Forget Prism and the National Security Agency. The real threat to your privacy is you

It took the rest of us the entire history of the human race to decide our social norms – and Mark Zuckerberg just a few hours to toss them aside

By reading this article online, you agree to certain terms of service. They include adhering to community standards, permitting the use of cookies, and consenting to surrender your soul in perpetuity to The Irish Times and all its third-party partners.

You’re still here – in which case, like the other 98.4 per cent of us, you’ll have skipped everything after the words “terms of service”. (If you’re one of the 1.4 per cent who, according to a survey by UC Berkeley, actually reads the terms of service, we were lying about the perpetuity bit. You can have your soul back in 2027.)

For all that we harp on publicly about privacy infringements and data mining, the vast majority of us neither know nor care which new frontier in the privacy wars is being breached when we visit a website or download an app, so long as it amuses us for more than three minutes.

So yes, recent revelations that the American National Security Agency (NSA) is mining the internet and phone data of millions of the world's citizens are a bit of a worry – but not nearly as alarming as the information we willingly surrender about ourselves several times a day.


The reports, in case you missed them, revealed that the NSA has for the past seven years been logging every phone call, email, search history, live chat, video call, upload and download in the US.

President Barack Obama described this as a "modest encroachment on privacy" – and I agree with him. What the NSA is doing may not be reasonable or justified, but compared to some of the stuff most of us willingly and unthinkingly give up in the name of commerce, it's still pretty small fry.

I use the word "us" advisedly – anyone who thinks this is just an American story probably hasn't grasped the "global" part of "global intelligence gathering". If you've ever made or received a call to or from someone in the US, or used an American-based server to access the internet, then yes, somewhere in the Utah desert, there's a data server with your name in it.

But take my advice, and forget about it. Because the real threat to your privacy is you.

When Facebook made controversial changes to its privacy policy in 2009, turning data that had been private into public information overnight, chief executive Mark Zuckerberg gave us a frank insight into how things were going to be from there on in. "We decided that these would be the social norms now," he said. That's right: it took the rest of us the entire history of the human race to figure out what norms we would like to impose on our society, and Zuckerberg just a few hours to toss them aside.

That’s the point at which we should have started manning the barricades, or at least deleting our Facebook accounts. But we didn’t. We worried about the idea of a 25-year-old former frat boy with a penchant for fleece setting our social norms for roughly a week, and then we forgot about it.

Since then, Facebook, Google, Apple and the other giants of the online world have been busily redrafting our social norms at regular intervals. In the summer of 2010, an academic article by UC Berkeley about a then-new concept called "geotagging" – software which allows your phone to use its GPS to record your exact location when you publish something online – prompted a rash of news articles highlighting the dangers of oversharing.

Just three years later, geotagging has become a social-media norm. To someone as resolutely unhip as me, geotagging a post or a status update seems about as sensible as standing on a street corner and handing out cards with your home address and the words "Rob me" printed on some, and "Stalk me" on the rest. But the cool kids don't seem to care, merrily checking themselves in every time they pop around to the shops or end up drunk in someone else's bed.

Smarter the phone, bigger the exploitation
There's a simple rule of thumb about advances in smart-phone technology. The more your phone is capable of doing, the greater the likelihood that someone will use it to exploit you. Now that we live in a world in which a phone is no longer just a communication device, but also a sleep monitor, a pedometer, a food diary, a restaurant loyalty card, a personal banking service, and a permanent, omnipresent tracking device, the capacity for exploitation is dizzying.

Meanwhile, if you've ever wondered why none of this technology costs you more than the price of a small double-shot latte, here's why – it's because you are the product. All those gurning photos of you on holidays and at your school reunion? All those wasted hours spent playing Farmville and cyberstalking your former classmates? They're the reason why Mark Zuckerberg is a billionaire, and the reason why so many would-be Zuckerbergs are thrusting their products at you for free.

The European data-protection authorities recently issued a joint opinion on mobile apps, warning that they implied “significant risks to the private life and reputation of users”. The paper points out that, of the estimated 1,600 new apps uploaded to app stores every day, many are the work of a guy sitting in his underpants in a bedsit somewhere – or, as they put it, a “single programmer with an idea and little or no prior programming skills [or awareness] of the data-protection requirements.”

If you’re not actually calling up terrorists to exchange bomb-making tips, the current wisdom goes, you shouldn’t really care whether your data is being harvested by the NSA or even by the start-up that invented that dinky little app you’ve been using.

Well, take that dinky little app, the one that allows you to record your daily calorie intake and exercise regime, and to share your results online – that’s all very well, until your health-insurance company decides it would like a peek at this data too, and discovers that instead of your declared 14 units of alcohol, you’ve actually been putting away 72, and mainlining curry chips every night for a year. And that’s just one example.

We have two options. We can either decide to be more selective about what we share, or we can choose to be flattered by the notion that an entire Swat team is holed up in Utah, busily trying to decode what you meant when you said on Facebook that you intended to get “destroyed” in Martha’s Vineyard this summer.

Call me a dinosaur, but I’m going with the former option.