I'm torned apart by Tor

Well, not exactly, if you pardon the pun and my pathetic attempts to find funny titles in English. Anyway...

Tor is an anonymous internet communication system supported and promoted by the Electronic Frontier Foundation. I see it as a grassroots anonymous proxies network. Here is the bit of their rationale that I find a bit radical:

Tor's technology aims to provide Internet users with protection against "traffic analysis," a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security.

Traffic analysis is used every day by companies, governments, and individuals that want to keep track of where people and organizations go and what they do on the Internet. Instead of looking at the content of your communications, traffic analysis tracks where your data goes and when, as well as how much is sent.

Don't take me wrong, I'm all for defending privacy, online or offline. The trouble is that because some people are going too far in analyzing every steps of someone's online journey, all of a sudden "traffic analysis" becomes a dirty activity. To take two of their own examples (the pharmaceutical company and IBM), what's wrong with knowing that competitors look at our sites and what's wrong with knowing what our visitors do (or don't do) with our sites? I can extend the list to many more metrics, such as the visitors location (I'm running an international site with visitors coming from all over the world, it's important for me to know that), the type of browser client and computer/OS they use, the very common notion of unique visitors, etc.

It's, to me, an issue of transparency. And transparency goes both ways. I have to be clear about what I'm gathering and what I'm doing with that data(1), but thinking that it is not normal for a company to try to know a little bit about the people using their content and services, it's placing the cursor at the other extreme. If you find that I'm giving something of value for free over the internet, can you please tell me a little bit about yourself? It's my nature and my sense of balance, I don't like extremes. And to be fair, the other extreme is seriously questionable. Think about the Google Web Accelerator and its power to gather human stats (actually, one should think about the amazing observation power of Google over the whole internet and their transparency, or lack thereof, about what information they gather and what they do with it). Or as I've read somewhere (can't find the link though), some online advertisement lobby trying to find a way to effectively prevent people from removing cookies (that one's not going to fly for browsers makers I'm afraid, especially not from Mozilla).

What tears me apart is that I perfectly understand that there are legitimate needs for anonymity which I reckon are mainly linked to human rights issues (the mere need to freely browse the internet and get informed without the fear of being caught by the political police comes to mind easily). So people develop defenses against what they perceive as an invasion of privacy, and others develop in reaction new and more performing ways of gathering as much data as they can.

It's an arms race.

As usual with human nature, it gets only a few nasty players to get everybody punished. A quite difficult subject, isn't it?

(1) Hopefully in Europe we have some fairly strong protection of personal data. I have to assure everyone that they can access their personal records and get them modified and/or removed as they wish. I also have to be clear about what personal information I'm gathering and what I'm doing with it. We also live in an "opt-in" culture, not an "opt-out" one. Unfortunately it's not a culture that's shared everywhere else. But it's also worth to know that the European directives on e-commerce and data privacy also make anonymous posting on the web unlawful, and practically forces all technical actors of the internet to keep identifiable tracks of who publishes content on the web.

1 Comment

A good reason to scramble your where-abouts on the internet is that all ISP's are held to keep traffic information of their subscribers for 3 years. At least it is a new Dutch regulation derived from the European regulations. The content itself is not saved, but the traffic info (source and destination, times etc.) are kept. This means that sites you visited 3 years ago can pop-up again. Or mails you have sent. Preferably when you least expect it. If you think this is annoying, why not use TOR?

/Aart

mensuelles Archives

Recent Entries

  • Steve Jobs

    "Remembering that I’ll be dead soon is the most important tool I’ve ever encountered to help me make the big choices in life. Because...

  • Your privacy on MOTOBLUR by Motorola

    After the Nokia Ovi Store carelessness, it's now Motorola who's allowing strangers to get access to your private information on their MOTOBLUR portal. Exactly like...

  • How to resume a broken ADC download

    (I'm documenting this trick for myself to remember, but it can be useful for others…) Apple, on its Apple Developer Connection site, has a bad...

  • WTF is this ‘myEventWatcherDiv’ doing in my web?

    All of a sudden I started to find the following line in most of the web pages I was browsing, including ones I made where...

  • Your privacy on Nokia Ovi Store

    My friend Adam Greenfield recently complained about the over-engineering culture at Nokia: I was given an NFC phone, and told to tap it against the...