulation, mandatory standards, or caveat emptor. Journal of Management Information Systems, 24(4),153-173.