Skip to content

Privacy as a Commercial Asset

Lets start by making a fundamental statement of belief – The current state of the Internet with regards to the commercialisation of our data and every online interaction, especially including sensor-based data collation as defined mostly by the IoT and smartphones, will not abate until we find a commercial model for making delivery of privacy a commercial asset.

Arguably this is precisely what Tim Cook is doing at Apple as he starts to play the privacy card strategically.  He fundamentally points to an age old truism that without privacy we cannot have freedom. However Apple makes money by selling consumer goods.  So for him privacy is a competitive differential against Google, who’s whole business model for almost everything it does is to collect and sell our data, to profile us with ever increasing accuracy and sell that data indirectly for ever increasing software value delivery. Apple still collects as much data as they can, asking for the implicit trust of its users that they will keep it secure. So are they any better than Google?

As any half competent technologist will tell you, it’s impossible to secure all that data online, especially if that data exists for what is likely to be a whole lifetime.  It can, and almost certainly will, leak out.  The recent spate of highly publicised hacks like Ashley Madison is just the tip of a huge iceberg of security breaches that the technorati have known about for a long time. Even Apple’s iCloud was hacked although whether that was a failing of their systems or user error is hard to confirm, but either way the data was breached.

So building on the strategic play of Apple, while mitigating the security concern, becomes something any company could potentially leverage.  As consumers come to understand the potential cost of allowing their data to be obtained and used by any online commercial entity for any purpose, they will desire to claw back control, as they suffer consequences of data loss they’ll move from desire to need.  But studies show consumers don’t change their behaviour much even after a consequence is visited upon them…why?  because there is no choice, except through a deep understanding of the tech and how to employ personal protection tools, a barrier too high for 90%+ of consumers…yet another disempowerment issue.

Control is the key enabler of privacy, control based on an understanding of what data is held by whom and for what purpose is the essence of a privacy platform.  These are empowerment issues.  Today the commercial entity is empowered through our data to be in control.  We have to trust them, we have no choice.  But what if we could chose to trust an entity because they seek to empower us as consumers?  That’s a different thought process.

Offering competitive choice is the essence of Krowdthink’s Trust pyramid. in a future blog we’ll discuss how to make revenue from this trust model.  We say now – it’s not a replacement for existing models, the Internet as it is will exist for years to come, but we can re-invent existing products with a Trust based alternative and monetise them in subtly different ways.  We can also tap into market sectors previously unaccessible due to consumer trust/privacy concerns.

Facebook, Social Networks and the Need for RIPA Authorisations

This is an excellent summary of the connection between the Data Protection Act and RIPA (Regulatory Investigative Powers Act).
Note that I, and many like me believe RIPA should be repealed as a piece of legislation that fundamentally undermines our human rights. However at least there are some positive elements that can be taken out as seen here. A lot is to do with interpretation and emphasis which this article highlights.

Act Now Training Blog

canstockphoto12584745Increasingly local authorities are turning to the online world, especially social media, when conducting investigations. There is some confusion as to whether the viewing of suspects’ Facebook accounts and other social networks requires an authorisation under Part 2 of the Regulation of Investigatory Powers Act 2000 (RIPA). In his latest annual report the Chief Surveillance Commissioner states (paragraph 5.42):

“Perhaps more than ever, public authorities now make use of the wide availability of details about individuals, groups or locations that are provided on social networking sites and a myriad of other means of open communication between people using the Internet and their mobile communication devices. I repeat my view that just because this material is out in the open, does not render it fair game. The Surveillance Commissioners have provided guidance that certain activities will require authorisation under RIPA or RIP(S)A and this includes repetitive viewing of what are…

View original post 1,108 more words

The Connection between Trust and Privacy in Social Networking

At Krowdthink we have spent a long time trying to determine the answer to this question.  The answer is that no-one should really trust any online service completely because no-one can guarantee security of your data.  However that does not undermine the value in building a company and product that aspires to being trusted.  Trust is the missing component in our online engagements today – especially in social networking.  Is our social network persona who we are in real life?  Of course not – in the same way who I present myself as down the pub having a beer differs to whom I present myself as at work.  But social networks in particular are building profiles of us that go deeper than what we present and are capable of determining our psyche over time, really determining who we are – empowering the commercial entity behind the social network with valuable insights to sell on – usually via advertising – except as soon as we click an advert we have confirmed that we meet that profile.  That’s scary….especially as we don’t know who received that insight about us nor how they plan to use it.  Lets not also forget those profiling us cannot guarantee the security of the data being held on us either. There is good reason why a hacked Facebook account sells for between 3 and 6 times more than a hacked bank account.

