Privacy: Where Should You Start?
Threat modeling sounds like something you'd hear in a documentary about the CIA or something. But it simply refers to the threats that you are defending against. In the context of personal privacy you can think about it like this. What persons or groups are you concerned about? An ex boyfriend, identity thieves, Google, or a nation state? Depending on your answer to that question your threat model will be very different.
You have probably heard the scary stories about identity theft, oppressive governments, stalkers, and exploitation that can result from poor data privacy. You likely want do something about it. It can be overwhelming even for those comfortable technology. You certainly will hear unfamiliar terms.
You've likely heard extreme suggestions like don't use a smart phone or stop using social media with little explanation of the trade-offs. The end result of all this is often just giving in to apathy. I often hear people say "What's the point? There's already so much out there about me". Don't give into the anti-privacy propaganda. Privacy isn't all or nothing, its a spectrum. You can always be more or less private. We are constantly creating new data about ourselves and our families so what we do now does matter. Yes, there are things you can't undo but don't give up. Anyone can make choices to decrease their risk and increase their privacy.
Start with the why
I recently wrote a post explaining why everyone should care about privacy. As with many important things its a good idea to start with the why. Your why. Why do you want to take privacy seriously? There can be many reasons why people start to think about their data privacy. Often something happens to trigger this though. You hear a news story and realize that something similar could happen to you. Maybe it was a story about how someone used social media to hurt someone they know. Maybe an ex.
Maybe it is how much data Google collects about us and how that makes you feel. Maybe its a government's actions against protesters or marginalized groups. Maybe you heard about how cyber criminals ruined someone's life. Or maybe you've just had it with surveillance capitalism. You want to take a stand on principle. Whatever the reason, you need to start with the why.
Privacy is not secrecy. Privacy is about choice. Privacy is about empowering yourself to choose who knows what about you. Most people do not need to be anonymous all the time and everywhere. Being anonymous online is not easy to do and starting with why will help you focus on your actual goals. If you don't start with the why you will waste your time doing things that don't impact your privacy in the areas that you care about. The best way to avoid this mistake is to evaluate your priorities and risks by creating a threat model.
Threat Modeling
I suggest you start writing down notes in a notebook or open a text document on your device. Start documenting your thoughts as we go through this.
What do you want to protect?
Here are a few general areas you might want to think about protecting. Maybe you are not concerned with all of these and likely your priorities will be different from others.
- Family
- Location of your home
- Finances (banking, bitcoin, investments)
- Employment (Where you work, losing your job.)
- Communications (email, phone messages, contacts, notes)
Who are you protecting these things from?
Who are you concerned about? This is not an exhaustive list but it should give you an idea of how to start to think about this topic. We can call these individuals and groups adversaries because they may want to take your privacy or cause you harm.
- Criminals
- People you know
- Big tech companies
- Governments
Criminals
We all should be concerned about defending our data from criminals. If you happen to be either high profile or high wealth individual you should take this threat even more seriously. A few years ago the crypto hardware wallet company Ledger had a data breach that exposed the email addresses, names, and home addresses of thousands of their customers. The impact of this is unfolding. If you were affected by this breach your private info is now public along with the knowledge that you are likely a holder of crypto. This even made me think twice about what info I share and with you I share it.
Big Tech
Google and the other tech giants know a lot about us. Most of us have probably thought about this with disgust. We don't know everything that Google does with all of this data but we know they scan all email in Gmail. They say this is to display relevant ads but you are trusting them if you use their services. Think about that. How much trust are you putting in Google? What kind of data do they hold about you? Have you stopped and thought about what they could do to you with this data? That's besides the possibility that they may decide you shouldn't be on their platform. There are many cases where someone has been kicked off of Google or other cloud providers and lost access to their photos, documents, emails, etc. I'm not saying this will happen to you but it could happen. How bad would that be for you?
Another scenario to consider is if you are falsely accused of a crime. What if you are morally right but are breaking some law? If a company like Google or Apple can access the data requested by a government they will turn it over. You can't trust them to defend your rights. I'm not saying to not use these platforms, I'm saying you are trusting them. Think about what you are trusting them with and the consequences of that choice.
Government
While you may not live in nation that has oppressive tendencies today are you confident that this will remain true? Nations can turn from peaceful to violent and oppressive very quickly. Regimes come and go, how confident are you that you will never be a target of those in power? I'm not trying to frighten you, I'm just trying to make you think. You may be on the "right" side today but will that always be the case? What happens if people that hate people like you take power? The time to think about these scenarios is today, not when things take a turn for the worse. If this takes place your digital life, and your phone may testify against you. They may be the tool used to bring you down.
People you know
Family is very important to me. A good family can be a lifeline when you are in need. A healthy family loves and supports each other. Unfortunately many of you will have someone or multiple people in your life that may wish you ill. These people may even be family. The sad truth is that if you don't practice good privacy practices a person that knows you could make your life very unpleasant.
What is the likelihood of attack?
Once you have a list of threats you should prioritize the list by those mostly likely to occur. Focus on these items first. Your cell phone network can see all
of your phone calls, your SMS messages, and have much more data about you. That said, how likely is it that they will expose this data or use it against
you? That all depends on your threat model. While it might seem unlikely that they would use your data against you if data is requested by the government they will turn over anything they have. This is one reason to limit the access your phone provider has to your data. Go through this thought process for each item you want to protect.
What would happen if your data was exposed?
Think through what you have to protect. What are the best and worst case scenarios?
What would happen if:
- Your name and address were made public
- Your purchase history online was public
- Your text communications were required to be shared in court
- Your social media posts include something offensive considered illegal
- Your political opinions, and financial support were made public
What kind of problems would these things cause for you? How much of a hassle would it be if any of these things happened. It might be less hassle to protect your data now than to deal with the consequences of doing nothing.
What are the trade-offs? What can you do?
I know I've shared a lot. There's a lot to think about but lets focus on a few things. What are the trade-offs of protecting each item you want to protect. Some things are not likely at threat as others. Some things are harder to defend against than others. Some things are simple and there aren't really any downsides.
The cliche "Roman wasn't built in a day" is an apt one for taking ownership of your privacy. Your privacy isn't reclaimed in a day. Just take it one step at a time. I know that it can seem overwhelming and at the same time it can seem like you need to do everything at once. This is not realistic for most people. Depending on your threat model it is likely you can take back your privacy in phases. Just don't give up.
In my next article I will talk about tools and methods you can use to protect your privacy based on several threat models.