I take it as a given that thanks to online advertising and the rise of information brokers that we live in a time of extreme information asymmetry, a time in which the few tools available for individuals to give or withhold consent about personal information collection and analysis are insufficient to the task – if not under existential threat. Indeed, it is not hard to find examples in current events that substantiate this view (e.g., Equifax, Facebook, facial recognition, DACA, etc.).
And whether you are personally concerned about issues of privacy (perhaps because you believe you have nothing to hide), you should be concerned about the ability of even the most sophisticated technology company to keep the data collected about you secure. Data breaches happen with alarming frequency. It’s one thing to be blasé about what a company you’ve chosen to do business with might do with your personal information; it’s another thing altogether when the bad guys have stolen it.
Absent a political movement to put in place a new regulatory regime (which is ultimately our only real remedy), much of the existing writing about common sense steps that individuals can take to reduce their exposure to digital and online threats is focused on minimizing disclosures, blocking and/or quickly remediating potential vulnerabilities, using password managers/better securing accounts, and choosing more privacy-conscious software and services.
Another tactic – as much a statement of political protest as a technique to enhance privacy – is obfuscation. By obfuscation, I do not mean the use of encryption, e.g., to secure communications via messaging apps such as Signal or Wire or even the use of encrypted email, VPNs, or Tor (a practice I unreservedly endorse); rather, I mean intentionally giving information in response to requests that is not directly connected to you or is false in an attempt to increase the cost of unwanted data collection and analysis.
Like airplanes releasing chaff and flares to avoid or delay accurate detection by radar and other tracking/targeting technologies:
Consider this interesting collection of ‘obscurity as a service’ tools and apps that have recently come to my attention:
- AdNauseum, a free browser extension designed to obfuscate browsing data and protect users from tracking by advertising networks;
- Blur, a service to make it easier to manage and protect your identity via masked email addresses and masked credit card numbers;
- Metapho, an iOS editor for photo metadata such as file size, camera model, ISO, shutter speed, GPS location and more;
- Privacy, a service to make it easier to manage and protect your identity via masked credit card numbers;
- Sudo, a service that allows users to create special-purpose avatars for any situation (with masked calling, texting, email addresses, and credit card numbers); and,
- TrackMeNot, a free browser extension that helps protect web searchers from surveillance and data-profiling by search engines.
The analogues to this practice of obfuscation are many – in nature and in human affairs – though it is not a tactic without pitfalls or its own ethical considerations. I’d recommend Obfuscation: A User’s Guide for Privacy and Protest by Finn Brunton and Helen Nissenbaum for a deeper consideration of this important topic.
Suffice it to say that I think there is wisdom in throwing up some digital chaff as we go about our personal affairs online…no matter how careful we may be with our digital footprint.
Thinking about whether and how such obfuscation techniques might be applied in education by privacy-minded students or educators (in PreK-12 or postsecondary settings) is…hard. There is little choice provided to students or families about what data are collected and shared and even less knowledge about how those data are used. Educators and students are compelled to use centrally purchased tools, data systems, and popular social media platforms. Anonymizing datasets is a practice fraught with challenges, especially in cases where data from multiple sources are combined. And, there seems little political will within the education system for a balanced consideration of potential cons to data collection in the event that modern digital learning innovations might be ‘good for [some] kids’ or surveillance might prevent ‘something bad from happening.’
Yet, even modest attempts at opting out of or otherwise obfuscating data collection and surveillance of privacy-minded students are likely to be met – at best – with incredulity by administrators and policymakers, if not downright hostility. Indeed, dissent by obfuscation is against the spirit of personalized learning and ‘student success’ systems, if not also literally against their terms of service. And, those most likely to be able to avail themselves of this technique (because of access to expertise, resources, and privilege) are least likely to need the protection it provides. To quote Shakespeare’s Hamlet (Act I, Scene 4), “Something is rotten in the state of Denmark.” There remains much, much work to be done.
Otherwise, here’s what caught my eye this past week – news, tools, and reports about education, public policy, technology, and innovation – including a little bit about why. No endorsements; no sponsored content; no apologies for my eclectic tastes.
A Thinking Person’s Guide to EdTech News (2017 Week 37 Edition)
- There was a problem with your feed! The error is
WP HTTP Error: cURL error 60: SSL certificate problem: certificate has expired
Note: my most current annotated reading list is always available here.
Like what you’ve read?