Ask Slashdot: Can Creating New Online Accounts Reduce Privacy Risks? 164
rjnagle writes "I'm concerned about the implications of storing personal data on Gmail, Facebook, and other social media sites. I'm less worried about individual data than the accumulating mass of data which potentially be used against me (for targeted marketing, credit reporting and who knows what else?) One solution I'm considering is just to abandon individual accounts and start clean and new gmail/facebook accounts. So while Google/Doubleclick might possess lots of data about me from 2001-2012, from this point on, they only have a clean slate. Would this kind of solution address my privacy concerns? (assuming I remove cookies, change IP address before doing so etc). Or are an individual's profile by now so unique that simply creating a new gmail or Facebook account would fail to prevent these data collection agencies from figuring out who I am? Insights and tips are appreciated."
That's cute, kid. (Score:5, Insightful)
If the data mining companies already fill in your profile and preferences by scouring multiple resources and linking multiple accounts to get the best picture they can, why would you think that starting a new account would be anything other than a temporary break in their data which they would fill in as soon as they correlate the new account with your old ones?
Note that it's against the rules (Score:5, Insightful)
Notice that a lot of these services, particularly Facebook and Google+, specifically say it's against the rules to have more than one account.
It shows precisely their intent: To gather as much information about you and your habits as possible. They can't do it as effectively if people have multiple accounts.
This, along with not allowing pseudonyms is one of the worst things that has happened to the Internet in the past decade or so. It used to be you could have as many different accounts on different sites as you wanted. Now everything is being condensed into a small handful of services, all of which have gestapo-like policies requiring your real information and name. It's just sad.
There are many trace points (Score:5, Insightful)
Did you replace your NIC adapter or manually change the MAC address.
- sites can identify you by your network interface
Did you burn all your web history in your browser?
- sites leave cookies and other stuff
Did you change your browser or hack it's ID string?
- the browser ID and OS combination are pretty good identifiers at infrequently visited sites or with cross correlation.
Did you ever attach your old ID to address or credit card information?
- they will attach the new online account to the history if they can make a match
Do you have any commercial games that you have attached to the online account info?
- again they can update account info to a new account
Did you throw out all your old contacts and don't talk to your old friend network, parents, work or other contacts?
- your contact list is a pretty good identifier of you. This is what the NSA surveilance meta-data collection is all about.
Did you change your browsing practices? Use new news sites, forums, game and porn sites?
- again your browsing habbits are the meta data the NSA tracks
Did you change your phrase usage, captialization and misspelling style?
- again good identifiers of individuals
Re:Note that it's against the rules (Score:5, Insightful)
What part of "abandon the old accounts" and start new ones did you miss? The day when you are prohibited from closing/disabling/abandoning an online account will be a sadder day than the one you're lamenting about.
Re:Note that it's against the rules (Score:5, Insightful)
If somebody merely tries to 'start clean' every year/2years/5years/whatever, either he also gives up all his friends/family/contacts, or he might as well not bother, his new account will slot neatly back into his old networks and habits, and it just won't do much.
If somebody has a strictly segregated set of accounts for different purposes, it makes each individual account less valuable(because the 'being a social dickhead' account now has no attached consumer preferences or professional income data) and it isn't necessarily the case that the accounts tie back together, barring mistakes on the user's part.
Of course, with many of them enforcing 'real name' policies, and using facial recognition such that anybody posting a picture of you can rat you out, it isn't clear that you can win.
Pay for it (Score:5, Insightful)
If you don't want someone to amass your private data, why are you giving it to them for free in the first place, and why is your solution to keep doing so?
You're talking about e-mail. Buy your own e-mail server from any shared-server host out there. Pay for it. It'll cost you something like $20/month. POP, IMAP, and WebMail isn't difficult.
Quite frankly, if you've got a static IP (or buy one for a few bucks a month), you can just run your own from home.
If you want it to be yours, buy it. Welcome to ownership. And the moment you pay for it directly, there are countless laws to protect you and your information.
If you want free, then you're going to pay for it with your information instead of with your dollars. It's that simple. It's always been that simple.
