Privacy awareness is important for protecting digital rights. And it becomes even more important because of the pervasiveness of digital technology in our lives. We are surrounded by devices that track every move and emit data about our lives. Smart bands, smart home sensors, and of course our mobile phone and the apps installed in it.
The data generated and populated from these devices and apps creates a very accurate profile of our lives. Many have said that Google knows more about us than we do. Indeed, millions of data points generated every single moment describe our emotions, our likes, our friends and family, our favorite music and movies, our favorite places. The Netflix documentary “The Social Dilemma”, despite the criticism it got from many cybersecurity and privacy professionals, it is a great opportunity to reflect on the issues of digital surveillance and technology pervasiveness.
The coronavirus pandemic and the safety requirements of social distancing have enhanced our reliance on digital communications and mobile apps. Zoom, Webex, Slack and other collaborative tools were downloaded by millions to enable remote working or just to enable talking to our loved ones. At the same time, the plans for using Bluetooth enabled contact tracing apps were met with skepticism by governments, privacy groups and individuals as well. Governments like Belgium and Norway announced that they won’t use contact tracing apps because of privacy concerns and lack of proven effectiveness. The Electronic Frontier Foundation also argued that the pandemic is a vehicle for greater state surveillance to invade private spaces.
Just as every single organization tries to secure remote access to sensitive corporate data, as a result of social distancing policies to contain the coronavirus pandemic, the Five Eyes alliance together with Japan and India “have published a statement calling on tech companies to come up with a solution for law enforcement to access end-to-end encrypted communications.” This joint statement, even with softer terms, refueled the war on encryption which goes on for several years.
Tech companies argue that end-to-end encryption protects users' privacy rights, and to weaken it - by creating a so-called 'backdoor' that would allow the authorities to look at messages - would put all sorts of private communications at risk from hackers and force them to decide whether to hand over messages to oppressive regimes. Most privacy concerned citizens see these moves as a way to establish a surveillance state and a predictive policing regime, which will eventually reinforce existing racial biases and lead to a wide range of human rights abuses.
The right to privacy is recognized as a fundamental human right and is enshrined in many legislations and regulations, such the Charter of of Fundamental Rights of the European Union or the GDPR, and the CCPA. The latter two also mandate security requirements for protecting personal and sensitive data from being manipulated or from being exposed. Despite that, we are aware of insecurities built-in to IoT devices and mobile apps.
Mobile apps are accessing a wide range of data on our mobile devices, sometimes without any real justification. This data, which can be anything from location data to health habits and status, are then used to create digital personas and promote products or even worse to manipulate our votes. Raising public awareness is the only way to combat governments and vendors from manipulating our own personal data.
CAP-A project, an EU funded project aims to do just that—to raise privacy awareness through community crowdsourced activities. We encourage all our friends and customers to participate in the CAP-A pilots to evaluate the privacy friendliness of popular mobile apps. The results will be communicated to the app vendors hoping for a more privacy friendly ecosystem. Venafi is a firm believer of data privacy and strong end-to-end encryption. Awareness is power.