Interestingly, one “Big Browser” company has a feature that’s a useful tool in this context. Like the way Apple can’t “read” your iPhone’s data (specifically, Apple can’t decrypt it), Google can only share what it can “read.” You can password protect your Chrome data by following the instructions here.
Anyway, to validate the concerns a lot of you are having about your surveillance and privacy defenses, it’s important to know that the company running your browser goes on your Patriot Act 2020 “adversary” list. Even though, in this instance, companies like Apple and Google (etc.) are the ones having changes forced on them -- putting them in a position that’s sure to destroy user trust at scale. Engadget reached out to Apple and Google for comment on this matter and did not receive a response by time of publication.
Now, I know some of you are reading and saying, that’s it, I’m just going to use DuckDuckGo from now on, I know for a fact they oppose this and they’ve got my back. DuckDuckGo, a VPN, and a full-body condom ought to do it. Except you’ll need a VPN that already doesn’t cooperate with FISA warrants. It’s possible. Interestingly, NordVPN’s Warrant Canary has strong language stating it has never handed over user data. But to order those body condoms, you still need internet access.
That’s why your internet service provider (ISP) should probably go higher on your Patriot Act 2020 “adversary” list than Big Browser. Last year, the Federal Trade Commission launched an investigation into AT&T, Comcast, Google Fiber, T-Mobile, and Verizon after “T-Mobile, Sprint, and AT&T were selling their mobile customers’ location information to third-party data brokers despite promising not to do so,” according to Ars Technica. And in case you didn’t know the background on it, the EFF proved in court that “Verizon Wireless, Sprint and AT&T [participated] in the NSA’s mass telephone records collection under the Patriot Act.”
(If you want to get into the details of ISPs, DNS, and protecting data in that context, check out what Mozilla is trying to do in The Facts: Mozilla’s DNS over HTTPs)
In infosec lingo, when it comes to Patriot Act 2020, your ISP is an attacker in a privileged position. And right now we depend on the internet for, well, almost our very lives. Lives which require privacy — a human right.
2020 is many things, and one of those things seems to be an agonizingly long version of the infamous “Leave Britney Alone” video, except it’s us, and we’re at the tear-streaked breaking point over our data privacy. Now that we’re essentially trapped online most of our waking hours, we feel more used, stressed, poked, prodded, extorted, angry, tricked, and helplessly subjected to violations about our data than ever. It’s exhausting at a time when everything seems exhausting.
For now, we can focus on how to control the things we can, like doing privacy self-checks or take inventory of app settings. We get to know tools like VPNs and start to use things that end-to-end encrypt our communications -- we practice doing things that shore up our defenses a bit more than before.
While we do that, we’ll have to flex one of the less popular survival skills -- we wait. The ghastly changes to the Patriot Act, a thing that was already a shambling disaster of failed protections and rights violations, may still face a challenge or two before getting an Oval Office signature. Though even if McConnell’s amendment doesn’t squeak through this time, we now know that lawmakers at the top want an unprecedented, Facebook-level of spying and control over our online lives.
We just thought that trajectory was the stuff of implausible video games and far-out films -- which, turns out, are a lot less entertaining to live through.