Authors: Thomas P. Keenan
Your refusal here is, however, largely symbolic. Yes, you are Âthrowing a small wrench into the store's data gathering system. However, if they want more information about you, they can go to data brokers who are happy to sell your details. Or, as Target clearly did in the case described earlier in
Technocreep
, the retailer can simply build its own profile of you, adding data to it every time you use a debit or credit card, subscribe to a mailing list, or redeem an offer of some sort. In the future, if society allows it, stores might use facial recognition or even a TouchDNA test to figure out your identity and track you.
Here are some ways to be properly parsimonious with your Âinformation:
Give out any phone number but your own.
Actually, it's probably best to have a small list of bogus numbers memorized so you don't find yourself at a store trying to return something and struggling to remember what phone number you gave when you made the purchase.
How to pick your fun number? You might want to think like a movie scriptwriter, and give out a number with the 555 prefix. Since the 1960s, the film and TV industries have been encouraged to avoid inadvertently showing a real subscriber's number. The numeric range 555-0100 to 555-0199 is officially reserved for fictitious numbers in most North American area codes.
Or you could be a little cheeky in your choice of fake phone number.
For a while I passed out the direct private line of a government minister who was in charge of protecting consumer privacy but who didn't seem very interested in doing that. The adult approach, of course, is to ask “why do you need that?” but who wants to argue with a cashier when you are in a hurry?
But wait, I just might want to receive a phone call from those people.
It's hard to imagine why you would actually welcome a marketing call, but if you do feel that way, there is a simple procedure that still protects your privacy. First, create a brand new Google Account. Then (currently this will only work for users in the U.S.) create a free Google Voice number linked to it. You can then check it periodically for voicemail, or if you really want the calls, forward it to a real telephone number. You will still have the option to undo this at any point in the future, sparing you an eternity of pesky calls from telemarketers.
Telemarketers.
Many countries have “do not call lists” that often fail to work properly and are even used by spammers in faraway places as lists of Âpeople to call.
Having little faith in Do Not Call Lists, I created a script for having a little harmless fun with telemarketers. It was vaguely inspired by the legendary “Angel of Death prank call” in which the person called tells a cemetery plot telemarketer that he's been “thinking of taking my life, and your call is the sign I've been praying for.” In his version comedian Tom Mabe even asks the hapless marketer if they offer financing for the plot, though of course he plans to need it right away.
357
After ascertaining that a caller wants to paint my house, remotely diagnose (and hack) my computer, or clean my furnace, I express great interest but remind him or her that “You have called a premium number.” Often they will persist with their script so I repeat this until I have their attention. I patiently explain that “we charge for incoming telephone calls. It's $75 for the first ten minutes and we take Visa, Mastercard, and American Express.” Once I did have some poor woman offer me her Mastercard number but I wouldn't accept it. Usually they hang up, probably flagging the number in their database as “crazy person” or something like that.
If a marketer asks for you by name, don't say you are deceased, tempting as that might sometimes be. One woman did that and her credit card company canceled her card. Do not be abusive to the telemarketers; they are only doing their job. Also, it has been reported that annoyed call center agents sometimes retaliate for rudeness by passing your number around the room for everyone to call.
358
There are also various hardware devices that claim to cut down on unwanted inbound phone calls. Perhaps the most famous, the TeleZapper, plays an “intercept tone” to tell the bad guys that your phone is disconnected. Of course, this can have its own unintended consequences. One customer who reviewed the device on Amazon.com said that his credit card company called to say his payment had not gone through, but got the “disconnected tone.” This “landed me in some hot water” he reported. The TeleZapper had other quirks, like playing an annoying tone on every call, and anyway telemarkers soon figured out ways to defeat it. Likewise for devices that require friends and family to have a PIN code to make your phone ring. They sound good in principle but are pesky in reality.
I'd like to be the President of the United States.
Well, I can't help you with that, except to mention that the official phone number of the White House is (202) 456-1111 and it's trivially easy to make a call that looks like it is coming from there. Sites like
www.spoofcard.com
disguise your caller ID and even allow you to change your voice. The main lesson is that someone can do this to you. So just because the caller ID shows the name of your bank, it is not necessarily your banker on the phone.
How old would you like to be?.
Some teenagers are masters at constructing bogus birthdates for everything from joining websites with a minimum age to buying cigarettes and lottery tickets. While you may not want to adjust your age by decades in either direction, who is to say you can't move it a few months in the interest of privacy?
Here's an interesting experiment. Look up someone you know personally who is notable enough to be on Wikipedia. Chances are good you'll find their full birth date listed. However, if that person is a computer security or privacy expert, like several I checked, the date is quite likely to be a fake one. One expert even asked me not to mention his name in conjunction with this point because “it will just provoke somebody to try to find the real date and change my entry.”
Is it OK to fib to Wikipedia? The site's “biography of living persons” privacy policy states that they will show the exact birth date if it has been “widely published by reliable sources” and notes that if the person objects then just the year should be used. Even if you're not Wikipedia-worthy yet, it's a wise move to have a bogus birth date handy for non-official purposes. Your government and bank will still demand the real one, but for most other uses any reasonable date will do. It's amazing how many online “happy birthdays” I get at the wrong time of each year because of this policy. The same goes for your address, mother's maiden name, and email address.
Keep your body pure.
There's emerging evidence that tattoos are a cancer risk, and not just because they can mask moles and other skin lesions. New research shows that tattoo inks, which are largely unregulated, can contain nanoparticles which may accumulate in the kidneys and other organs.
