How to Track the Tech Thats Tracking You Every Day – Gizmodo Australia

Its easy to feel helpless right now. Cities across the country are seeing unarmed protesters maimed by police officers who enjoy both the full support of the current presidential administration and of the American legal system itself. Congress is, in 2020, debating whether to make lynching a federal hate crime. And theres still a pandemic happening! Meanwhile, even the people who emerge from this moment unscathed physically will, undoubtedly, find their digital lives compromised in more ways than we can possibly fathom.

This last bit, at least, is something we can make meaningful progress on without risking life and limb. But that doesnt mean it will be easy.

One of the cruelest ironies is that the more you learn about digital privacy, the more helpless you feel. Were told that the privacy-protecting laws passed both here and abroad will actually protect us from data-hoovering tech, but a bit of research shows that they actually dont. Were told that wearing a mask the way many of us are right now is a simple enough trick to throw off facial recognition systems, but a bit of reading shows that companies are actively trying to subvert that limitation. A big of digging shows that every major tech company preaching privacy ideals is, in fact, full of shit.

After writing this week about the pipeline between your phone and the cops, my messages were flooded with questions from folks in the activist space trying to mitigate their digital footprint across all of their myriad devices. In turn, I was flooded with something close to guilt.

Even though theres plenty of extremely thorough guides for what the Electronic Frontier Foundation calls surveillance self defence, ultimately, any research about the apps we open or sites we browse are, at the baseline, going to be based on the assumption that these companies are telling us the truth. Its why so many companies get away with saying that they dont sell data, even when theyre blatantly sharing it somewhere out of sight; theyre running off of the assumption that we wont know enough to prove otherwise. And for the most part, theyre right.

Companies like Facebook and Google might not be loyal or particularly honest to you and me, but they have to be honest to the folks they do business with: the millions of advertisers, the dozens of partners in the adtech space or otherwise, and, of course, the sea of investors and venture capitalists raking in cash somewhere on the other side.

For folks trying to get a grip on their digital privacy whether youre an activists or not the best thing you can do is think about your data the same way these companies do: as a business. And while I cant, in good faith, give you The Top Ten Apps That Are An Activists Best Friend, I can give you some tips for surfing more thoughtfully.

Depending on your own privacy preferences, you can get away with using one or the other, both, or none at all. If youre trying to fly under the radar of ad-targeting tech, browsers like Firefox can help where Googles incognito mode cant. Meanwhile, virtual private networks (VPNs) can mask your web activity from any ISPs that might want to pawn it off for cash, while also cloaking your IP address from any advertisers (or authorities) looking to exploit it. That said, VPNs are notoriously unregulated and have been found pawning off this exact data themselves on more than one occasion, so its not a bad idea to research the company behind the network in question. (We have a handy guide on the subject.)

If you want to be really tough to track, the Tor browser might be your best bet but it comes with its own issues. The relay-system thats used on the backend to obfuscate your identity is incredibly powerful, but it can also make browsing pretty slow and inconvenient overall. And ironically, using the super-secure browser comes packaged with the risk of flagging the same authorities youre probably trying not to tip-off.

At the very least, I highly recommend following the Intercepts step-by-step guide on keeping your digital footprint on lock, since some tools they list do double-duty in keeping your data buried from bad actors and advertisers. Folks who are (understandably) sceptical of any privacy-centric tech can also take steps to monitor any data detritus that might still be leaking out.

Back in 2018, Gizmodo published a handy how-to on using network-monitoring tech like Wireshark for this exact purpose but the setup takes a bit of coding know-how. The same goes for using Charles Proxy, the traffic-monitoring tool that I personally use to track the third-parties getting data thats pulled from any apps on my phone. For folks who want to delve into those details, there are some great guides breaking down the basics from a beginner-friendly point of view.

Those of you who want to steer-clear of programming because its a pain in the arse, because its dominated by sexists, or because Tim Cook lied about how fun it actually is you still have ways to snoop on snoopers. Services liked Built With, for example, can break down the trackers that might be lurking on a given site, and tools like Ghostery and Privacy Badger can give you ways to block them.

Mobile data can be a bit tricker to investigate in a code-free way, but not impossible. Apple makes it easy for iOS users to check in on the permissions their apps might be requesting from them, and the permissions pulled from millions of Android apps can be freely browsed online (or pulled yourself), with one of the tools built by Androids community of rabid fanboys. And on both operating systems, paid-for services like App Figures or App Annie can help you break down whether an app comes packaged with any third-party adtech software (also known as an SDK) to do any data hoovering.

Depending on the national authority you ask, personal data can mean any number of things but I always try to imagine it as the worlds most disappointing layer cake, with our phones at one side and a data broker on the other. Even if the third parties youre finding seem innocuous at first glance, naming and shaming them can get you further from the app or site thats snooping on your location, and closer to a shadowy company thats handing off that data to the cops (or anyone else, really).

Depending on the app in question, you might see your data sometimes really sensitive data! being pulled to one actor, or five, or 10, or 20. Depending on how you handle this sort of stuff, you might feel rage, despair, or some kind of morbid relief that your encroaching tech paranoias are justified. And thats ok! Feeling like shit means youre doing this right.

That really depends on the app or site in question, the data in question, and who youre hiding from among other things. Parsing this stuff can take hours (or longer), which is why you can always tip us off if theres a service you think is worth digging into.

Ultimately, the popularity of third-party trackers either from a household name in tech or one youve never heard of lies in the fact that theyre easy for devs to onboard and understand them. And if devs can browse them, you can, too.

Heres an example: While Zoom might not tell you what kind of intel its mining from your calls and handing to the feds, any intel the video-call app shares with Facebook needs to fit into one of the many predetermined boxes laid out in the softwares code. When Zoom, or any other app that might be sharing data with Facebook, well, shares your data with Facebook, the company has to explicitly lay out how that data might be defined. And while the definitions might include all sorts of creepy stuff like every time you open the app or click on an ad tapping your calls isnt on the list. The way were defining data here matters.

Back in 2019, a survey from the American Press Institute found that nearly three-fourths of Americans agree in the importance of reporters holding those in power to account and Im definitely part of that majority. But calling out authorities becomes trickier when abuses of power are systemic and slow, rather than sudden. Calling out a cop on racist behaviour is easier when its horrifically obvious . Similarly, calling out tech companies is easier when we see them pawning off our data to ICE, but harder when that datas pawned off slowly and behind the scenes.

Corruption begets corruption, whether were talking about civil rights or digital privacy, and turning those tides will take mass action from all of us in our own way. For combating institutional racism, this might mean donating to a cause you care deeply about or taking part in the protests happening outside. For taking control of your online life, it means fucking with apps.

Looking for ways to advocate for black lives? Check out this list of resources by our sister site Lifehacker for ways to get involved.

More:
How to Track the Tech Thats Tracking You Every Day - Gizmodo Australia