But maybe that’s because I’m from Germany. Here the concept of privacy is something most people like, at least in real life and in untechnical situations.
My experience from interacting with Germans is that you are above-average privacy conscious, which I find very admirable and gives me some level of hope that it is possible to gain some general awareness on these topics also in my country and elsewhere. Why do you think it is so?
Oh, I think this is very difficult. First of all because it is not a single reason why a future where privacy has eroded is a very bad thing, but rather many different reasons. This makes it difficult to know where to start, as it will depend on the person you are talking to what they are more receptive to. Concepts such as security, privacy, secrecy and anonymity are often confused. You have different actors you would want protection from, including corporate and governmental entities.
I don’t think most ordinary people you meet will be bad faith actors though, but I do think many tend to take offense if you are outspoken against something that is proclaimed to be about protecting children. Why wouldn’t you want to save children?
Some of the reasons below, but not an exhaustive list. As I said, difficult to know where to start.
-
You do have something to hide, even though you might not be doing anything illegal (to your knowledge). Most people dislike people staring into their living room from the street, and will install curtains or other ways to prevent it. Most people closes and locks the door when they go to the toilet. Most people do not say every single thought they have out loud. I think the disconnect comes from people not actually knowing what data is collected, and even if they do, they do not understand how this data can be used / misused to learn things about you or manipulate you, and the privacy threat of having this data stored anywhere even if it is not being used (i.e. risk of data leaks). In terms of manipulation, I think that the story on how Facebook nudged people to vote in the Scottish referendum highlights the creepy influence such a company can have on society, and this was already in 2014. Who’s to say the owners of such platforms will not use it to sway elections their preferred way by using such nudging tactics on the population they want to vote, and not on the ones they’d rather stay home. We shouldn’t have to trust that they don’t abuse such a power.
-
What today might be perfectly legal, might not be legal tomorrow. Case in point are the draconian abortion laws implemented in various states of the US. Facebook had to comply with government requests to hand over chat logs..
-
What today is illegal, should perhaps not be illegal. We do not want 100% law enforcement, as that would mean that we consider today’s laws final, however we are constantly evolving our laws. A recent example is legalization of weed in the US. How many have been incarcerated and had their lives ruined on charges related to weed? Yes now the same activities are in many states considered legal. Or homosexuality? Sodomy laws are not a very distant past in many countries (and still exist in other places of the world). If you had Apple or Google scanning your phones and flagging you to law enforcement for illegal activities. Effective mass governmental surveillance (and corporate surveillance that can be passed on to law enforcement) could potentially send countless people to jail on charges that could be legalized in just a few years.
-
Building an infrastructure for mass surveillance is not future-proof. You might trust your government not to misuse it today, but what about after next election? There are countless examples of less-than-democratic forces gaining power in Western democracies in recent years. We need strong protections against potential oppression/suppression, and not just soft protections that are easily swept aside.
-
We are dependent on journalists and whistleblowers exposing wrongdoing in our society. Lack of tools that ensure privacy and anonymity prevents this.
-
Even if our societies are not oppressive regimes today, many around the world are. Political opponents and resistance groups in such regimes need ways to protect themselves. Otherwise authoritarianism will have an too easy time to crack down on dissidents, making organized opposition impossible.
EU is doing a lot of good work to protect the privacy of citizens against corporate surveillance, but continues to propose regulation that would increase government surveillance. News such as this is good, as it seems to show that there are protection measures within the EU to stop such legislation from being effectuated. Another example is the Data Retention Directive, which was first passed back in 2006, but then later declared invalid by the European Court of Justice in 2014. However, while the intent when it comes to corporate surveillance seems aligned with the public interest, the intent when it comes to government surveillance is not. Such privacy violating proposals will continue to be proposed.
I certainly do not have a good overview over all of this. We are completely beholden to the great work of pro-privacy organizations and corporations to keep exerting pressure and making these pieces of legislation known and understandable to the public. But unfortunately, most people can’t even begin to consider the implications of such overreach, which is why the “protect the children”-rhetoric is so effective - “I am not doing anything illegal and thus have nothing to hide, so if we can protect the children from abuse by removing encryption which is only something criminals use anyway, I’m fine with that”. I am clueless to how I can best contribute here, but I am luckily seeing a shift among friends and family in the awareness on these topics.
My FP4 lasts two days on one charge, and charges fully in about 30 minutes. In most cases it shouldn’t be an issue finding a 15-30 minute interval within two days where you don’t listen to music in order to charge. Not all arguments against the removal are equally good, in my opinion.
However, I agree that dongles are wasteful. I burned through many such 3.5mm to Lightning on my previous iPhone. They had the durability of a snowman in Summer, and also cost about 10 bucks each for the official one. Since Fairphone claims sustainability as the main reason to remove the port, I’d love to see an actual calculation on the impact of broken ports vs broken dongles. I think the dongles will lose.
