Should I #DeleteFacebook? What does it mean?
In tech news, and indeed now in the general news, there’s a lot of talk of some very shady business practices that companies have been up to for quite some time. Many of us understand that by signing up for various online services, particularly ‘free’ offerings from corporations with centralized, ad-supported models, that we’re giving up some of our privacy in exchange. Indeed, the likes of Google, Facebook, Amazon, etc. have quite the ad tracking network, designed to create a profile or model around your account, so they can see what sites you’re visiting, what things you’re buying online, and then tailor the ads they show you around that profile. In almost all cases, they grant access to this data or sell it to various interested 3rd parties who do the same sorts of things.
This is kind of an Internet-wide version of the various loyalty programs you get from grocery stores or whatnot, except instead of points to redeem, you get ‘free’ services like your Gmail, or Facebook profile, YouTube account, etc.
Of course, the reason this is all blowing up in the news at the moment is because instead of merely showing you ads for widgets you might like, or diet pills, it’s apparent that this sort of data was actively used for political purposes, in many cases skirting legality in various jurisdictions (and that’s being generous). Profile data was and probably still is being used to create and display targeted political ads to try to swing elections. This is the line we’ve had to cross for people to get up in arms about this sort of data collection.
Many people have been blissfully unaware just how much data has been collected – particularly if you installed the matching smartphone applications for each service (call and SMS logs, browser activity, etc.), but ironically enough – companies like Google and Facebook are pretty open with what they’re taking from you. You can actually download a copy of all of your Facebook data and skim through it… though you may not like what you find if you’re a heavy user. If you’re signed in to Google’s services, you can double check your own ad profile and settings, and opt out of a number of things (hint: probably all of them).
You can also do a lot to protect yourself by running a full-spectrum ad blocker in your browsers (like, say, uBlock Origin for Chrome or for Firefox), and if you have the patience, a script blocker & whitelist tool like uMatrix for Firefox, and indeed, I’d strongly recommend everyone be running an ad blocker these days, just because of the sheer number of times ad networks have been abused to distribute malware, but that’s not the be all and end all – especially if you’re still posting pictures and other information directly to these corporate sites and services.
It gets worse when you start looking at ‘the cloud’ – we’ve already known about various three-letter-agencies from multiple countries around the world doing their best to hoover up as much data as they can, to sift through later and try to make decisions on. One of the better arguments for keeping data relatively secure is to ensure that it’s not physically stored on US soil. Unfortunately, recent legal actions give the US carte blanche to request data from any American company’s datacentres, even if those datacentres are located elsewhere. Timing is suspect with the recent enforcement start date yesterday of the new EU General Data Protection Regulations. Now, even if you have your instances in, say, the Canadian zone of a big American cloud provider, the fact that the company providing the service is American is enough for them to warrantlessly attempt to acquire your data.
So, what can we do?
Those of us who have more than a bit of grey in our beards can probably remember a time before these centralized, corporate services. Maybe we’ve dabbled in using some of them, particularly at work, where some companies still run their own e-mail servers, their own IRC or Jabber/XMPP servers.
“But IRC isn’t like Facebook at all! And then I’m just trusting someone’s IRC server instead of some company, with all the same potential problems!”
The good news is that there’s been a lot of active development in various decentralized, federated projects with the intent of taking back control of the internet – where services and their development can be crowdfunded (through the likes of Liberapay and others – check out Snowdrop’s comparison of various crowdfunding services), and the resulting specifications and code are open and free for all to implement and use. In a nutshell, this means you can run your own server and instance, just for you and maybe your friends, and still be able to see and interact with the greater community – just like how your e-mail address is two parts, a ‘user’ @ ‘a server’, and that doesn’t prevent you from e-mailing anyone you like, even if their address is at some other server, most of these federated, decentralized services use a similar notation: you’re a ‘user’ @ ‘a specific server instance’, and you can freely interact with everyone across the network, regardless of where their account physically lives. That’s it.
Of course, you can always choose to sign up on someone else’s instance and server if they allow account creation – just like how you sign up for an online forum, you’re generally granting the administrators of that server implicit access to what you’re uploading and posting. However, there’s no built-in tracking, ads, or anything of that sort – the only things people have access to are what you choose to post and upload.
That’s all well and good – so what are my options?
- If you’re used to Facebook and Tumblr, you might want to take a look at diaspora*
- If you’re used to Twitter, you probably want to try tooting with Mastodon (and find your Twitter friends with their helpful bridge tool) – bonus: adorable introduction video
- If you’re used to Slack, Discord, and Telegram, Matrix and its reference client, Riot are in active development and definitely something to watch. Group audio calls and videoconferencing via WebRTC are already implemented, there’s a Community/group feature, but as of writing they have yet to implement Discord-style persistent voice channels (though it’s on a wishlist) or Telegram-style stickers (though as of this issue, it sounds like it’s Coming Soon(tm).)
More reading:
Mastodon related:
The Washington Post: ‘The new technology that aspires to #DeleteFacebook for good’
YouTube: ‘What is Mastodon?’ (video)
Facebook related:
WCCFTech: ’50 Million Facebook Profiles Harvested Without User Consent – Data Monster Chose NOT to Alert Victims & Is Trying to Threaten Reporters’
WCCFTech: ‘FTC Confirms Investigating Facebook’s Controversial Data Sharing Practices – Company Loses $100 Billion in 10 Days’
Telegram related:
WCCFTech: ‘Telegram 0-Day Exploited for Months to Spread Backdoors & Mining Malware’
WCCFTech: ‘Telegram Loses Court Battle – Ordered to Hand Over Encryption Keys to the Kremlin’
The Electronic Frontier Foundation‘s ‘Surveillance Self-Defense’ Guide