So what’s the role of privacy in achieving a potentially trustworthy (note not trusted) social network?  To answer that you have to get into how privacy is managed in our daily lives, online or offline.  It is ultimately about control.  Control of what information I share with whom, when and where. Its an understanding that those with whom I share information can in turn be trusted and to what extent – and its also about knowing I can visit a recourse (tell them off, dismiss them as a friend etc) upon someone who violates those implicit bounds of trust that were given when information was shared, with both parties knowing this and consequence for both then motivation is in place to ensure appropriate use of information shared.  In social networking terms – the right to delete is that power of recourse, or in other words a mean to remedy when data shared is used inappropriately by the social network service provider (data = profit for the social network business models du jour), or that I wish to change that information posted because it no longer reflects who I am.

But there are other issues – the issue of meta-data is the main one – when engaging online I leave clues as to who I am that have little to do with the content I post.  When I connect, with whom, how often, who else is involved in the conversation etc etc.  All this provides insights if its recorded, insights we are somewhat unaware are being collected.  So a trustworthy social network would minimise this information.  In fact in general data minimisation is the only defence against the hacker – store the least data needed to deliver the service to the end user. Make other social networks more interesting targets. Basically make the security walls high and the value of whats on the other side as low as possible.

In taking our social network into locations, we push the boundaries of what people will entrust to the social network service provider.  In places the digital connection is more real – and because of that more private than the virtual cloud world most social networks live in.  It is thus incumbent on any localised social networking service provider to balance the equation of trust though greater efforts to be worthy of that trust.

There is more to this trust model though – see our Trust Pyramid here . For more insight listen to the Privacy Piracy Interview with myself on KUCI radio ( 20th April 8am PDT (USA), 4pm BST (UK) and 5pm CET (Europe).  KUCI will also make the interview available as a podcast after the event.

The Dirty Little Secret of Event Apps

No one uses them.

Ok not quite true. But no-one has cracked the code of regularly getting more than 50% of event attendees to download and populate their apps for use over just one day. Doesn’t that statement itself not highlight the issue though? Really, do we think attendees or delegates will do that? Clearly a whole events industry does – there are literally hundreds of event app companies.

Here was our insight. These event app companies were targeting the event organisers as their customers. No wonder we don’t end up with something attendees are delighted with. You cannot serve two masters with an app – an app has to be simple and deliver immediate utility.

So what’s the common ground between what an attendee wants at an event and what an event organiser wants? In simple terms any event is successful if it achieves two things for its attendees:

1. Great content – whether that’s awesome conference speakers or a perfect set of high profile competing exhibitors.

2. Great Networking – Attendees want to meet other attendees with shared interests or representatives of companies that can solve their issues.

Maybe an app can signpost the great content. But unless you have a very large event such active signposting is limited in value in an app. A website does that perfectly well – just make your website mobile friendly. (We can talk iBeacons etc another time).

However, no matter the size of the event, attendees always expect to find other people who add value in attending the event. Its why even at the smallest event we have name badges with our company name and sometimes a printed list of names and companies at the event. For me, I learned early – networking at events was THE reason for attending…I can get great content online so easily. You cannot beat the face to face meeting for validating the early start and the long day out.

Now this is the sort of thing an app can do – it can make the event networking a breeze. So how should it do that?

Well first and foremost – lets deal with the very first issue we raised – it should be one app for any event or location, so that I, as an attendee, only have to learn one app. This also means that as I invest in content in the app it goes with me to the next event and the next. So it should contain a means to document my interests and share them with those around me. It should enable a event/location based discussion forum – no more Twitter hash tagging for which I have no way of knowing whose tweets are from people here now that I can network with, and whose are from some commentator half way round the world. If they have something to say about whats happening right here right now, then it might be the spark that makes me want to network with them…to meet them. This also means I need a private way to message them, to initiate personal contact.

But of all these things, perhaps its discovery thats most important – the ability to discover who is here right now, what they are currently interested in and why I may want to meet them.

This is the Krowd – one app, any event – Discovery, event/location forum, personalisation of content to present who I am, and private one to one messaging. A tool to do one job – enable networking and introduce professionals to each other.