359
So, as explained earlier in
Technocreep,
if your boss comes after you with a tattoo gun to apply your new password tattoo, you might want to head for the door.
However, the biggest risk of “body art” may be to your privacy. Databases of arrest records routinely describe “identifying marks” and it is best to have as few as possible. As far back as 1959, according to a news report, there was a file with over “200,000 people arrested each year by the Los Angeles Police Department, 90,000 of which are tattooed. Each person is indexed with identifying information including a description of his or her tattoos and location on their body.”
360
In an interesting twist, according to the LAPD's current webpage, sporting visible tattoos can disqualify you from becoming a member of that force.
Fast forward to 2012, when the FBI announced plans to add “scars, marks and tattoos” to its Integrated Automated Fingerprint Identification System (IAFIS), which they proudly describe as “the largest biometric database in the world.”
361
Law enforcement agencies won't just be matching and tracking tattoos, they're going to try to understand their meaning “to help establish whether an individual is associated with a particular gang, terrorist organization, or extremist group.”
Try to Control Postings of Your Face (and Other Distinctive Features).
Of course your face is your most identifiable feature and it is pretty hard to completely control where photos of it are posted. Friends can tag you on Facebook; police can take booking photos that wind up on mugshot sites. Earlier in
Technocreep
I described countermeasures like tagging inanimate objects with your name to throw people off your digital scent. You might also tag lots of random people as yourself, making it hard for someone to guess which is the real you. Of course, this is moot if you have a perfect headshot of yourself as your profile photo and lax privacy settings on Facebook.
The reality is that, unless you are willing to eschew all forms of social media communication, keeping your face private is going to be an uphill and ultimately futile battle. The best you can do is avoid posting photos that might come back to haunt you. That session of doing tequila shots from lab glassware in high school chem lab might cost you a lab assistant's job later on in college. Those racy office party pictures probably belong on a USB stick in your desk drawer. There are countless websites where you can watch other people behaving inappropriatelyâthere's no need to add to the supply.
Posting photos of your body, and heaven forbid, sex tapes, is another no-no. Let's just say that image recognition technology is not limited to your faceâother parts of your body can also compromise your identity. A number of court cases, including the famous one involving Michael Jackson, have hinged on non-facial identification.
362
Tell your devices to be less promiscuous.
No matter how diligent you are in protecting yourself, your laptop computer, smartphone, and other tech toys may subvert your privacy efforts by automatically connecting to rogue hotspots, nearby Bluetooth connections, and NFC (near field communication) devices.
363
Sure, they're trying to be helpful by reaching out, but it's far wiser to turn off the automated connections and make your devices “non-discoverable.” Then just connect manually when you really want to share something. Turn off location services except when you really need them, and periodically wipe out all those airport and hotel networks that you no longer need to access.
Create another you ... or many!
Earlier, I described how some shoppers have posted the barcode from their Safeway loyalty card online so that people could use it to obtain the benefits like price discounts without giving up any of their own personal information.
One Internet rebel who did this, Rob Cockerham, added to his already considerable fame on the net and even managed to profit modestly from his prank. After posting his barcode online, and encouraging others to copy and use it, he sold his now-famous physical “Mint Safeway Card” on eBay for $21.53.
364
While a Safeway representative shrugged off the impact of this “odd sort of prank” in a media interview, if enough people did things like this, it might actually have an impact on their big data analytics.
365
There are definitely times when having “another you” can be an important tool to protect your privacy:
Make up a “straw man” for medical tests.
New testing techniques are revolutionizing medicine, and also raising major privacy issues. Your test results may reveal current diseases, genetic predilections to future diseases, and even facts about your close relatives. Of course, if you are in the hospital and they send your blood down to the lab, you don't have much choice about how it's identified. But increasingly, tests are coming out that are optional and driven by the consumer's choice and even curiosity, not medical necessity.
One U.S. company offers (subject to restrictions in a few states) a “Comprehensive Wellness Profile” of over 50 tests that they claim provides “a thorough Biochemical assessment of your health, and includes the basic cardiovascular tests as well as diabetes testing.”
366
There's also a whole menu of à la carte tests that give a whole new meaning to “playing doctor.” Think you've been exposed to zinc? They've got a test for that, priced at $37. By default, the results are only available to you, in online form. If you want them sent to a health care provider, you have to specifically request that service.
Direct-to-consumer genetic testing is booming and, even with some bumps in the road, is certainly around to stay. The laws about how companies and governments can use your medical results are still being written and debated, and, as we saw earlier in
Technocreep
, they vary widely around the world. But one thing is certain: they cannot discriminate against you if they don't know who you are. So, when submitting voluntary medical samples or other data, you may want to consider becoming someone else. Such as your pet dog, cat, or chinchilla.
But is it legal to use a false identity?
367
.
The laws about this vary depending on where you live. In general, it is illegal to impersonate a real person but not to create a fictitious identity for yourself. A further caveat is that you may run afoul of the law if you use your false
persona
to defraud someone or if your false identity is that of a public official such as a police officer.
The New York Penal Law, for example, makes it a crime to impersonate someone else and then do “an act in such assumed character with intent to obtain a benefit or to injure or defraud another.”
368
So, regarding those fake name medical tests, unless you are submitting the bills to an insurance company, or lying on a job application, it's hard to imagine that you are gaining any benefit other than protecting your privacy.