I want you to start getting slightly uncomfortable right now. Because even as you read this, your emails are being read without your knowledge. Your social media network has been accessed by an unknown agent. Somebody is getting hold of your financial transactions and your credit card purchases, and creating a profile of your spending habits. Somebody pretending to be you is checking the naked pictures you might have backed up in your private cloud.
Somewhere, the profiles that you created for your dating apps are under scrutiny. Your Google search history is slowly being browsed by people who now know what you searched for last Friday at 3.30 am when you just couldn’t find sleep. Your WhatsApp texts, including that long sexting session with your ex, is now being stored in some other memory.The false account that you had created on Twitter to troll the world, is now linked to all your other IDs. The LinkedIn connections you sent to a rival company in search for a better job, are now available for others to find.
I wish that I was only presenting a hypothetical dystopia to warn us about the future of privacy. But, I am not. Because, the future is already here and it is slowly unfolding in front of you. We often think of the Internet as a secure system, mumbling things about encryption and passwords, imagining that if so many people are using it, then it must surely be safe. And it is true, that largely most of our electronic communication on the digital circuits is secure, or, at least, not easily vulnerable to vicious attacks.
Every time we hear about hackers intercepting sensitive information in databases, we are assured that it was a one-time exceptional case, and that forensic investigations are being conducted to keep our data safe. The digital security industry is indeed working hard to make it increasingly difficult for people with malicious intent to actually read and manipulate our data that we secure with passwords, fingerprints, and encryption keys that become more complex and robust.
However, the biggest concern around privacy, in the Internet of Things, is not about these cat-and-mouse games of data breaches and theft. Instead, perhaps, the biggest act of data theft and interception is conducted in full public view, with our consent. This happens when we download apps, use single user verification accounts and join free public hotspots, allowing our data to be freely captured by unseen actors.
The corporate mining of human users is not the only scenario in this landscape. In the recent reality TV edition of the US politics, they have just announced that border control in the US can now demand anybody to hand over their digital devices, passwords to email and social media accounts, and access to all their digital information in order to gain entry into the country. Or, in other words, you can be as secure as you like, but if the government wants, they will get that information from you as a price of entry into the country. You don’t need the NSA when you can just walk to the person and ask them to hand over this information.
Closer home in Digital India, things are not better. The Aadhaar project has failed to address data privacy questions. The data that we have voluntarily given to Aadhaar can be used to create a massive surveillance system that sells our data for profits and transactions to private companies. Similarly, in the post-demonetisation move, as we all went cashless, we increased our digital footprint in an ecosystem that has almost no safeguards to protect you from people knowing about your purchases at the chemist shop last weekend.
As we connect more online, and more devices are linked to our user profiles, we continue to leak and bleed data which violates the very core of what we consider our private selves. When we learned about the market exploiting our private data, we thought that the state would be the watchman. As the states start being run as markets, we now have a new question: who shall watch the watchman?
The new interest of the state in mining its citizens as data and suspending our rights to privacy under the rhetoric of national security and interest is alarming. The state now thinks of our private data as capital. We need mechanisms to protect ourselves from the predatory impulses of the new information states, and while we might not have remedies, we do need to start the conversation now to safeguard our futures from the war against privacy.
Nishant Shah is a professor of new media and the co-founder of The Centre for Internet & Society, Bangalore.