Even better when the app sets new standards for privacy and security. No location tracking, no profiling, no intrusion into my privacy at all. It puts the attendee in control because its a product for them. But the event organiser benefits because his/her attendees have a great networking experience, they all engage in the mobile app, again and again, event after event, bringing more and more personal value to event after event. Even better – its free. And no admin setup – we use clever co-location software to auto-discover who is on your event Wi-Fi (so the Wi-Fi access becomes the event organisers management tool), so no need to register for the event in order to network – just turn up and login to the Wi-Fi. Exhibitors and conference speakers can prepare event specific profile updates to ensure attendees gain immediate value too. And those exhibitors and speakers take that investment to the next event and the next – promoting where they have been before. And if they make connections at one event – they’ll get flagged when those same people are at the next.

An event app for attendees that makes your events amazing.

Why pseudonymity is important for the Krowd

When we are in a crowd, most people around us are strangers, in effect they are anonymous to us in terms of their name and who they are.  Yet we already know things about them, simple things like the fact that they are co-located with us, and because we are in the same place, perhaps we have similar interests (the band we are watching, or perhaps we work for the same business).  When we see them across a crowded room we may know their sex, physical description, maybe their ethnicity and, from their clothes, maybe even a bit about their background.

The Krowd seeks to duplicate this sort of anonymity in a crowd, but in a digital and mobile phone context.  So you can expose a part of your profile consistent with the place you are in (your business profile, sports profile etc) and in effect create a digital perspective of who you are in a crowd. While in large crowds this enables digital introductions whilst preserving your anonymity.  It enables you to use the phone in your pocket to look around you and potentially find more people of like mind, similar interests or goals, rather than just those that through happenstance you meet because you stood close by.

This is why we believe in pseudonymity – the use of a false name to provide anonymity.

You can of course use your real name as a Krowd handle, but we advise against it.  We’d also advise having a unique Krowd handle, in other words don’t use your Twitter handle unless you really want others to have the potential to link information about you.  Remember in the Krowd we seek to give you the privacy and control of your data that the vast majority of other apps and social networks seek to collate in order to profile you.

Delete should mean Delete!

The reasonably tech savvy amongst us have learnt that on our PC delete does not mean delete, it means the file is in the trash and is not deleted until the trash is emptied.  However the really tech savvy know that even then the data is not deleted. Instead the pointer to the file data is removed and so that data looks like its deleted.  The computer then marks the file area on the disk as unused, and eventually it may get overwritten and thus destroyed and thus really deleted.  This is why tools like undelete can recover files you thought you had lost – especially if you undelete soon after you deleted them and emptied the trash.

But the world has moved on – now most of our data is in the cloud.  In theory we’d expect that delete in the cloud works the same as delete on a PC.  WRONG.  It seems that our legal friends allow delete to be used an app function when in fact it does not delete the data at all, not even like on a PC.  Instead, in many cloud systems, all delete means is that the data is no longer visible to you or the other people it was previously visible to.  In fact the data is often a very active part of the cloud system; its in use by the app or service provider still, often so they can use it for analytics, marketing or other money making services.  In short, once the data is shared it effectively belongs to the person you shared it with.  Only those savvy enough to read and understand the legal documents can usually discover this.

So why is this?  The key is ‘ownership’ – while the legal guys often use terms that imply you own data, or even copyright in some cases, what you may not know is that you have also signed up an agreement that states the company whose service you use has an irrevocable agreement with you to use all that data – forever.  What they don’t say in clear terms, which kind of shows their dishonesty – is that you can NEVER delete the data you shared, explicitly or implicitly (the meta-data about how and when you used their service).

This is why we at Krowdthink are striving to give our users true effective ownership of all their data in our social network.


Why the Right to Delete is so important Online

We all instinctively know that when we connect to websites and use online apps that some data is being collected about us.  Sometimes we explicitly know what that data is from forms we filled in, but in reality it’s what we do online that tells the most interesting tale of who we are.

What we spend time reading, what we skip past, what we click on, what we respond to – all this information adds to a profile about us and it can be extremely detailed – see this 60 Minutes TV story: The Data Brokers: Selling your personal information – 

Most people think that this information is just used to target adverts, so what’s the problem?  Unfortunately they are wrong, as the 60 Minutes documentary highlights, in the US in particular, huge corporates collect more and more data about your online activities and analyse it to create a view on who you are, your interests, habits, who your friends are etc, they then sell this data on to anyone willing to pay, which includes insurance companies for example, who want to know more and more about how much of a risk you are.  The trouble is, this profile collation is unregulated, cannot be tracked and you cannot review it for accuracy.  So a bit like a gossip who gets a bit of a story wrong because they only hear one side of the story, these data brokers don’t really know how accurate their profile of you is.  It only takes one inaccurate bit of data to end up costing you dearly.

