Cartoon avatar of Charles Sprayberry
cspray.io

Fighting against surveillance capitalism

I have long been aware of the fact that in exchange for free online services consumers are subject to advertisements; it is a huge business that powers most of the Internet unless you're explicitly paying for the service. Part of that trade-off includes "targeted advertisements" where marketing firms collect a massive amount of data detailing everything you do online. Presumably this massive amount of data is used to improve the advertisements and services that we receive. Often these data sets are routinely cracked into or just simply left exposed to the public for malicious actors to do with your data as they see fit.

For the longest time I have assumed that this was simply inevitable. Online services need, and often deserve, to be paid; there are real humans managing, designing, implementing, and operating them. Combined with the fact that the vast majority of people are unwilling, or unable, to pay for these services leaves little room for hope that the situation will markedly improve. However, that doesn't mean I have to go down without a fight.

When I fully committed to reducing my dependence on surveillance capitalism and start to take back control of my digital rights I realized just how hard the task is going to be. I have a Facebook and Twitter account. My primary email has ended in "gmail" for I-can't-even-remember-how-long, my primary-use search engine has long been Google, and my default browser is Chrome. My wife and I routinely use Amazon Prime. I'm typing this, at least in part, on a Macbook Pro running macOS. I'm currently using an iPhone 8+ and have had 3 previous generations of iPhones.

Looking at my tech-lifestyle it is obvious that breaking away from consumer surveillance will not happen overnight and will require adjustments to the services that I use; and the expectations that I have for those services. I also need to have a plan. This is the beginning of that plan.

Reduce or eliminate my reliance on the major offenders

Of the companies I listed above there are 2 that jump out as "low-hanging fruit"; Google and Facebook. Facebook is an especially egregious offender[1][2][3][4]... I could keep going but at this point the rest of the post would simply be adding footnotes to how egregious Facebook is. Even still, simply deleting Facebook was not an easy decision to come to. I live a great distance from a fair portion of my family and friends. Facebook provided a convenient way to keep in touch, share photos, and generally have an idea for what is going on in their lives. However, I reject the idea that to do those things we must support a company not worth supporting. I have downloaded the data that Facebook has on me and began the process for permanently deleting my account.

Getting rid of Google, Chrome, and GMail provide different challenges. For the most part transitioning away from Google has been straightforward, I've been using DuckDuckGo for the past month or so and have been generally pleased with the search results. Firefox has been a pleasure to use and I don't miss Chrome at all. GMail will be harder to extract myself from and will require a different kind of concession. Additionally, my employer uses Google products and there are some aspects of my life that, at least for the time being, I cannot keep from Google. It is very likely I will need to continue using Chrome in some capacity as a web developer.

Using OSS where possible...and paying for services

I have written and contributed to OSS my entire software career. At work our software is built on top of open source software and I have not had an employer who didn't take advantage of OSS in their tech stack. However, many of the applications I use are proprietary software and my Macbook Pro is almost entirely non-free hardware. I have started transitioning to Linux and other OSS technologies... and have plans for replacing my laptop which I will discuss a little later. The process has been a little slower than I would have liked but I'm starting to use more OSS.

However, simply using OSS isn't sufficient; I still require the use of online services. I need to have an email address. I'd like to have a blog and generally make use of the Internet. Ultimately if I eschew services that depend on advertisement revenue I have to pay for those services directly. This blog, for example, is something I pay for; at the time of this writing I was paying the $12 per year plan. However, you don't see ads when you read my blog posts and write.as has principles and values I want to support.

As for replacing GMail, it is going to be really hard to find a provider that offers privacy and an ad-free experience for no cost. After much searching and evaluating my options I landed on Tutanota. For a little more than $13 per year I have an ad-free, encrypted email service hosted in a country with much stronger privacy laws than the good ol' US of A. They also have principles and values I want to support.

Ultimately I believe that this is one of the most effective measures we can take against mass surveillance. Being selective about which companies we do business with. Take the time to find businesses that share values and principles that are important to you and then, importantly, paying for those services.

Taking back control

I am a software engineer by profession so I have options available to me that are not feasible for your average consumer. This includes building and/or hosting my own open source services. While this may seem like an extreme approach it affords me 3 valuable things:

  1. I take complete control of my data back.
  2. I can choose services that are open source and support my values and principles.
  3. Hosting a web app is an interesting challenge from a software engineer's perspective... and is likely to help my future career.

Social media apps can be replaced with diaspora* and/or Mastodon. Photo, contact, calendar, and data syncing can be replaced with Nextcloud. All of these services are open source software that I can host myself or find a cloud provider that supports my values and principles to run it for me. Most importantly the data belongs to the users and remains ad-free.