Worry about everything else (too) (Score:4, Insightful)
The things you need to worry about with regards to privacy is everything else in your life. Did you apply for the grocery card that gives you those special discounts? If so, your information got sold. Did you buy a season pass last year at a major ski resort? If so, your information got sold. Did you get one of those cards at the casino so you could rack up some gaming points? If so, your information got sold. All of this, and a whole lot more, are available to marketers or really anyone who wants to pay for it.
As a general rule, if you are filling out a form - regardless of whether its on the interwebs or printed on a dead tree - any information you provide is going to get sold. Actually, in many cases it's even worse, the information is just given away.
So, if your reasoning for changing your online accounts is to beat the marketers, credit agencies, etc then you've got many other things to worry about that have probably already got you householded and deduped from everyone's databases. Now, if your goal in life is to, say, build an encrypted email platform and promote it for worldwide privacy use, then yes - I think you should be careful how big your online presence is. If you're worried about receiving a piece of direct mail from a private golf course because it's known you reside within 50 miles from their clubhouse, have a net income of $X, and drive an Audi, well, in that case you're probably already screwed because they already know all that.
Re:That's cute, kid. (Score:5, Insightful)
the data is shit anyways. that's why facebook is a big deal, since they're the only one's who have enough somewhat reliable data to actually sell adverts targeted at 20-35 year old people living in country X.
if you want some crap data for them, visit sites you wouldn't normally. that doesn't stop them from selling targeted ads though, they'll just be poorly targeted.. not that they care too much.
oh and changing your gmail address wont help one bit, clearing your cookies does a lot more(if you're worried about doubleclick etc..). or heck, just use the apk hosts file method. doubleclick doesn't have your email but they have your browsing history.
Re:Note that it's against the rules (Score:4, Insightful)
So stop lapping up the free shit that they're grunting out in your face.
Demand paid services that will guarantee you some privacy, and pay for it. Stop expecting Google to run Gmail for free.
Time was, you'd make a product, and charge a reasonable fee for it, and have a happy customer.
Now, you make a product, give it away, and make money by doing things that harm your customers - like selling their personal data for a quick buck.
Thanks Google.
Re:That's cute, kid. (Score:5, Insightful)
I designed and developed such a system. The relationships are typically scored by some weight, or at least some form of network distance. If you break the connections enough, it will ultimately distance the overall relationship beyond the level that they are willing to target. We go after low hanging fruit first, and throw out nearly all of the data we even manage to get, through great difficulty, just because it is commercially useless beyond a few months.
Remember, we targeting groups, not individuals. Groups mean scale. Individuals mean work and difficulty. The low hanging fruit is what bumps up the margin. The commercial use of meta data is very different from government use of meta data. Commercial use is about groups, and an industry where people view PII as a potential liability. Government use is about PII itself, buddy favors, and corruption.
For example, the governments already know who associates with terrorists, and have been able to figure that out for decades with people on the ground, hovering around terrorists. The information they are gathering now is all about individual data. It can serve no other purpose. That is what is scary! I am not paranoid about my information being in these commercial systems, because I have seen how difficult it is to even do anything with it other than to sell some product a little bit better. Even blackmailing would be extremely difficult with commercial data. Even if I decided to try to target a single person, I would have a hell of a time doing it. The systems are not designed for that. However, the government access with no accountability, and no legitimate purpose, with data organized to target individuals, and systems developed for correlating massive amounts of historical information... commercially useless old data... old data that has no reason to be there except to harass and intimidate. That is scary.
My advice is to keep accounts fresh, delete cookies regularly, and change your IP. And, importantly, do the changes all at once so that there is no overlap that can be used to glue the new with the old. That alone will make you meaningless to any commercial system I am aware of. Government systems? I am not an expert there.
Re:That's cute, kid. (Score:4, Insightful)
Even with clearing cookies, there is still plenty of identifiable stuff in a browser, such as order of plugins, order of the font list, etc. The EFF has their Panopticlick which pretty much shows that almost every browser is unique.
If one wants to keep two accounts completely separate, I'd go to the length of having the second account in a completely different VM.
Re:That's cute, kid. (Score:5, Insightful)
And by that, of course, you mean "Reporting pirated software saves IT jobs" ads from the BSA.
Re:That's cute, kid. (Score:3, Insightful)