Now of course this business will eventually be regulated….but as 60 Minutes highlights, governments love this Big Data too.  They are a customer as much as commercial entities, and as such it’s very empowering for them, so they are not exactly highly motivated to give you the consumer the right to control this data.

Even if you take care about reading privacy policies on websites and apps (I do), you’ll find that the business model du jour is build it, collate as much user profiles as possible then decide what the business model for making money is later on. In short you do not know how the data you share will be used when you engage with a company – and by the time they decide, you are committed.  Even if you make a choice to stop using that service or use a more privacy conscious  competitor service, the business still owns all the data they collated about you and can sell it on, usually years worth, by which time you may feel it’s too late, you are hooked in so you may as well continue.  This is the pernicious culture the business model of the internet today cultivates.

So what to do?  In our opinion at Krowdthink, the most empowering thing that can be delivered to consumers is the right to delete.  Specifically you should have the right to delete any specific piece of information about you, or indeed all the information collated by a business or service.  This requires transparency of what information is held by a business or service.  Its your data so why can’t you see it?  Except of course it isn’t your data – the legal structures of companies like Facebook make it clear, every bit of data you share with them, every interaction, is owned by them to use commercially. This is why at Krowdthink we are creating an innovative legal structure to  guarantee that your data belongs to you.  As soon as you make that step in your business process, the right to delete follows as a natural consequence.

If we can set an example in social networks about how data can be used to deliver a service and still empower the end user with complete control, we can reverse the  data collection and ownership culture of Big Data businesses. Empowering consumers with the right to delete is the only way we can reverse the current pernicious Internet business culture that so disempowers us as consumers and users.

The EU has been seeking to add the right to delete to the Data Protection act, it’s being strongly fought by Google, Facebook and others because it undermines the core of their business.  We suspect if the right to delete is ever legislated it’ll be so watered down as to be meaningless.  But this does not stop innovative companies delivering this empowering capability to end users.  It’s Krowdthink’s mission and when we launch the Krowd you’ll see it in action.  It’s time to take back control of our data online!

A Day in the life of ManInTheKrowd

It’s a bright crisp autumnal morning and ManInTheKrowd leaves for work at 6am to catch his train. It’s packed as normal and it’s a job to get a seat, but he eventually gets settled for the hour-long journey.  He sets his Krowd persona to Social and connects to the Krowd in the train using their onboard Wi-Fi service. The journey to Birmingham passes quickly as he browses the persona’s of people in the Krowd, chats with a few regular early morning travelers like himself, people he follows who he can see are on the same train as usual. He picks up their persona updates about what’s been happening with them recently and comments on KarenKool’s Krowd Blog (Klog) entry about a local restaurant she went to last night, asking if the service was as good as the food.  JoeB broadcasts that he’s starting a new job today at Big Corp and he gets a load of congratulations and a couple of introductions from people who work at the same office, although someone called Madfly says something unpleasant. A quick review of their profile indicates a lot of people ignore Madfly, and ManInTheKrowd adds Madfly to his ignore list too.

ManInTheKrowd needs to get his wife a birthday present in a couple of days time, she has raved about a couple of fashion designers recently and he noted them down in his retail persona. While on the train he updates his retail persona search tag and Klog (Krowd blog) with a couple of ideas of what he’s looking for.

Upon leaving the train station in Birmingham city centre he sets his Krowd persona to retail. As he walks through the shopping centre a few of the shop assistants take the opportunity of the early morning quiet time to browse the Krowd, thanks to Digital Birmingham’s deployment of free WiFi throughout the city centre. One sees ManInTheKrowd’s retail search tag about fashion accessories and his latest retail Klog entry stating he’s looking for a birthday present for his wife.  She sends him a comment that her shop has a beautiful Orla Kiely handbag at a knockdown price.

ManInTheKrowd enters the 10 story office block where he works for a small company of a dozen or so people in a shared office facility.  He sets his persona to business as he enters the building.  No one here needs to know he’s looking for a birthday gift for his wife or what she likes.

