Digital Security and Privacy for Human Rights Defenders

2.10 Identity Theft and Profiling

Abstract
  • Your digital identity is a collection of computer and Internet records that either relate to you or could be used to identify you.
  • A digital profile can be used to make certain assumptions about your buying habits, character, political or social affiliations.
  • A digital profile can be faked, stolen or modified, and all systems that depend on this profile will function according to the new data.
  • Your presence on the Internet should be a well-thought-out balance of open and anonymous actions.

This chapter deals with preserving and securing your digital identity on the Internet. It explores some topics already covered in the Manual. You will need to study them first before proceeding with this section. Stealing of one’s identity has become a common crime in the modern world. Carried out primarily for financial benefit, identity theft has resulted in untold financial and moral damage to the victims. It can also be committed out of malice or for political gain. The Internet presents an ideal location for thieves wishing to assume someone else’s persona. The digital domain, where we are routinely recognised by our email address, password or chat account, is removed from the natural world of recognition by sight, voice and touch. If the digital information we supply is faked by an outsider, it is difficult to verify the true identity of the sender.

Profiling is one of the steps involved in discovering someone’s identity and habits. A history of your Internet browsing and email communications can reveal important information about yourself to an attacker or a spam sender.
Many companies, including Internet Service Providers (ISPs), search engine firms and web-based businesses. They also monitor users as the latter travel across the Internet and collect information on the sites they visit, the time and length of these visits, the search terms they enter, the purchases they make, or even on their “click-through” responses to banner ads. In the off-line world this would be comparable to having someone follow you through a shopping mall, scanning each page of every magazine you browse through, every pair of shoes that you look at and every menu entry you read at the restaurant. Combined with other information, such as demographic or “psychographic” data, these details add up to highly detailed profiles of individuals. Such profiles have become a major currency in electronic commerce where they are used by advertisers and marketers to identify users’ preferences, interests, needs and possible future purchases. Most of these profiles are currently stored in an anonymous form, yet in the future they could be easily linked with names and addresses, gathered from other sources and making them personally identifiable.71

Profiling

After the 9/11 attacks, the US Federal Aviation Administration tried to start profiling all passengers who had boarded a plane in the country. They collected lots of social, personal and financial data to single out potential terrorists. The people marked out by such profiling, were meant to undergo more extensive bag and body searches. Enormous amounts of money went into developing the system, and some laws were modified for its sake. The method, however, was flawed from the beginning, and would-be terrorists could easily beat it by simply finding in their ranks the people who were not singled out by the profiling by sending volunteers on flights and picking up those whose profiled background did not seem to alarm the authorities. Those could then be designated hijackers without the risk of extensive scrutiny when boarding the plane72.

This is just one example of how governments try to use surveillance systems to control people through profiling. Their logic is that when a person’s identity is known, certain assumptions may be made about his/her abilities, motivations and socio-political attitudes.

If previously profiling systems were mostly used in finance and insurance industries, now we can see them being increasingly applied to our personal lives, particularly in the states that do not wish to stick to the internationally recognised principles of human privacy.

Profiling in the interests of global or national security remains a controversial issue. Targeted profiling to identify a person or a group on the basis of certain assumptions would constitute a breach of the legitimate and universally accepted privacy right. And although digital profiling is not yet practised in the countries with under-developed digital infrastructure, it is important to know what the future holds for them.

Profiling is an emerging business for private companies. Cyber Trace73 offers its clients the services of a partner’s marital faithfulness check, with evidence to be used in a divorce court. They services invite their customers to look for incriminating information by watching their colleagues’ online activities. The ability to collect and collate digital data is a powerful resource for conducting investigations, evaluations of a person or company and making accusations against them.

The American newspaper ‘Chicago Tribune’ was able to identify 2,653 CIA employees by simply searching through fee-paying data-mining websites74.

