Warning – Your Internet Is Not Secure

Anthropologists in the field or at the desk usually take great care to protect the privacy of their sources and have done so even before the Institutional Review Board process developed. But with more and more communications and scholarly exchanges, as well as publications, in digital form, there comes added risk to self and the people one works with in the field and in the office, at home or abroad. The overall subject of safeguarding sources and one’s writing is not new. Most readers are familiar with warnings about private communication and the security of electronic notes, but it is worth revisiting the chain of events that make possible telecommunicating convenience and uses, but also digital mischief and abuses.

Just about any security that is created by people can also be broken by people. But the amount of time and effort to break into your email or hard-drive can also deter them. Notes in electronic form should use alternative names or numbers to distance writing from one’s informants on the chance that others manage to break into the notes some way. There are many points in the chain of software connecting two people where a determined adversary can see one’s communication and files: the sender or receiver’s PC or other device, wifi connection of PC to Web, transmission series of computers—with either encoded or unencoded message content. As for browsing the Internet, there is a record of sites visited.

Imagine a time when all anthropologists in the field, on campus, or in the office get in the habit of reducing their digital data trail and guard privacy for themselves, their correspondents, and their organizations.

As Kevin Mitnik writes in The Art of Invisibility, true anonymity and securing privacy for one’s communication is very difficult to achieve and can easily be lost in a careless instance of connecting from one’s known address, making a purchase on a credit card tied to one’s address, or giving a phone number that is associated with an address or fixed line. Privacy is not a given condition: It can only be established and preserved with great effort and complete discipline. Mitnik details the different steps required to attain and maintain untracked use of the Internet for one’s communication. Locking individual files or folders, and using software to encrypt the entire hard-drive when turning on and off the PC are fundamental to protecting digital materials. For especially sensitive materials cases, Mitnik recommends removing the drive or storage device itself.

Even if one is unwilling, uninterested, or unable to strive for fully anonymous online activity, there are several small steps that can minimize the amount data one leaves behind day by day. Makeuseof.com published an overview to the subject at the end of July. The article recommends making an encrypted (end to end, sender and receiver) email account or accounts at Protonmail (based in Switzerland) or Tutanota (based in Germany) for exchanges that are sensitive, including financial, medical, or any correspondence that might leave someone vulnerable to identity theft.

Just browsing the Internet leaves footprints, too. Time and date can be collected from one’s browser, from the ISP that passes along data upstream and downstream, or by intercepting transmissions going out or coming in to a particular computer. It is a good idea to get into the habit of using a browser’s “private browsing” or “incognito mode” so that no browsing history is stored on the machine itself (ISP still keeps records, though). Browser extensions like Privacy Badger (from the Electronic Frontier Foundation, https://www.eff.org/pages/tools) can block outside companies from tracking personal browser history. Of course, keeping software updates current and virus scanner up to date is a necessary routine to establish.

Going through US border control has several special problems for professionals like journalists, fieldworkers, lawyers and others with confidential information. There are legal distinctions about requesting versus requiring a traveler to unlock a device. Waking a device that is logged on is treated differently to one that is completely powered off. There are cases where your connecting flight may be delayed if the traveler choses not to give social media passwords, and so on. The whitepaper from Electronic Frontier Foundation discusses this at length with advice for US and non-US citizens.

Storing data remotely on a “cloud” server poses problems in transmitting file to or from the remote server and holding them at that location, either encrypted in the remote location or stored in an unencrypted format on a remote server, even if it is password protected. MakeUseOf.com for August 8, 2017 covers Dropbox, i-Cloud, Microsoft Onedrive, and Google Drive. The fact that one’s files, emails, or telephone conversations may travel a route to final destination that includes a foreign leg qualifies NSA to collect your data regardless of whether there is reason to target you, or sift through keywords. Nevertheless, any transmission or content that enters the US can be collected by…

Imagine a time when all anthropologists in the field, on campus, or in the office get in the habit of reducing their digital data trail and guard privacy for themselves, their correspondents, and their organizations; and that they teach their students to know the least and the most secure forms of composing, storing, and transmitting their thoughts. Perhaps then other social scientists will follow the anthropologists’ lead. And possibly one day a majority of all online communication will come to be more private and less exposed to abuses. At that stage we may again enjoy the conditions of the 1960s and 1970s when postal communication was protected by law and only judges could warrant wiretapping of telephones. When we regain that earlier privacy it will be worth celebrating. But in the meantime caveat emptor, caveat interlocutor, and caveat literator. Fieldwork and communication has changed and so must our skills at protecting sources, valuing privacy and maintaining vigilance.

Guven Peter Witteveen is a Japan anthropologist working as language and culture consultant at ScienceCraft in rural west Japan in aid of city and corporate Business Continuity Planning for disaster response and emergency management. His email is [email protected]

Witteveen, Guven Peter. 2017. “Warning – Your Internet Is Not Secure.” Anthropology News website, August 28, 2017, doi: 10.1111/AN.586

Post a Comment

Want to comment? Please be aware that only comments from current AAA members will be approved. AN is supported by member dues, so discussions on anthropology-news.org are moderated to ensure that current members are commenting. As with all AN content, comments reflect the views of the person who submitted the comment only. The approval of a comment to go live does not signify endorsement by AN or the AAA.

Commenting Disclaimer

Want to comment? Please be aware that only comments from current AAA members will be approve. AN is supported by member dues, so discussions on anthropology-news.org are moderated to ensure that current members are commenting. As with all AN content, comments reflect the views of the person who submitted the comment only. The approval of a comment to go live does not signify endorsement by AN or the AAA.