J
If you believe you are too insignificant to be of interest to your government, think again (preferably after watching "Citizenfour" and "Nothing to hide: the documentary about surveillance and you"). Governments and private organisations alike harvest absolutely everything they can, because they simply can! Storage is cheap and data that is seeminly unimportant now may prove useful in the future. In particular, back when Citizenfour was released, the UK and US governments were going for a complete (yes, I'm not joking, 100%) capture of the data flowing through the transatlantic cable and anything else they could tap.
So what if they know your shopping habits or what you talked to your Grandma about? Well, think about it for a second: if it is stored somewhere, it can be corrupted, lost or hacked. If it is stored in multiple databases, it can be mis-linked. Given my government's terrible record on keeping critical data safe, you should be worried. If the government that inspired James Bond is this incompetent, yours won't be too far behind. The first entry on that list is 2.5GB of unencrypted security information regarding our main international airport. They won't extend as much care and protection to your personal data. Your boring day-to-day activities are a mine of information that's exceptionally valuable on the back market for stalkers, identity-theft, obtaining fake credit cards and fake ID - and also for advertisers to bombard you with "tailored" adverts and junkmail for things you already own. Stretching it a little further, how long until insurance companies start using these data to overcharge you, or shops start using these data to offer you inflated prices? What happens if there's an error in the information? What if your phone's GPS malfunctioned and it now suggests you spent last night in a brothel? What if the records of your call logs got corrupted or mis-associated with a criminal, and the record against your name now states that you regularly call a known drug-dealer? Any data that are unnecessarily collected and stored will eventually be compromised or used (abused) for unintended purposes.
So what if you're not a threat to the government now. After all, you've done nothing illegal have you? Can I just ask you to think for a second... do you follow a religion that isn't the state's "official" or dominant religion? Are you an atheist? Did you vote for the other party at the last election? Did you perhaps, 10 years ago, once jokingly say on the phone "aargh, these new exams are awful, I'd have passed the old ones, I could just kill [insert prime minister/minister for education here]!" In the interests of "stopping terrorism", any of that could be taken out of context and used to brand you a terrorist. Especially if some successive future government is more oppressive than our current ones. What if, in some distopian future, it is deemed "in the interests of security" to ban your current religious or political views? Trusting governments or corporations with this information is putting blind faith in the vain hope that they and all of their future successors for ever more will always put your best interests and heart, and be both benign and competent.
Can you guarantee that every single government until the end of time will be completely benign and not abuse its power? Can you guarantee that none will ever invent or use special "emergency powers" in the interests of "stopping terrorists" or some other excuse, that allow them to detain people without charge, and that you have never ever done anything that any future government could ever deem somehow "illegal"?
Also - if you already take any kind of privacy-protecting measures, or use libre software, you are probably already on an enhanced list already. At the time of Citizenfour, the US's watch list was already greater than the size of some entire nations.
We also need to think about metadata. For instance, a government or an advertiser doesn't necessarily even need to know the content of your phone call or e-mail. They can deduce a lot from the "data about the data". Taking location as an example: Let's say your phone GPS says you were visiting your physician this morning, and then a sexual health clinic this afternoon. We don't know what you talked about with your doctor or at the clinic, but it doesn't take a genius to piece together the story of why you were there! Now, the question is, do I blackmail you with that information or use it to bombard you with adverts for soothing cream and contraceptives? Maybe I could sell that snippet of info to your insurance company? It doesn't matter if you had an innocent reason to be in both places or not. Arguably, the sensational data would be more valuable to use or sell, accurate or not.
You can get all paranoid and scared, but it's better to be pragmatic: It's hard to drop off the grid entirely, but it's possible to make data-collection hard and unprofitable, and to send a polite but firm message. I therefore feel the best thing we can do is to simply peacefully resist. It's easy to send a message to governments and corporations alike that this sort of thing is unacceptable, and to make it harder and less profitable for them to do it: Educating others, using adblockers, using libre software, switching to privacy-respecting services, using encryption and switching-off your GPS are all easy to do and make their efforts just that little bit harder. If lots of people did it, privacy-abusing companies would be forced to adjust their business models, and governments would be forced to rely more on time-proven, targeted methods to target real criminals. Bulk data collection doesn't deliver more relevant adverts, and it didn't stop the London or Boston bombings. It is an unnecessary liability.
