When Edward Snowden revealed that the National Security Agency has been accessing phone and email records of American citizens, the news shook the world and changed the way many of us look at the issue of privacy in the modern age. For example, we’re no longer under the mistaken impression that it actually exists.
Unfortunately, it turns out that the NSA scandal is just the tip of a spying iceberg that’s ready to collide with your sense of normality and sink you into the dark waters of super paranoia, a not entirely unreasonable response to finding out that…
1. The Post Office photographs all your mail.
For 12 years now, the United States Postal Service has been photographing the exterior of every parcel that comes through their doors to determine how (but not “why,” seeing as FedEx exists) mail moves around the United States. It’s called the Mail Isolation Control and Tracking program and it’s been in play since 2001, when anthrax was sent to politicians and news organizations through the USPS, resulting in five deaths. On average, MICT records around 160 billion images of your letters and packages a year, which the Post Office can keep around for as long as they want.
It’s important to note though that the Post Office does not actually open your mail (which would require a warrant), and just like the NSA is merely collecting your mail’s “metadata,” i.e. names, addresses, etc. Although, that’s a little bit like saying that your stalker isn’t so bad because, yeah, he follows you around but doesn’t peek through your window while you’re changing.
So, what does the Post Office do with all those images they take? They mostly hang on to them until a law enforcement agency asks for access to them, which the USPS grants independently, with no judicial review whatsoever. It’s so comforting to know that the only thing standing between you and a gross invasion of privacy is a group of people famous for wearing silly hats and delivering a bunch of catalogues you never asked for in the first place.
"Newman! Of course!"
And it actually IS a pretty damn big invasion of privacy because the metadata from your mail can tell a lot about you, like your location, the people you associate with, your movement patterns, etc. because, well, of course it does. No organization would spend hundreds of thousands of dollars to spy on you without good cause. And there have been times when the program has proven its value; the MICT helped identify the person who mailed ricin to President Barack Obama and assisted in targeting prostitution rings and drug smuggling operations.
So, yeah, the system has had its discrete successes, but the question we're all left to ask is, are we really okay with our fine men and women in blue (shorts) surveilling us without our knowledge on the off chance that we might one day try to poison the president?
2. Equifax collects salary and other sensitive employment information -- and sells it.
In this day and age, employment and credit information has become almost unthinkably valuable. It’s what’s allowed consumer credit reporting agencies like Equifax to become huge, billion dollar enterprises, which apparently allows them to blatantly wriggle their way around the law by sharing other people’s personal information with all sorts of companies.
Take The Work Number, for example, an Equifax-operated service originally established to provide companies with your employment record. So far, nothing wrong here. Hell, it might actually be better for potential employers to confirm your work history without having to talk to a real person who knows exactly what you did to the punch during the office Christmas party.
Once the kids got into it, all hell broke loose.
However, with over 20,000 companies signing up for The Work Number, it’d be a logistical nightmare if all of them had to constantly update your employment history. So, most places just give Equifax direct access to parts of their HR files, including a week-by-week breakdown of your salary. Equifax knows, and at least one researcher claims that they can resell that information (including your home address, email and phone number) to other companies.
Depending on where you work, Equifax might also have access to the details of your health insurance, according to author Bob Sullivan, who’s discovered that The Work Number database may contain up to 190,000,000 employment and salary records, including one-third of the adult population of the United States.
How the hell are they getting away with it, you ask from underneath your newly folded tinfoil hat? Actually, Equifax is quick to point out that buying an intimate look into the financials of anyone with an employment record in the U.S. is totally legal under the Fair Credit Reporting Act. And even in instances where Equifax has taken it upon itself to tattle to mortgage companies if someone in their records has recently been laid off (which may delay payments), it's because people have agreed to it in the fine print of their original mortgage agreements, as if you've needed any more reasons to pay attention to those damn things.
