While almost everyone (including me) is talking about the PRISM system, it may be worth stepping a little back and looking at one of the underlying problems.
Looking closely, PRISM drew it’s data from just a couple of large sources, including Google and Facebook. But, again, it’s very few sources. While I guess they combine this data with intelligence they have gathered elsewhere, the fact remains that only two handful of sites seem to store quite a bit of information about everyone one the Internet.
So the question probably is what do privately owned corporations like Google and Facebook do with our data? Privacy advocates are never tired to warn about privacy concerns in regard to the Internet giant’s services. In fact, the big guys probably have much more insight into their user’s habits than intelligence agencies knew in the past about high-profile people.
And it’s not only their users: think about all those Facebook “Like” buttons, Google “+1” buttons or even Google Analytics, which is used on an extremely large number of sites. Not to mention blogger (that I am using right now ;)) or youtube, or… If if you are not logged in to your G+ or FB account – or even don’t have one – they gather information about you based on your IP address or geographical location. With IPv6, this problem will become even worse, as it is much easier to continuously identify someone surfing the web, especially if the ISP isn’t looking too much into privacy-enhancements.
And it’s undeniable those giants not only have but make use of the wealth of personal profile information: just look at how targeted ads are nowadays and how customized search results are, based on what the companies know about each and every one of us. Actually, this is what is the actual (astronomical) market value of these companies: not their service per sé but rather their intelligence capabilities over the users base – and how they make use of it.
The best example in my opinion is probably Google Now: it is absolutely astonishing and fascinating how well Google predicts what is of interest for me. Of course it is also pretty frightening, if you just think a couple of seconds about it. Plus, users even give away their roaming profile to use this service which “simple is to good to turn off for privacy concerns”. I have to admit I use it, too, at last every now and then – knowing that only continuous use makes it really valuable to the user – and Google.
Of course, there are good reasons to use services like Facebook and Google – we all do it routinely. In some situations it’s even unavoidable to use them. But all of that is probably a story for a different blog posting.
Let me conclude that PRISM should also be a wakeup call about how much power about our personal lifes we put into the hands of a very small set of large commercial companies. After all, this is what the government is after, trying to even better understand out actions by combining various data sources. In that light, does one really wonder why governments are not so eager about new and better privacy laws and enforcing them?
Bottom line? There is not only Web 2.0, there is also Privacy 2.0. While the first got great features, the latter got pretty feature-less, at least from the personal privacy point of view.