Digital Profile

Your presence on the Internet can be identified by several factors, some of which you can control and some cannot. These factors are integral to the way the Internet currently operates. Your computer is identified by an IP address. The Internet Protocol address is a unique number that is assigned by your server or ISP when you connect. It can either be static (always the same) or dynamic (assigned to you from a pool of addresses, see ‘Appendix B – Internet explained’ for more details). If you are connecting to the Internet through an ISP, your IP address will usually come from a range that has been purchased by the ISP. Therefore, your computer may at first be traceable back only to the ISP and then, depending on the time of connection, to you, too.

internet

You can be identified on the Internet by many distinguishing factors

Whenever you browse to a website or send an email, your IP address and time of access are recorded by the website or email server that receives your request. This data is usually stored for a long time. In many countries laws have been passed to demand that it is collected and made available to the authorities whenever necessary. Since a government cannot always have access to every website in the world, the data is often collected and passed on by the ISP that connects you to the Internet. If you only connect to the Internet from one computer using the same ISP, it is possible to have a record of your entire Internet browsing history. This could include all news sites and articles you have read, all organisations whose websites you have visited, all email addresses you have written to, etc. To prevent Internet anonymity, some countries (e.g. Tunisia, Syria) have passed legislation forcing public computer centres (Internet cafés and libraries) to record all their customers’ names and time of use. This way your browsing history can be traced back to you personally even if you use a public computer.

Cookies

Whereas cookies are primarily collected for marketing (and spam) purposes, they also create a distinct trace of your activity on the Internet which can be found at the website itself, at the ISP and on your computer. See ‘Internet surveillance, filtering and censorship’ chapter for more on cookies.

Digital Identity

You are identified on the Internet by the current IP address of your computer, as well as by the email address and the name associated with it. Together, these can be used to identify or monitor your activities, to create a profile that will describe your interests and circle of contacts, to be presented as evidence in court or to be falsified to assume your digital identity for a malicious purpose. The ECHELON system was created specifically for collecting and profiling as much information on the Internet users as possible. The majority of countries collect and store all the browsing and email data of their citizens.

A huge problem with the system of Internet authentication is that all the identifying features we have spoken about can be faked. In other words, an experienced user (or hacker) can falsify his IP address and email account to match yours. It is entirely possible for you to receive an email with an address that has the appearance of originating from your own computer and sent from your non-existent email account. By digging deeper into the coding of the message and using other information resources, we can uncover the real identity of the sender, but not many of us possess the necessary expertise in digital and Internet forensics. Only a few organisations and lawyers are now ready to face up to the fact that an email addresses and IP do not constitute fool-proof methods of identification. The majority of countries do accept the validity of a digital identity derived from the above.

Take an Internet chat. When chatting, you assume that the other party is the owner of the account. This can be your friend or colleague. In contrast to telephone conversations, you do not have the advantage of recognising the other party’s voice. Since Internet passwords can easily be stolen or compromised, an Internet chat becomes dangerous when your adversary could easily assume your friend’s identity and thereby receive important information from you. It is quite difficult to electronically determine the interlocutor’s true identity in an Internet chat. Here we must resort to using standard means of identification, by revealing pre-arranged or personal details, only known to the two parties, to each other. You could prepare a secret word or a phrase to be shared upon initiating a chat, or surprise the other party by asking a personal question, to which only the two of you know the answer. However, even this information can be compromised, especially if you do not use a secure chat client. The best solution for security and privacy in an Internet chat is not to reveal any sensitive or compromising information.

Authenticity

Digital signatures were created as an answer to the uncertainty of Internet-based authentication. They employ encryption to record the contents of your message and your identity, secured by a strong pass phrase. If the message is tampered with, the digital signature will become corrupt and the receiver will be made aware of the message’s invalidity. When you have implemented a good system of public key encryption, your digital signatures will be of utmost value in authenticating your message to the recipient, or his/her message to you.75

Do not trust the authenticity of an email if you cannot verify the sender by other means. Amnesty International recognises this problem, and all its email communications carry a disclaimer at the bottom:

“..Internet communications are not secure and therefore Amnesty International Ltd does not accept legal responsibility for the contents of this message. If you are not the intended recipient you must not disclose or rely on the information in this e-mail..”

If the email you are reading contains important information and cannot be verified by a digital signature, pick up the telephone or contact the sender by some other means to confirm the details in the email. This probably makes the whole email process irrelevant, but it also confirms one of the main messages of this book: do not over-rely on technology if privacy is a concern.

Anonymity

Our privacy, it seems, gets more and more undermined. Governments force their citizens to carry passports at all times. In the aftermaths of the recent terrorist attacks in the US and Europe, the countries that used to take the issue of their citizens’ personal IDs fairly lightly, are making legal provisions for reinstating their importance. The UK continues to debate the introduction of ID cards, with heaps of personal information, for all its citizens. Our movements around the world can be traced from airline tickets, bank records, car registration numbers, mobile phones and Internet email accounts.

