Cardozo Law School recently hosted a multi-disciplinary conference on privacy and the Internet, “Anonymity and Identity in the Information Age.” Lawyers, computer scientists and public health advocates wrestled with the challenges of protecting personal information at a time when so much data is easily obtainable online. There were various tips and suggestions beyond merely mastering privacy settings on social media sites and avoiding public Wi-Fi hot spots when doing any online banking—although these are easy and important first steps.
Recently there have also been a number of good articles inspired by the public acknowledgement that major Internet companies like Google have been less than forthright about their use and abuse of private information, as confirmed by the FCC’s decision to fine Google for its collection of private data during its Street View program. The best ones, like “How to Muddy Your Tracks on the Internet” by Kate Murphy in the New York Times, are easy how-to guides for savvy Internet users interested in gaining control over their information. Devoid of jargon, Murphy clearly details easy steps to take in the defense against online snooping.
But however empowering it may feel to think we’ve finally mastered the privacy settings of the technologies we use every day, the truth of the matter is that despite all our best efforts, information can and will be leaked. As computer science Professor Steven Bellovin of Columbia University explained at the Cardozo conference, you can protect your email correspondence from being cross-referenced with your browsing history if you avoid Google or Yahoo email accounts and instead set up your own mail server. But your messages are still fair game to Google if you email someone with a Gmail account. Or you can activate your browser’s privacy mode to help wipe clean your browsing history. But this change will stop short of concealing your computer’s I.P. address, the unique identifier that distinguishes it from all other computers. And as Murphy points out, deciding to take that extra step and mask your I.P. address means incurring additional costs and possibly severely compromising your Internet speed.
Or you may assume that because you’ve never posted your address or physical whereabouts on Facebook or Twitter that you’ve managed to conceal where you actually live. But the minute you post a picture, the image’s metadata may pinpoint the coordinates of where you took the shot. So if you snapped that picture of your new puppy at home, you might be giving out your exact location when you upload it to Facebook.
And then of course there’s the likelihood that information will be leaked by plain old human error, yours or someone else’s. There are always cautionary tales about someone inadvertently sending an email “Reply All” when it clearly shouldn’t have been. At the Cardozo conference one computer privacy expert sheepishly admitted to making this rookie mistake himself—a confession that inspired chuckles of recognition from far less computer-literate audience members.
And the actions of others, even if they were acting innocently, may expose your personal information as well. For instance, one of our clients asked us to track down the settlor of a trust whose whereabouts had long since been a mystery. But his family was all over Facebook, constantly updating their information with details about their home life and travels. Eventually, we were able to locate him through them.
Or take for example the recent news story of the Italian mobster finally arrested after being on the run for nine years. He didn’t make a mistake, but his girlfriend did. Police had been monitoring the mobster’s pregnant girlfriend’s social media sites for information about his whereabouts. They hit the jackpot when the girlfriend decided to use Facebook to share photographs of her growing belly with friends and family. In one of the photographs she posed in front of a sign for a beach in the Costa del Sol town of Marbella. Then she uploaded another shot of her outside a well-known Italian restaurant in Marbella. Soon after she sent the mobster an email predicting that she was going to go into labor sometime soon—an email that, unbeknownst to her, the police were monitoring. Sure enough, the police apprehended the mobster when he arrived in Marbella shortly thereafter.
So, despite the feelings of invincibility and invisibility that the Internet seems to inspire, the truth of the matter is that complete privacy or anonymity online are impossible.