The biggest hurdle for adopting this strategy, particularly with social media replacements, will be buy-in from the people I interact with. I have no delusions that most people will be willing to drop Facebook and visit a social media site to speak to 1 individual. However, if I can speak and share memories with strictly my father, mother, and sisters without relinquishing my freedom to Facebook it'll be worth it.

Hardening my network

About a year ago I upgraded my home network by installing a Ubiquiti EdgeRouter and Unifi Access Point. The improvements have been absolutely astounding. My actual download speeds more than doubled and it has been the first time in my life that I can remember paying for n bandwidth and getting what I paid for. Though this is certainly not FOSS I purchased the gear before my surveillance epiphany and have been so pleased with the equipment I am likely to continue using them.

I plan on continuing the improvements to my home network this year by first installing a Pi-hole. The software acts as a DNS server that filters out known marketing and tracking URLs. Instead of requiring an ad-blocker in your browser, which carries its own host of problems, the entire network is protected. After that I plan to look at VPN options, likely OpenVPN. This would provide more privacy and security when I am using WiFi on public networks.

Replacing my Apple Devices

Generally speaking, of the big 5 tech companies (Amazon, Apple, Facebook, Google, Microsoft), I likely trust Apple the most. It is simply that their revenue model does not consist of advertising in the same way that the rest of them do. Microsoft has certainly become a better tech citizen since Nadella took over but as a web developer I'm not prepared to go from a *nix based system to Windows. Though I hope that Windows Subsystem for Linux continues to improve.

I have been generally pleased with my Mac; its form factor is excellent, it has a *nix based OS which is convenient for web development, and for the most part it just worked. Then a series of events happened. At work we started heavily using Docker for local development and Macs have problems with Docker. The performance on my machine was simply subpar and no amount of configuring or adjustments would help. My Mac has also been through a lot in the last 5 years. Let's just say that beer + software == good and beer + hardware == bad. A repair shop has been able to keep the thing going but the headphone jack is completely shorted out and it feels old. I was looking at a new Macbook but they eschew the escape key and as an avid vim user I don't even want to begin imagining what that life is like. Combine all of this with my desire for more open software and hardware and it is clear that it was time to transition away from Mac.

With Windows and Mac no longer viable options I started looking at what Linux hardware looks like. Pretty quickly I boiled my options down to System76 and Purism. I came to the conclusion that either one could provide a perfectly viable machine and, beyond pure technical specs, the decision really came down to ideology. Ultimately Purism's charter as a social purpose corporation where they clearly state there are more important things than maximizing profit won me over. I have purchased a Librem 15v4 and bought into a desire for privacy and security at the software and hardware level. Once I receive the new machine I'll be sure to post a review of my initial impressions.

I sincerely hope that I have a positive experience with Librem and that their Librem 5 phone is successful. If it does become a viable smartphone platform I will gladly hop on-board. But, for the immediate future I plan on continuing to use my iPhone 8+. The only other real, viable alternative right now is Android and there is simply no way I trust Google, who's vast majority of revenue is derived from advertisements, more than I trust Apple.

The Big Telecom-sized Elephant in the Room

If you're knowledgeable about privacy issues you may have noticed that I haven't mentioned an ISP or cell-phone provider. Your Internet Service Provider has access to your browsing habits in a way few companies can access. Your cell-phone carrier tracks even more highly-sensitive, private information about you; your location, your text messages, your phone calls. And they absolutely sell that data.

Unfortunately I have no real answer to this problem. I'm a web developer who works remotely; to make a living I have to have a working broadband connection. I don't pay the bills without it. Due to my rural location I am severely limited as to what my options are. Accepting this reality the only reasonable measures I can take are to use services that support end-to-end encryption wherever possible.

The long journey to privacy and freedom

Extracting myself from the surveillance capitalism that seems to have become a norm in our society will be a long, arduous journey. I will make mistakes and have to make concessions about my expectations. I will have to be far more selective about what services I use online.

However, I think that doing so is extremely important. We have a right to a degree of digital privacy the same that you'd expect to have in real life. We need to have people fighting for digital privacy and freedom. I am glad to join that fight.

[1] https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal [2] http://nymag.com/intelligencer/2018/03/facebook-secretly-saved-videos-users-deleted.html [3] https://techcrunch.com/2018/04/05/zuckerberg-deleted-messages/ [4] https://techcrunch.com/2019/01/29/facebook-project-atlas/


Comments for articles on this blog are handled through a GitHub repository. To make comments you will be required to have a GitHub account.

The comments for this article can be found at this issue