Large corporations that provide Internet services are turning into data-mining warehouses. They hold records of our personal information shared when using their services. Increasingly, these corporations collude with governments giving the latter access to our personal data. One eye-opening example was the jailing of Shi Tao, a Chinese journalist, and LI Zhi, a former official, after Yahoo allowed the Chinese government access to their email accounts.76 Currently there are 48 people in Chinese prisons convicted as a result of their criticism of the government on the Internet.

It seems that our right to privacy on the Internet can now only be achieved by anonymity. Since businesses and governments do collect information to profile us from it, we cannot rely on their goodwill not to use it illegally, i.e. in breach of our rights. And although some progress has been made towards developing anonymous Internet systems (these are described in the ‘Internet Surveillance, Filtering and Censorship’ chapter), we must keep coming up with our own methods of obscuring, and thereby securing, our digital presence.

Imagine the Internet with no anonymity whatsoever. Everybody’s personal data is available for inspection and scrutiny. One cannot publish an anonymous blog or article for fear of reprisals from those who do not share the writer’s point of view or do not want it to reach a wider audience. You cannot read a website, classified as ‘subversive’ or ‘inappropriate’ by your country’s legislation. In such a censored world, every imaginable restriction of our privacy and freedom of expression can be easily implemented.

You can achieve relative anonymity by registering an obscure email address with a random account name. It is best that you do this from a public computer (for example, in an Internet café or a library). If you choose a widely used service, like Hotmail or Yahoo, you are sharing a user base with millions of others. An email address of 123random@hotmail.com will not immediately give away as much information about you as, say, dmitrivitaliev@hotmail.com If this account is registered under the name of ‘Someone Random’, the latter will appear in the ‘From’ field for the recipient. Do not include your name anywhere in the email message. Do not write details that could directly pinpoint your true identity. You must make arrangements with the party you wish to contact, so that they will know the email is from you. Even though these tricks do not offer the security of SSL or of message encryption, they make messages difficult to trace to a particular sender. Your email will only be identified by the IP address it originated from and the time of sending.

Do not reveal the identity of others through carelessness. If you are sending a group email, think whether it is essential that everyone sees the email addresses your message is going out to. Also, consider the possibility that your adversary can obtain a copy of the message and realise the relationship among the recipients. In most cases, putting yourself into the ‘To’ field and the recipients into ‘Bcc’ (Blind Carbon Copy) will protect group email addresses from each other and from any adversary monitoring your communications.

When you receive an email that you want to forward, only do so after considering whether the original sender wants to be known to the people you are forwarding the message to. In some cases, it is better to copy the contents of the email and compose a new message.

When browsing websites, pay attention to how your activity can be monitored. If you wish to dispel concern over your browsing to undesired websites (however those may be defined in your country), you should only look at them from public computers and preferably whilst using an anonymity network or anonymous proxy servers. If you do not want the websites you visit to collect identifiable information on you, apply similar methods and make relevant changes in your browser to deny the downloading and setting of cookies.77 Do not relax in this approach by browsing to an illegal website from your unprotected office computer ‘just for once’. Computers never relax, and the data once created do not just disappear.

Steps to preventing profiling

  • Do you need to sign up for a particular service or newsletter?
  • Some countries allow purchasing top-up credit for mobile phones. This is sometimes a better option for anonymity, as opposed to initiating a contract where all your details are listed and linked to the phone number.
  • Try and profile yourself and your organisation. See how much potentially damaging information is openly available.
  • Do a threat assessment with your colleagues to determine how much information is liable to be lost to successful profiling. Implement policies to defend your organisation against it.
  • Do not reveal any personal or potentially sensitive information in a telephone conversation.

On Computers and Internet

  • Do not create passwords which use information from your personal life
  • Do not use real names in creating email and other online accounts
  • Pay attention to which websites you visit and how you connect to them (e.g. through a proxy)
  • Do not disclose any personal information in an insecure email or an Internet chat.
  • Install a firewall and anti-virus/spyware software
  • Try not to send group emails and when you do, use the Bcc field for all addresses.


71
Privacy International – Privacy and Human Rights Report 2004 Threats to Privacy

72
Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System by Samidh Chakrabarti and Aaron Strauss

73
http://www.cyber-trace.info

74
http://news.bbc.co.uk/1/hi/world/americas/4799174.stm

75
see ‘Cryptology’ chapter for more details

76
Reporters sans frontières Annual Report 2006, Internet

77
see ‘Internet Settings’ chapter for more details