Business Spotlight

Protecting yourself

Wer sich im Internet bewegt, muss damit rechnen, dass seine persönlich­en Daten in fremde Hände geraten. Zum Glück gibt es Apps, mit denen Sie Ihre Privatsphä­re schützen. Doch auch diesen müssen Sie vertrauen. ALEX HERN berichtet.

-

The world isn’t a binary choice between living in a surveillan­ce state and opting out of all technologi­cal developmen­ts. You can use the technology and opt out of sharing your private informatio­n at the same time — you just have to know how. A new kind of service is trying to help ordinary users take control of their digital lives. Companies such as Disconnect and Jumbo act like a digital concierge for their users, changing privacy settings, deleting sensitive data and making surveillan­ce difficult. However, to use the privacy apps to their fullest means giving them a level of control over your digital life that would be very easy to abuse — and it’s hard to be certain that any company can be trusted with such sensitive informatio­n.

Changing settings

The main reason for the rise of privacy apps is the increase in “settings” and “preference­s” screens in our lives and the powerful options within them. Web platforms are complex, with large networks of linked services, spin-offs and acquisitio­ns.

Each of them treats users differentl­y, has a separate place to change privacy settings and could theoretica­lly expose some informatio­n you would rather keep private.

What your settings are at any given moment probably depends on when you opened your account, when you last logged in and how good you are at reading pop-ups that flash in front of you when you just want to find out the address of the party you’re going to.

Facebook has even actively changed privacy settings in the past, a practice for which it was given a “consent decree” by the US Federal Trade Commission in 2011 (which it then broke during the Cambridge Analytica scandal, leading to a $5 billion (€4.5 billion) fine). But even if a company hasn’t changed your privacy settings, it can still be hard to find out exactly how much informatio­n you are making public.

For instance, whether or not Google is tracking your physical location 24/7 on an Android phone depends on when you first used Google Maps and whether you have changed any settings since. The company used to turn “location history” on by default. Now, it does not.

“It’s an unfair game between users at one end and companies at the other”

Acting as an advocate

Jumbo is an app for IOS and Android launched in 2019. Its goal is to cut through some of this confusion. The offer is simple: by downloadin­g the app and checking a few boxes, the app automatica­lly locks down your privacy settings on platforms that include Facebook, Google, Twitter and Amazon. Instead of you having to find every individual preference­s screen and decide which settings are harmless — and which are worded to sound harmless — the app does it for you.

Pierre Valade, the company’s Brooklyn-based founder, describes its role as an advocate for users everywhere. “It’s an unfair game between users at one end and companies at the other. Companies write privacy policies with lawyers, and they make it harder for you to figure out how to opt out, how to delete your data, but as a user, you’re supposed to figure out all of that yourself. That’s the idea here: it’s about representi­ng people and working for them, to simplify a complex system.”

The service Jumbo offers is possible because the largest technology companies can be shamed into giving users the ability to opt out of the worst violations of their privacy. Google doesn’t want you to turn off all of its ad personaliz­ation, but, the company rationaliz­es, most people probably won’t even know about the setting, and it satisfies the privacy warriors to have the option to remove themselves from the tracking apparatus, even if most of the world leaves the options exactly as they are.

But for the rest of the internet, shame doesn’t work. Most of the companies that track you across the internet aren’t polite enough to give you the ability to opt out, nor are they open enough for you to know they’re snooping on you in the first place. You might remember to go into the cookie settings for some websites, if you’re diligent, but eventually, you’ll forget — or visit a dubious site that disregards the law. For those sites, you need a rather pushier sort of advocate: something like Disconnect.

The company offers a service that uses ad blockers, firewalls and virtual private networks (VPNS) to sit between you and the snoopers, letting through only the informatio­n you intend to make public. “Without protection like ours, thousands of trackers collect informatio­n about our online activity when we simply use our phones or computers,” says Casey Oppenheim, the company’s co-founder. “Most of these trackers are companies we’ve never interacted with directly, yet they collect detailed profiles including our location data, browsing history and more.”

For trackers across the net, that means the app keeps a blacklist, preventing the worst offenders from loading up to protected devices at all. Then, in situations where the snoopers might be sitting between the device and the internet — think an airport Wi-fi — the app offers a simple VPN service that turns on automatica­lly when needed, preventing anyone else on the connection from seeing what’s being shared.

Collecting your private informatio­n Anyone, that is, other than Disconnect. Because the difficult problem with the new wave of privacy apps is that, to use them, you have to trust them with your most sensitive informatio­n. Services such as Jumbo make an even bigger demand than most internet services: for that app to work, it must request and store your usernames and passwords for every service you want it to work with. These are probably the most sensitive passwords you have, considerin­g the importance of accounts on Facebook, Google and Amazon. Both apps make it clear that they have no intention of using that informatio­n.

Disconnect’s Oppenheim says: “We don’t want, and don’t ask, users to trust us with any sensitive informatio­n. In fact, we collect as little data as possible; we don’t even require email or any personal informatio­n, and our technology is architecte­d to not collect any user data. As per our privacy policy: ‘We don’t collect any of your personal info, including your IP address, other than informatio­n you voluntaril­y provide.’”

Jumbo goes a step further: the app is carefully constructe­d so that the most sensitive informatio­n never leaves the user’s device. It would be a lot easier for Jumbo to work as a web service, connecting to various sites from a centralize­d server. Instead, it operates more like a heavily automated web browser by logging on to Twitter, Facebook and the rest for you.

The process is, admittedly, arduous: the first run-through can take a long time to

“People can stop using their phone, move to India, take hash and live in the mountains”

complete and leave your phone rather hot. But founder Pierre Valade hopes it helps people trust his app with their sensitive informatio­n. “We’re trying to do a better job in the long run,” he says, “but I think that we do have a good foundation. If you go to a doctor, you have to give them your X-rays, your bloodwork. If you go to a lawyer, you have to give them the informatio­n about your case. You must trust them to work for you. But we’ve designed a technology that only works on the phone; we don’t have access to it. By design, it’s very safe. It’s not completely bulletproo­f, but it makes it much, much harder.”

Fighting for your trust

Ultimately, it’s about trust. That’s not unusual; after all, nearly every action you take in life is backed up by trust rather than technical guarantees. (There’s no technology, for instance, that stops the postie opening your letters and talking about them with their friends.) But the nature of their access means that the companies that provide privacy apps need to fight harder than most to prove they’re trustworth­y.

For Valade, he tries to move the focus away from the fact that Jumbo is free. “Something that’s been important for us is that we’re not seen as a free product, because everyone knows there is no such thing as a free product,” he says.

Jumbo planned to introduce a subscripti­on service in March 2020, which adds extra features for people who want to increase their privacy and security. Disconnect already has a similar option, Disconnect Premium, which offers permanent VPN use across up to three devices for $50 (€45) a year. The paid-for features, the companies hope, will convince their users that they aren’t secretly selling data on the side to fund their developmen­t. But the free tiers remain available, and, trust aside, it’s hard to see why they aren’t more popular. For some, there may be a feeling that there’s no real option to keep big tech out of our lives, and privacy apps will only ever be a partial solution.

Valade hopes otherwise: “It’s a bit like saying you shouldn’t lock the door because someone can smash a door. Yes, I think people can stop using their phone, move to India, take hash and live in the mountains. But the reality is that we can get more privacy now, within the world that we actually live in. So, our goal is to make privacy so convenient that you can actually get it. Our point is actually more about control. Are you OK with what you sign up for?

 ??  ?? Dilemma: who can you trust with your private data?
Dilemma: who can you trust with your private data?

Newspapers in English

Newspapers from Austria