Some people find it hard or at least annoying to tweak around their settings to keep their identity under the radar. For Winfried Tilanus, it is a sport to sabotage tracking and he goes a long way to make it next to impossible for companies to track him down, both online and offline. But he also thinks we should advocate our representatives to do something about tech giants, cause the solution has to be a political one. Here’s the interview…
Can you shortly introduce yourself?
More than 20 years ago, I was one of the first counselors doing psycho-social counseling over the internet in the Netherlands. Since then I have made it my profession to design secure and privacy-friendly systems, mainly for digital health.
What do you see as the main challenges for our privacy today?
We vastly underestimate the importance of privacy. In 2015, two young Dutch filmmakers set up the experiment, “super stream me” — pictured above. Loaded with cameras, every second of their life was streamed 24/7. It was their plan to do that for 21 days. About halfway they started to show mental issues and after 15 days they had to quit the experiment. They had lost their sense of “self”, had no idea anymore who they were and how they related to the world.
Being able to show different sides of yourself in different settings is essential for your own psychological functioning and it is key for being able to maintain healthy social relations. As humans, we can only function when we are able to choose how we step into the spotlight and thus choose what parts of ourselves stay in the dark. Exactly that choice is the essence of privacy.
In (health)care privacy also creates free space. Space where people can get help for problems that are taboo or even linked to illegal activities. STD’s or suicidal thoughts are examples. A free space where people can get help without repercussions protects society and literally saves lives. We all loose if we don’t acknowledge the importance of such free spaces.
Any organization, commercial, governmental or non-profit that tries to track people’s behavior puts us in the same position as the filmmakers of “super stream me”. Such organizations are a direct threat to humanity. The main challenge for our privacy is to counter those organizations.
What can we as individuals do about it?
First of all: use all the political influence you have, vote, raise your voice, raise awareness, lobby quietly and show that things can be done in alternative ways. The solution has to be a political one.
In the meantime, we must resist as many attempts to track us as possible.
Don’t use one company for all of your services, don’t give permission for the use of your personal data if you can avoid it, provide fake data, make sure identifiers used for tracking you are changed very regularly (cookies) and so on. Every tracking system has errors, try to increase those errors, and try to disappear in those errors.
Encryption helps and is important, but it doesn’t protect against metadata analysis. And for tracking, metadata is more valuable than content. Encryption should never be your only line of defense.
Can VPNs help? Do you use one?
When accessing private networks, VPNs are very useful because they combine easy access to the resources in the private network with an authentication and encryption layer. When accessing public resources over a VPN, you shift the point where your traffic can be analyzed to a different location, literally. Also, the trust is shifted from the organization providing your internet access to the VPN provider. That can be good or bad, depending on how they compare. It is (from the privacy point of view) quite useless for example to use a VPN to go from a jurisdiction with good privacy protection to a jurisdiction with bad privacy protection. Just like it is counterproductive to exchange an internet provider with a good privacy track record for a dubious VPN provider.
Personally I use OpenVPN a lot to access several private networks, including my home network. Because I use at home an internet provider with an excellent privacy track record, I also use my home VPN when I access the internet over a connection I am not so sure about. If I want to obfuscate my IP address, I use TOR. Onion routing provides better protection then trusting one single VPN provider.
I have been experimenting with a public VPN service because I wanted to investigate how the “view” on the internet differs from different jurisdictions, like comparing Iceland and China. But there are a few VPN providers who have exit points in all relevant jurisdictions and even less that also have proper support for OpenVPN. I couldn’t get the VPN service I selected running with OpenVPN, so I abandoned it.
What do you do to protect your personal information?
For me, it is a sport to sabotage tracking. I block third party cookies without exception. Webshops and sites not accepting that, lose a customer. After closing a browser tab I automatically discard all first-party cookies, taking for granted I have to consent to cookies each time I visit a site. I avoid using cloud services as much as possible and use local alternatives even if that means that I lose some functionality, e.g. from my sports watch. I do my satnav with an app that fully functions offline.
On my phone, I have a system that can inject fake data when apps try to read identifiers, accounts, address books or location data. One app thinks I have been sitting stationary on top of the Krakatau for years that way. And when I do my shopping, I have like 100 anonymous loyalty cards of my favorite supermarket and I rotate the one in my wallet after each use, just to make it hard for them to track me.
Do you have some other advice for our readers so they could, at least partially, regain their privacy?
Every little thing you do to increase the effort needed and costs to track you helps. From deleting cookies and add-blockers to exchanging loyalty cards with strangers, data access requests, complaints, questions to the help desk, bad publicity, designing t-shirts with patterns that crash systems for automated facial recognition, everything helps. Be creative and make sure you have fun while throwing sand in the machine!