Editor’s Note: This is the first of a two-part podcast with security researcher Chris Soghoian.

It’s a truism that the pace of technological change outstrips society’s ability to grasp the impact of that change. For the most part, the consequences of this are benign and the remedies straight-forward –think: “mobile phones ringing in the movie theater.” Not infrequently, however, our failure to grasp the true significance of technological innovation can have tragic consequences. There’s the Gatling gun during the American Civil War, or the rapid increase in traffic fatalities that came with the adoption of the automobile.

Chris Soghoian, an independent security and privacy researcher, thinks that we’re aga
in in a period of extreme, technology-fueled dislocation. The rapid growth of online social networking Web sites and the proliferation of Internet connected, location-aware mobile devices have empowered for-profit firms like Google, Microsoft and Facebook to collect reams of private information and then hand it to advertisers – often just different divisions within the same company. Consumers, Soghoian argues, are stuck with a cornucopia of free applications, but ones that readily collect and then “spew” their personal information, or provide meager privacy features that are spotty and difficult to use.

And, like auto executives who argued vehemently against federal seat belt requirements, executives of major Internet firms say there’s no problem with any of this. Most users aren’t asking for more privacy protections, and enjoy a great service for free.

Soghoian isn’t buying it. Like the Ralph Nader of online privacy, he’s spent much of the past three years tilting at Internet giants and trying to force the hand of a reluctant U.S. government to stand up for consumers.

In 2010, he filed a complaint with the FTC demanding that the commission force Google to amend its privacy policy to reflect shortcomings in the data protection features that Google offers. He similarly exposed weaknesses in the security of cloud storage firm DropBox, and inaccuracies in its promises to customers about how it protected their data.

Even if privacy isn’t a top concern for many users of Facebook and Twitter (and recent studies suggest it isn’t), the free market is failing to provide secure options for those who are concerned about it, Soghoian argues.

“There is no way to buy a version of Chrome that doesn’t violate your privacy,” Soghoian said.

The result is that Internet users are coerced into divulging personal information by sites like Facebook, which offer the (false) choice of protecting their privacy and enduring social isolation, or allowing firms to invade their privacy so that they can engage with friends and loved ones online. “To maintain privacy is to be ostracized,” Soghoian said. “It would be fairer if there was a situation where consumers could choose privacy,” he said.  The result is firms, like Facebook, that constitute near monopolies that violate consumers privacy, but that consumers continue to use because there are no other alternatives.

In the first half of our two-part podcast interview, recorded in February at the Kaspersky Lab Security Analyst Summit in Cancun, Mexico, Soghoian talks with Threatpost Editor Paul Roberts about the crisis in online privacy, paying for Twitter and how the free market is failing online consumers.

Categories: Podcasts, Vulnerabilities, Web Security

Comment (1)

  1. Independant

    You are so right! I put the blame squarely on the individuals who go to bed with these Techno-theives; and become “Techno-harlots” giving up everything of themselves to me marketed on the “Techno-Block”, bought and sold for a trinket.

    I NEVER partake of “Social media” for that reason. I do not however feel ostracized from my groupie piers… I’m Not a “Social” member of a group! I’m a free individual who communicates with friends and family using phones, for the aforementioned reasons.

    I do have an Android tablet and concur completely concerning the total lack of privacy using the Google OS. I use all manner of proxies available, Do no banking on this, and my tablet is WIFI only. All Email is encrypted and all texting is cryptic. I consider all communication on this tablet as being exposed to the world to witness. 99% of all traffic is one way: Down. The 1% is via an encrypted VPN connection to a secure server behind a double wall proxy. These aren’t hard to find. I own my own domain hosted by a high security site. Secure open communication isn’t hard to do! Computers can’t understand severely misspelled words, more so if the mysbelyg changes every time that uuorb is uzgd,  but our minds can. Use of that data then requires human intervention. An expense these thieves wont $hell out.

    I believe that many people realize the nature of organizations like Google. The overwhelming majority don’t.

    It’s impossible for man (No gender) to go around saving the world from themselves. We can only save ourselves from ourselves IF we have the Wisdom to realize it. We all sail our own ships. It’s the misguided who flock to the Titanic’s of the world. Dannb the icebergs, full speed ahead… Totally unsinkable ship? Tisk-tisk.

Comments are closed.