I’ve had a Fairphone 4 for just under a year running CalyxOS, and I am very happy with it. Not sure when / if CalyxOS will be available for FP5, but unless they have locked down anything, I don’t see why that shouldn’t happen. If I understand your post correctly, it is already available with e/OS/?
Maybe the specs are underwhelming, but with the FP4, it does not affect me the slightest based on my use case. Phones are more than good enough already. I do not play any games on my phone. Camera could be better - maybe it is on FP5? Is it the perfect phone? Nope, but at the moment, I think our choices are too limited if you want privacy and repairability. Supporting a company that pushes these kinds of phone is also a reason I went with this phone.
Swapable batteries are nice - I’ve not made use of it yet, but I am planning on getting one or two spare batteries for travel to keep in a printed case. In the EU, this will be mandatory in the future, but first form 2027. Other than that, I am happy with the ability to buy spare parts if something breaks. I can’t see myself ever buying something that is deliberately unrepairable again when there is no reason it should be. I don’t mind the lack of 3.5mm-port, which I know irritates a lot of people. If you swear to this, I can understand that this is disappointing. There exists an adapter, but my experience with these kind of adapters is that they quickly wear out. That was my experience with the iPhone and Apple’s own adapters at least. I burned through four in 1-2 years.
Yeah, it’s about finding the right balance for oneself. I know WhatsApp is very much needed many places, in the same way Facebook Messenger still is here (but to a much lesser degree than before, so there’s hope!). Discord I also have, and will keep, but if I find communities I’m looking for on Matrix instead, I rather go there first. Amazon does not really work well in my country, so that is not a big deal to delete.
Regarding e-mails: to prevent lock-in, I set up custom domains that I use with Proton, that I can easily migrate to another service provider if needed in the future. I have one for personal communications, and use a mixture of catch-all aliases and SimpleLogin for new signups and accounts I want to keep. I also have one domain for semi-anonymous accounts more associated with my “online personas” than my real identity. This fits my threat level nicely.
I have also rid myself of streaming accounts now (last one is heading towards expiration within a couple of weeks). But instead of not consuming any media, I must admit I have taken to piracy again. The goal is to be a lot more conscious about the content I consume - too much time has been spent on mindless browsing for something to watch on Netflix and garbage movies / shows. Now I host Jellyfin locally, and I control exactly what content is there in the first place.
As to your last paragraph, I did not really understand what you are asking about?
Yes, proper regulation is difficult. My (limited) impression of EU regulation is that they often do have enough technology know-how to make regulations that to a large degree make sense, but not enough for them to be fool-proof. This is at least the case in the industry that I work in, which is also heavily regulated by EU. I don’t know anything about the processes of making these regulations, and whether those shortcomings generally are the result of sneaky lobbying (most certainly this must be the case at least sometimes) or lack of know-how.
I agree that the it would’ve been best to never have gotten into the mess in the first place, but these are sins of the past that are not undone now. I, like many others, was for a long time ignorant of the extent of data collection, and did not have the knowledge to fully reflect on the potential consequences (I signed up for Facebook as a teenager). And it’s not like all these companies have been very transparent about how much they collect and where the data goes and is used for. The vast majority of netizens still do not fully understand the scope of this, and are also not in a place to be able to apply best practice infosec principles.
My rant is about how unnecessarily time consuming and difficult the process of cleanup is, when you already find yourself in this situation, despite regulations that gives you the right to have your data deleted. Most people would not want to spend this amount of time on this, and as such, the tactics applied by these corporations work.
Agreed. I was using Apple products for more than a decade before switching to Linux and Android, and I opted out of several of their products long before I started considering the privacy aspects of things. For example, I found the experience of using something like iPhoto to be very lackluster. I reluctantly ended up using iCloud due to the superior pricing compared to Dropbox, which I used before. That was a particular nightmare when migrating away from the Apple “ecosystem”.
I’m sure their products cater to many users preferences, but I’m not one of those, and had a better experience using other products. That should’ve made me jump ship way earlier than I did, but a combination of cost (by the time I would’ve changed, I had already purchased a new MacBook which I ended up using for about 6 years) and inertia.
Yes, they are unfortunately not as opposed to surveillance by governments as they are by that of megacorporations. While I appreciate that they are trying to keep the likes of Google and Meta in check, I also very much dislike the several attempts to enforce data retention and essentially encryption bans.
That the Data Retention Directive was eventually annulled by the Court of Justice of the European Union gives me some hope that the legal system within EU can withstand these attempts, but maybe I am being too naive? https://en.wikipedia.org/wiki/Data_Retention_Directive
What is the benefit of using GMaps WV over the web client in a browser?