Sunday, May 29, 2016

The Complete Privacy & Security Desk Reference Volume I

For most of my life, privacy hasn't really been something I've thought about too much. I've happily given out my name, address, phone numbers, email addresses and other information. In 1993 I proudly made my first personal website, and in the last decade have reveled in the human digital connections enabled by social media. However, as data scientists we know that our deep learning algorithms and cloud platforms are enabling a new era, where machines can get unprecedented insights into our everyday lives my mining millions of data points about us. Much of this can be for good, but it can also work against us - for instance when your health insurance doubles in price because the insurance company's algorithms predict that your health is going to go downhill soon, maybe based on your grocery shopping habits, cellphone trail and hypochondriatic web searches of late; or when your credit card information gets leaked in the latest hack.

Since data scientists and data engineers are the people enabling these activities, I believe we as a community need to put as much effort into understanding and mitigating the human and social implications of data science, as we put into our coding and analytics. This has many dimensions, but one of those is understanding the choices we have as individuals about what we do and do not share with the rest of the world, and what access we give to sensitive information such as our credit card numbers.

The Complete Privacy & Security Desk Reference Volume I: Digital is by far the most comprehensive guide I have seen to understanding the privacy and security choices we make in the digital world, and to how to take some control back about what gets shared about us. The book covers a multitude of techniques from the basic that we should all do, such as setting the privacy settings of browsers and using VPNs - to highly advanced methods such as masking credit card numbers, setting up aliases and keeping your home address information completely private, that are probably only going to be realistic if you are a public figure or you are unfortunate enough to be threatened by someone. The chapters are helpfully organized into "basic", "intermediate", "advanced" and "expert". Several chapters lead you through a process to find out exactly what information about you is publicly accessible on the internet, and how to have some of it removed if you wish to.

The book goes into a lot of detail about each of the topics it covers - for instance which browser you should use (Firefox), and exactly what settings to choose to prevent third party cookies tracking you. I have spent the last couple of weeks experimenting with a variety of the methods of the book, including using VOIP phones, VPNs, searching myself on the internet, and closing a few security and privacy loopholes. What is for sure - and the book is clear about this - is that there is a tradeoff between security, privacy and convenience. If I have any criticism of this book, it would be that once you get started implementing its suggestions it is not clear where to stop, since everything is connected to everything else. Unless you want to live like a secret agent in a foreign country, you're going to have to draw the line somewhere. I am not sure how many of my experiments will persist for me, but going through the process I have learned a lot about what digital trail I am leaving, and what choices I have to do something about it.

Overall I would highly recommend the book, as it shows that you have much more control about your digital data than you probably realize, and it gives you tools to help you find the right place for you on the privacy-convenience continuum.