The office management company uses the Krowd as an easy and secure way to connect all the people in their office building socially, both workers and official visitors. GreatOfficeAdmin has updated his business Klog to let everyone know that they are trialing a new sandwich supplier in the cafeteria this week and encourages everyone to try them out.

ManInTheKrowd can see everyone in his company has arrived for work except LaidBackLarry, he’s not in the local Krowd list.  That’s par for the course, but he sends him a personal message just to see if he’ll be in the office in time for the 9.30 sales meeting. He responds to say he’s stuck on the motorway…again, but won’t be more than 10 minutes late.

GreatOfficeAdmin , as efficient as ever, broadcasts a reminder message about the sandwiches several times leading up to lunch. So at lunchtime ManInTheKrowd goes to try them out and while in the café he checks his retail Klog and sees the new highlighted comment about the handbag.  That’s useful, he can nip down there straight away, and he messages them to check its still there and gets a confirmation. The handbag is perfect and at just the right price.  After he has bought it he deletes his Klog entry and changes his search tag.  He does not want to be contacted now he’s got what he was looking for.

In the shared office it’s always nice to meet someone new, especially from another company.  So when SandraD joins Acme LLC on the next floor, she introduces herself via the Krowd and Klogs about her business interests.  It just so happens she’s there to add consulting services on PR to Acme, just what ManInTheKrowd needs to help him launch his new product next year. He checks her business Klog and can see she worked for a competitor previously, that could be useful.

After work, ManInTheKrowd meets up with his friends to watch a basketball match, so he sets his persona to sport.  They decide to meet up in the stadium entrance hall. Except its packed, and hard to move, so getting together is hard.  Using the Krowd ManInTheKrowd can immediately see his friends are nearby, so they just message each other and decide to just get to their seats, but that Fred will get 6 pints of beer as he’s closest to the bar.

BasketCase is a sports statistics geek, and he continuously updates his stats in the Krowd via his sport Klog, highlighting to all in the stadium when Big Jock scores his record breaking one thousandth basket halfway through the match….and to add value, as he knows its coming, he snaps a great pic of that basket and shares it in his sports Klog with all those people who were there to experience that special moment, many of whom copy it to their Klogs to show their friends and family when they get home.

On the way home, on the late night train he rarely takes, ManInTheKrowd looks to see whom he knows in the local Krowd.  He still has his sports persona set, so CloudMan, someone he has often Krowd chatted with on the early morning commuter train, contacts him after seeing his Big Jock’s one thousandth basket pic.  It seems he’s a huge fan too but missed the game, so he copies the pic into his Klog. They get on well in the Krowd chat, and as the train is half empty, decide to meet up. The real-life CloudMan is a nice as his Krowd persona, so he is invited to ManInTheKrowd’s regular basketball group and a new friendship is made.

Sometimes it’s those instances of shared interest or experience that bring people together.  This is what the Social in Social Networks should be about, helping make real life connections with real people.

You always pay for Social Network services

The norm for social networks is that they present the idea they are free. But they are not of course. You pay by helping them collate a profile of you. Not just with your profile itself, but by how you interact with their service overtime, which adds to the identification of who you are. The longer you interact with a social network, the more new ‘features’ you use, the more information you provide, the more accurately the social network provider can define you. For some this does not cause them concern. For others it causes disenfranchisement with social networks, which is a shame, because they are incredibly useful tools. But what parent has not blanched at the thought of their teenage son or daughter opening up a Facebook account? Some like me deny them the right to do so, others cave in to peer pressure despite their trepidations and others are more than happy to be able to monitor their child’s online behaviour by requiring their child to friend them, despite the fact that the monitoring itself adds to their own profile! Facebook have finally admitted your data is the price of admission. Even Google has claimed that users have no legitimate expectation of privacy! when a service is provided for free.


The claim is that the data is ‘only’ used for marketing purposes, or that if it is shared it is anonymised. But at what point does a detailed view of your life online identify you even when the name has been removed?  Real anonymisation is really hard, and expensive, to do, and it gets more expensive as you aggregate (bring together) more data  The more expensive it is to do the more likely it won’t be done right by entities seeking to commercialise your profile.  The law lags this commercial monetisation of your data  woefully.
There is no such thing as a secure system. Facebook has been hacked more than once. In the last admitted breach they ‘only’ lost the profiles of 6 million users! There is an internet mafia that truly understands the value of this data when in the hands of those unconstrained by law.  The only real defence is to minimise your personal data and meta-data.

