What isn't spying on me is nearly everything I use which contains the type of hardware that could be used to spy on me. The reason for that is that I keep things like that locked onto their own networks without the capability to reach back to their makers. I self-host more or less all my digital needs so assuming I'm not in the crosshairs of any TLA it is unlikely that there be spies in the server-under-the-stairs. My mobile devices run free software where possible, they are Google/Microsoft/Apple/etc.- free. Of course there does remain that one pain point of the radio firmware which is a closed-source blob and as such open to anyone with the money or governmental power to spy on me. There are also the banks which track financial transactions and the public transport companies which track where I go. When I'm on my bike, motorbike or tractor they're sadly out of luck since these are all old tech without any electronics. We heat the house using a wood-burning stove, I also use one to cook on, we generate more or less all our own electricity - yes, the inverter is also blocked from the 'net so it can not tell Fronius what we're doing here in the woods - but the power meter does spy on us though its radio transponder. I have access to what is supposed to be the same data through the P1 interface, it is theoretically possible to use this data to track whether we're home and what type of equipment (resistive/conductive) we're using. This is made harder when the inverter is running but it is not impossible. So, what is spying on me?
- mobile transponders
- financial institutions
- public transport companies
- power company
Who is trying to spy on me but with a bit of luck mostly thwarted from doing so
- Google/Microsoft/Metafaecesbook/Apple/etc (blocked and/or blended with other user's data)
- internet access provider (swamped with proxied data)
Just looking at the past decade I think most people would agree that what isn't spying on you, will be.
Or if that's not popular how about what isn't spying on you would be if they could.
(And while I'm ranting, I'm sure manufacturers would love a subscription model for the clothes I wear as well but they haven't yet figured out how to do that.)
my laptop. my camera. my non-gsm vehicle. my garage door opener. my television. my coffee machine. my fridge. my e-reader. my paper library. my turntable. my furniture. my firearms. my hand tools. my bicycle. my luggage. my stove.
most of my tools aren’t spying on me.
this sort of “privacy is impossible, we shouldn’t fight privacy invasions” is defeatist and toxic imho.
Other replies have made good points I agree with, but another way of looking at this is what "spying on me" means.
For example, is bookmark sync "spying"? I would say no, but many would say yes simply because that sync goes through someone else's machine. If the browser vendor uses aggregated domain popularity across bookmarks to inform their browser testing, is that now spying on me? Maybe, but the term "spying" has significant negative connotations that still don't feel justified to me. What if the browser vendor uses those bookmarks to target personalised information about browser feature improvements, is that now spying? I might find that a bit weird, but there's still an arguable user benefit there, and if that happened on device it's not really any different to most offline data analysis.
"Spying" really is a wide spectrum, from things that greatly benefit users with no privacy downside, to things that greatly benefit service providers with no user benefit. It's a nuance discussion that is worth having – just because something syncs to a server doesn't mean it's not worth doing, just because something is end to end encrypted doesn't mean it's not spying on you.
I propose focusing on the worst part: information collection on a massive scale. Even if it is not used right now by a spy. They can use what is collected at this moment against you at any point in the future.
This is fair, but hard to define. If you necessarily store data as part of providing a service, but don't use that data for (example) ad targeting, is that a problem? That's a service that cannot exist without data collection (examples being cloud storage), and a service that is valuable to users. Should we avoid services because of what they could do in the future?
Things like the DMA are addressing this well I think. The DMA aims to prevent sharing of data for things the user did not opt in to, that are outside of the product remit. So a hypothetical cloud storage provider could not use that data for ad targeting without getting an opt in from the user, but the user can still use the storage service.
I didn't give up on privacy, but it is getting increasingly harder to achieve. BTW do you know that your car broadcast unique IDs from each of your car wheels (TPMS), and that it is pretty hard to avoid facial recognition. or that they are installing car tag readers everywhere.
You are ignoring so much of the spying that is going on.
What about your phone? is it connected to cellphone towers? Is WiFi enabled... what about Bluetooth?
oh boy… your laptop is spying on you 24/7 unless it is in the basement disconnected from the internet. your TV is spying on you unless it is black&white :) you e-reader is spying on you. your non-gsm vehicle may not be spying on you directly but thosands or license plate readers all over the place are…
Are you sure? Or do you mean that you don't know how to stop those things?
My kindle WiFi is permanently off. I use a usb cable. It stops it from downloading adverts to p*ss me off.
My projector doesn't have a WiFi chip. It has an hdmi cable to my laptop.
My laptop runs a pared down Linux, the only thing on it that spies on me is Google Chrome. That's a trade-off I'm comfortable with, since I use pihole to block the adverts so I don't have to see them.
Do you know what basic OS runs on your network card? Bios? Wifi router? Internet provider's whole infrastructure with built-in advanced deep packet inspection?
It has been mentioned here in the past - in US there comes a guy (some 3-letter agency, probably NSA), installs new black box at ISP, and goes, nobody has a clue what that thingie does, mandated by law. That was before providers decided to just sell data themselves too (scrubbed probably, but not nearly well enough).
I get you have most of the stuff covered, fine for you, but its nowhere near 100%. And literally any phone out there is like swiss cheese all the way down to wifi chip OS from ie Broadcom.
What's your threat model? Are you planning to bring down the US empire? If so, why are you using IT at all? Carrier pigeons and one time pads might be the only safe method of communication in that case.
my e-reader is not connected to a network. neither is my television.
my laptop’s traffic is regularly monitored both on and off device, and i also have root on it. it’s not spying on me- i know because one actually has to check these sorts of things.
Are you sure your images aren't being tagged with location data? That's a pretty common feature these days
> my non-gsm vehicle
Most vehicles still record diagnostic data. Even if they don't upload it
> my television
How old is your TV? Any TV made in the last 5 years will be. 10+ years will still have diagnostic logs but might not upload them automatically.
Also satellite / cable TV networks track users too.
> my e-reader
I'd be very surprised if that was true.
> my paper library
As in your local library which you need to present your library card to check out publications? And who know who has what checkout out and for how long? They absolutely need to track their customers otherwise people would just steal books.
---
> this sort of “privacy is impossible, we shouldn’t fight privacy invasions” is defeatist and toxic imho.
- mobile transponders
- financial institutions
- public transport companies
- power company
Who is trying to spy on me but with a bit of luck mostly thwarted from doing so
- Google/Microsoft/Metafaecesbook/Apple/etc (blocked and/or blended with other user's data)
- internet access provider (swamped with proxied data)
Who is not spying on me?
- vehicles (too old)
- internet-of-things devices (blocked)