In October 2013, Mikko Hypponen, a chief research officer in Finland who works with international law enforcement to prosecute cybercrime, gave a Ted Talk in Brussels about the National Security Administration (NSA). He said, “Whoever tells you that they have nothing to hide simply hasn’t thought about this long enough” because “one thing we should all understand is that we are brutally honest with search engines. You show me your search history, and I’ll find something incriminating or something embarrassing there in five minutes.”
Search engines like Google log all of your search history. This is why Google’s advertisements are emotional stories sharing intimate details of our lives via our Internet use.
The ads started in 2009 when Google kicked off their new “Search Stories” marketing campaign. “Parisian Love” was a video composed exclusively of searches telling the story of a student studying abroad and falling in love. Some recent examples are the stories of life in high school (“Grads“), learning to make videos (“We’re All Storytellers“) and fatherhood (“Dear Sophie“), all told by realistic Google logs. The video “Your day gets a little easier when signed in to Google” even shows how Google could know your home address, flight itinerary, package status and meeting times. And, as they say in the video, “That’s just for starters.”
Most videos end with a simple command: “Search on.”
Hypponen is clearly right that “We are more honest with search engines than with our families.” Thus your choice of search engine matters.
According to the documents Edward Snowden released, the NSA began PRISM collection of Google’s data in January 2009. Google responded on June 7, claiming, “We had not heard of a program called PRISM until yesterday.” Perhaps PRISM is so clandestine that Google wouldn’t know about it. Or maybe Google knew PRISM by a different name.
In the search engine’s “Transparency Report,” Google reports the number of government requests they receive. They started on Foreign Intelligence Surveillance Act requests in January 2009. They say they received “0-999” requests for the content of “2000-2999” users/accounts in that six-month period in 2009.
Surveillance is the business model of the Internet. Most free online services make their money by gathering information on their users and selling it to advertisers. Google makes its money through targeted ads stretching the length and breadth of a user’s browsing experience. Advertisers pay Google to feature their ads on Google Searches, at the start of YouTube videos and on other Google sites throughout the Internet by paying websites to host Google ads.
It takes a daring company to operate any other way, but there do exist many that try.
In January 2009, a week after the NSA claimed it secured access to Google data, the search engine DuckDuckGo made the decision, in the words of founder Gabriel Weinberg, to “throw away your information altogether.”
They say no to collecting any information. As a result, they say no to law enforcement, government surveillance and advertisers who come knocking. They don’t have the data, so they don’t give it out.
DuckDuckGo also sponsors FixTracking.com that helps users make every browser more secure and private because your search engine is only one component of your Internet security. Even using DuckDuckGo, your information and search results might still be collected by the browser you use to access the Internet.
Microsoft, creator of Internet Explorer; Apple, creator of Safari; and Google, creator of Google Chrome, are all incriminated on the leaked PRISM slides as collaborators with the NSA.
The web browser Firefox was created by the nonprofit company The Mozilla Project. All of the browser’s code is open source, coded by “tens of thousands of volunteers.” This model of code design relies on a distributed trust model. So rather than having to put trust in, say, a team of 10 Google programmers who could let you down, you put your trust in a gigantic community of programmers who each distrust one another.
With any given browser, though, the websites you visit know you are there via your Internet Protocol (IP) address. It’s difficult to know how much browsers store that information. But recording those visits in real time either through wiretapping or Google Analytics would create an accurate history of your visits tied to your identity.
That’s why The Tor Project takes security a step farther. The Tor browser, designed originally to protect Navy communication, protects your identity and sits on top of the Mozilla Firefox system. The system behind Tor is a complex circuit through Internet servers that effectively allows you to don a mask during your Internet browsing. You no longer look like yourself but rather just another generic Tor user.
Tor comes at a cost to your speed. If you’re already going to be logging into a website like your bank, e-mail or Amazon, then anonymity isn’t really what you need, although some argue that encryption and anonymity at all times is safer.
Using Firefox and DuckDuckGo is a very small step toward keeping the intimate details of your life further away from spying eyes. But nothing short of Internet reform will truly protect your data.