If You Have an Account with One of These Online Companies, Your Privacy Could Be in Danger
This may come as a shock, but when you’re online you’re opening your personal life up to the government in ways you’ve probably never fathomed.
Who’s got your back?
The U.S. government likes its secret projects—just check out these examples. The latest ongoing effort is tracking the online behavior of its citizens. In 2016, government agencies sent at least 49,868 requests to Facebook for user data. In the same time period, they sent 27,850 requests to Google and 9,076 to Apple, according to the Electronic Frontier Foundation (the EFF), a major nonprofit organization that champions civil liberties in the digital world by, among other things, advising the public on matters of internet privacy. For the past seven years, the EFF has published an annual “Who Has Your Back” report that rates the tech companies with whom you probably interact online as how and how well their corporate policies protect your personal information from the government’s prying eyes.
This year, the EFF evaluated the public policies at 26 such companies, awarding them stars (or not) in the following five categories:
- Following of industry-wide best practices (for example, publishing their corporate policies on how they handle government requests for data)
- Notifying users of government requests for access to private info
- Corporate commitment to not “sell out” users to the government
- Corporate policy on standing up to National Security Letter (NSL) gag orders—these forbid companies who have received a demand for data from the government to reveal the existence of such demand.
- Stated support of legal reform aimed at decreasing the collection of information on individuals
Overall, the alarming results indicate that the tech industry, as a whole, has a long way to go before users can feel secure about their personal information. “We expect companies to protect, not exploit, the data we have entrusted them with, but companies are failing to push back against government overreaching,” summarizes EFF Senior Staff Attorney Nate Cardozo.
The all-stars of the bunch
Nine companies earned stars in every category this year:
Highlights among these nine companies include the fact that Credo and Sonic both earned stars for standing up for transparency and user privacy in every category for every year of the past seven years. The other seven companies—Adobe, Dropbox, Pinterest, Wickr, and WordPress—have improved their policies over the years, which is significant in and of itself.
Check this story out if you’re curious about just how powerful a single message on the Internet can be.
These guys aren’t fighting NSL gag orders
Each of the following companies lost a star for failing to enact corporate policy in favor of standing up to NSL gag orders:
- Snap Inc.
“Of all the dangerous government surveillance powers that were expanded by the USA PATRIOT Act, ” the EFF states on its website, “the National Security Letter (NSL) power is one of the most frightening and invasive.” National Security Letters not only demand data about “ordinary American citizens’ private communications and Internet activity, they do so in total secrecy—without any oversight or prior judicial review.
The EFF has long been concerned about what it considers this abuse of power by the FBI, stating that since 2003, the FBI has issued as many as 500,000 NSLs. And only a handful of companies and individuals have publicly disclosed receiving an NSL even after being notified that the FBI had terminated the related gag orders.
Here’s an inspiring story of someone who breached national security to reconnect with the love of her life.
But these five are doing an all-star job otherwise
Of the many companies listed above that are not fighting gag orders, it should be noted that the following five got stars in every other category. In other words, leaving aside the NSL issue, the following companies are doing a good job according to the EFF:
These guys won’t tell you about big brother requests
The following companies won’t warn you about data requests from the government:
- Snap Inc.
Another way to avoid surveillance is to simply use your devices less. Try these tips to lower your cell phone data usage.
These guys might sell you out
EFF checked to see which companies would make a firm commitment to not selling out their users to government requests. The following companies failed to earn that star:
These guys aren’t taking a stand for reform
In a letter to Congress, a large number of tech companies requested changes to a law (Section 702 of the Foreign Intelligence Surveillance Act) that forms the basis for the the government’s programs of surveillance of electronic communications. These programs are meant to target non-US citizens overseas, but end up sweeping US citizens into their net.
The EFF notes that the following five companies didn’t sign the letter:
Of the five, only Apple was awarded stars in all the other categories. The rest got only one out of five stars overall, in each case for standing up to NSL gag orders. (Cheers to Apple for at least trying to stamp out texting while driving.)
The worst of the bunch
The following companies earned only one star each, and that was only for adopting some of the industry’s “best practices.” This meant they published transparency reports and required a warrant from the government with respect to requests for content.
The EFF sees it as significant that these companies have taken some steps toward protecting the privacy of their users, but each is still seen as needing to make a number of changes before the EFF will say that they “have your back.”
It’s not just tech companies that are all up in your business. Here are some cringeworthy things your credit card company may know about you.
What you can do to protect your own data
The EFF has created a Surveillance Self-Defense Guide that provides a wealth of information and animated tutorials aimed at defending yourself from surveillance. Their tips include, among many, many others:
- Using “BleachBit” to really delete the data you wish to delete (if you’re using Windows and Linux).
- Using a new password for every website. To make this easier, the EFF recommends writing your passwords down in longhand or using a secure password manager (a tool that can encrypt and store your passwords using a single master password).
- Using end-to-end encryption when communicating online. This ensures that a message is readable only by the original sender and the recipient.
- Never click on any links or attachments in emails unless they are from verified senders. To be safe, use a shared service like GoogleDrive or Dropbox
What about your computer’s camera? Find out if you should cover that up.