So do we have to pay by providing a profile of ourselves that can be sold onto marketers? We think not.

Since the time Facebook, Linkedin and Twitter and other social networks have started there are two truly ground-shaking changes in the market that if leveraged  can turn the personal profile commercial land grab around in favour of giving users control of their data and thus their profile.

The first is the emergence of the app purchase model.  When seen as a micro payment mechanism it delivers a method to provide revenue to a social network provider that does not require the service provider to be seeking ever greater information on you, at a price less than a pint of beer.  In fact, it can reverse the profile collation trend and  become meritorious to only store data that you absolutely need to use the social network to deliver real socialisation value.

The second is the incredibly rapid decrease in costs of server technology in the Cloud. The market pressures on cloud companies to drive down costs, combined with the benefits of scale being returned to users in a price competitive market, means that server costs are now orders of magnitude cheaper than when the incumbent social networking companies were first formed and had to invest in their own server technology.

If you couple a meritorious desire to minimise profile collation and storage, with the massively reduced cloud service cost reductions and then deliver these benefits through a micro-payment mechanism you have the tools needed to re-shape social networking and put users back in the driving seat of control of their data. At least we think so.  Read our “Your Data” commitment to understand how we are doing this.

PRISM, the NSA – We “only” collect the meta-data

In my opinion, this statement from the US National Security Agency, when defending themselves against the revelations by Ed Snowden about how PRISM collated data about your online communications, is perhaps the most reprehensible piece of marketing double-speak I have heard for a long long time.  They know full well that the vast majority of people don’t really understand what meta-data is, nor how it can be used.  So they rely on ignorance of the populace to hide what they do. They really do think we are stupid.

This article in the International Business Times gives you a useful way to visualise what it means by allowing you to analyse your own email traffic to show what it reveals about you.  What the article does not do is highlight that this data is aggregated and correlated with vast troves of other online activities you engage in.  These two terms, aggregate and correlate, are where it really gets scary.  What you do in any online service is aggregated with what you do in email and other online activities. Lets face it you usually provide an email to validate so many of your logins right?  so how hard is it to correlate a validation email received from a service provider to your personal account if you are tracking the meta-data (who sent what when to whom)?  It’s not hard at all.  This new meta-data is inferred (we’ll get to why that’s scary later) and is aggregated with other data, all of which is inferred from what you do, when, who with.

We are all private individuals, even if we use a social network, we are careful who we connect with, what we share, our kids at school have this drummed into them.  So they think they are safe.  I had exactly this experience when I presented the Krowd privacy concepts to a bunch of tech savvy android developers at a college.  All 16-18, the general consensus was, if I am careful about what I post, so what?, no one sees anything I don’t want them to see.  So wrong.  The meta-data sees a lot lot more. I pointed out that while they used online tools from the same place at the same time on a regular basis, that meta-data can be obtained, stored, aggregated from multiple service providers (hence why the NSA has deals with so many large online service providers) and then patterns of activity can be spotted.  your patterns are mapped to patterns of other individuals, and it becomes easy to infer a relationship between you and someone in your class even though you never connect to them on social networks, email or anything else (and your college records are maintained privately).

The problem with these inference engines is that they work on heuristic programming techniques – which basically means they make connections on the basis of probability, not certainty.  So you are probably connected to those same people in the same place at the same time.  But at what point does this probability become certainty in an investigators mind? Getting back to my initial point about understanding of meta-data, even our courts struggle with such things, they are not staffed with technical people, so the chance of an inference being taken as proof steadily rises, but where is the courts application of reasonable doubt in this context?  As yet its an unresolved legal issue in most countries.

Meta-data + Aggregation + Correlation + Inference = a very uncertain world for the ‘little people’…that’s you and I.

On a positive note – The NSA, however powerful, and they are (see the wired magazine article on General Keith Alexander) are ultimately answerable to the people, law and government.  So there is hope that eventually the ‘little people’ can claw back some semblance of online privacy, although the issue of country boundaries will vex law makers for many many years.

But, in my next blog I will discuss how commercial online  entities stay 3 steps ahead of the law, by offering convenient services for ‘free’….of course only a fool believes anything is truly free, they are commercial entities out to make a profit, and they profit from you as the product, and you’re getting a raw deal.