3. The MPAA employs online undercover agents.
Whether you think online piracy is harmful to artists or not, most of us probably agree that the organization that’s set out to fight it, the Motion Picture Association of America, can go eat an expired turd sandwich. Somewhere between suing the compression pants off retirees and dead people while engaging in intellectual property theft itself, the MPAA (and its kissing cousin, the Recording Industry Association of America) has seemingly done all it can to transform themselves into a cartoon supervillain organization. Their next logical step: hiring people to spy on your posts to internet message boards.
Earlier this year, the MPAA announced an opening at the company for an “Internet Analyst,” an otherwise real job which in this case is actually code for “online snitch.” As an MPAA Internet Analyst, your job would include, “monitoring social networks, communities and forums” and reporting on the trends you'd observe there. In other words, you'd sign up for message boards and torrent sites and try to sniff out who, exactly, is uploading all those pirated copies of “Grown Ups 2,” presumably so that his family can get that poor soul the help he so desperately needs. But mainly, it’d be your job to identify individual people who produce or access copyrighted material, and then report those findings to the MPAA’s Sue-icide Squad.
This type of job has traditionally been done by automated software called “sniffers,” but as pirates became better and better at their job, the MPAA and RIAA found the need to introduce a human element to their web monitoring. If you’ve never done anything illegal online, you probably have nothing to worry about, but you have to admit there is something really unsettling about a legitimate job position that's barely above crying to the teacher because some kids in class were entering "80085" into their calculators.
"Oh, you're going DOWN!"
The position specifically requires that the MPAA’s “Internet Analyst” has a bachelor’s degree in Economics, Computer Science or Engineering, all to potentially target individual people and present (completely unbiased, naturally) evidence that piracy is harming the movie industry. The fact that the position shares basically the same title with the army of 2,000,000 government employees monitoring the Chinese internet shouldn’t even surprise you by this point.
4. The Air Force takes aerial photos of you.
As far as government institutions go, it’s hard not to love the Air Force, what with them getting to tear open the sky at supersonic speeds and blast America’s enemies in what is essentially an oversized Iron Man armor.
Though hopefully with less booze in their system than Tony Stark.
However, other than computerized flying tanks, the Air Force also makes frequent use of unmanned aerial vehicles or drones. The use of drones in combat areas remains a controversial topic, which probably won’t be helped by the fact that the machines often take off from the continental United States ... with their recording equipment turned on. This means that whenever the Air Force deploys a drone to Yemen or Pakistan, it often first flies it for hundreds of miles over private properties, all the while free to record the movements of ordinary U.S. civilians.
What’s really scary about it though, is that this wholly illegal monitoring is only being sanctioned because each time it happens, the Air Force simply “promises” that the recording equipment was turned on unintentionally.
No one really knows what the drones flying over the U.S. could be recording, exactly, but remember that we are talking about 21st century technology specifically designed for gathering information. Not only that, but all this “accidental” spying data captured without consent doesn’t merely get streamed to a bored operative in real-time. No, it gets recorded and reviewed by Air Force analysts because, well, since they already GOT it (“by accident,” remember) it would be such a waste if they didn’t first make sure that you weren’t in fact a communist-sympathizing al-Qaeda operative with an unpaid parking ticket and a stack of overdue library books.
And in accordance with Air Force Instruction 14-104, which covers oversight of its intelligence activities, the department also has the right to hold and analyze their captured drone footage for up to three months. After all, the Air Force totally didn’t mean to go all Orwellian on your ass, which they incidentally recorded while you were sunbathing naked in what you assumed was the private comfort of your own fenced backyard. It’s essentially the same thing as “accidentally” walking in on your sister’s friend in the shower while holding a camera, and then examining that footage for 90 days under the excuse that you’re checking her skin for moles.
Correction: Portions about Equifax's data collection practices have been updated in this story. In particular, there are some limits to what information is collected and what type of information can be shared with different types of third parties. Also, before getting a mortgage, consumers are asked to provide consent for Equifax to update the mortgage company about loss of employment. Always read the fine print and be careful what you're signing up for. As we've learned, this stuff is complicated.