Practical privacy and simple cybersecurity.
TheNewOil.org

The Peripheral Benefits of Privacy

Before the pandemic started, I was a freelancer. And one day at work, my backpack vanished with my laptop in it. My laptop was around $1500 brand new. It has an i7 with 16 GB of RAM, a 500 GB SSD and at the time a 2 TB HDD (which has since been replaced with a 240 SSD that runs my daily Linux driver). For those who don’t speak tech, all you have to know is that when this laptop came out it was almost as top-of-the-line as you could get without buying custom, and even to this day it’s still on the upper side of mid-range. As a freelancer, this laptop was not just my time killer for movies and games, but also a critical tool for my job. I had dozens of programs, video clips, slides, and other things that I regularly used to do my job with the level of excellence that allowed me to be a successful freelancer.

When I got home, I was understandably upset but not for the reasons you might think. I was upset that I would have to go to bed without any background noise (I often use my laptop as a sleeping aid because it automatically shuts down when the battery dies, probably not the best use of it, I’m aware). I was upset that I had to spend over a thousand dollars that I didn’t have to buy a new one – again, because that laptop was also a job tool. But there were other things I wasn’t even remotely upset about. I wasn’t worried about my sensitive emails with clients discussing upcoming gigs, payments, or contracts. I wasn’t worried about my passwords. You see – as I’m sure is no surprise to anyone reading this who’s familiar with me – my laptop was full disk encrypted with Veracrypt. AES-256 with a randomly-generated six-word passphrase. NOBODY was getting into that computer. Not to mention that by this point in my life I was keeping regular backups and when this happened I was only about a week out of date. In a half hour, I could’ve had 99% of my life back.

Much of the advice regarding privacy and security that I see on the internet is framed in the context of civil rights or government overreach. Most sites talk about how to protect yourself from corrupt (or ignorant) cops at a protest, how to prevent the NSA from spying on you, or how to stop Google and Facebook from stalking you. This is good, and I agree with all of these things. I firmly believe that privacy is owed to you as a human right, that governments often tend to overstep their responsibilities, and that you are responsible for your own protection. But I think that solely focusing on this aspect of privacy and security does a major disservice to the other practical aspects of it.

Quite frankly, people as a general rule suck at abstract thinking. In 2019 an app called FaceApp went viral. It’s a pretty straightforward app – it makes you look like an older version of yourself. How such a simple app went viral is beyond me, but for a few weeks everybody was sharing and posting photos of themselves fifty years from now. But this had an unexpected side effect: it made people start saving for retirement. Most people don’t think about their futures – not in any kind of real, tangible way – but when faced with a realistic age-progressed photo suddenly retirement became a real thing. It wasn’t just some foreign concept the way that a country you've never visited or “the cloud” is, but rather it was an actual upcoming event that could not be avoided and had to be dealt with. This is the same reason I’ve plastered my front page with links about real-world privacy abuses and the consequences of them, so people can see it and wrap their heads around it.

The funny thing is, people are also laughably bad at properly evaluating risk. For example, did you know that in most crimes the victim and perpetrator know each other? A 1987 study found that less than half of all violent crime was committed by total strangers. That’s why cops always look at the spouse/partner when someone goes missing or dies. The last person you texted is more likely to murder you than the stranger you passed on the street. Yet that doesn’t stop us from locking our doors, hiding our valuables in the car, and spending billions of dollars every year in security services, an industry that only continues to grow year after year. In fact, your odds of being murdered in any given year – murdered at all by anyone – is .005%. If we look at home robbery, the odds to bump up dramatically to a staggering 2.8%. The average loss is a mere $2661.

But yet, 25% of people are likely to be caught up in a data breach and have their personal information – which could be used to steal their identity and open bank accounts and rack up fraudulent charges in the thousands or more. In fact, most cybertheft cost over $10,000. 1.4% of people are stalked every year in the US. And what’s our response? Posting more selfies on new platforms. More videos on TikTok. More views. More likes. More comments. “Send me an invite to Clubhouse if you’ve got it!” (Author’s note: don’t waste your time.)

It’s time for a shift in focus. Yes, protesting matters. Yes, freedoms matter. But if we ever want privacy and security to reach the mainstream, we need to start speaking the language of our target audience. I’ve successfully gotten a number of people around me to switch to Bitwarden and literally every one of them has thanked me for it and some have even pushed it to their friends without me having to say a word. How did I manage this miracle? “Forgot your password? Mind if I offer a solution?” That simple. Who hasn’t forgotten a password? Or struggled to come up with a “secure” password that meets the requirements? “With Bitwarden it only takes a few clicks to create and save a secure password and you never have to remember it again.” Boom.

This goes for everything. Sure, encryption will keep the cops out of your laptop. It will also stop the rando who steals it. Maybe they’ll still pawn it, but at least your bank details and porn collection are safe. Same for having a good password or PIN on your phone. It won’t stop a criminal from pawning it, but it will stop them from opening your bank app or messages. Remember how years ago people would post on Facebook that they were going on vacation and criminals would use that to target homes to rob? Being careful on social media isn’t just about privacy, it’s about preventing crime. Not having Instagram isn’t just a moral principle, it’s about not opening the door for cyberbullying or harassment. I don’t think we should ever back down from our moral message of privacy and security. Privacy is a human right, and things can change in the blink of an eye. Often when a dictatorship rises to power, people are punished for sins of the past – things they said or wrote years before the party came into office. But frankly, just that one sentence is hard for the average westerner to come to terms with. We need to start framing privacy in a practical way that makes people realize that it’s not ALL about avoiding the algorithms and thwarting corrupt officials. Sometimes it’s just about not having to remember my password or not having to panic when my computer gets stolen. Those are threats the average person can relate to.

Oh by the way, my computer didn’t get stolen. It got accidentally picked up by somebody who thought it was one of their bags. It was returned to security same night and they were very apologetic. I slept great with Futurama in the background.

Tech changes fast, so be sure to check TheNewOil.org for the latest recommendations on tools, services, settings, and more. You can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...