The Power of Privacy – documentary film

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Published on Jan 28, 2016

In this film, Aleks Krotoski travels the world to undergo challenges that explore our digital life in the 21st century. Watch her be stalked and hacked, fight to get leaked documents back, dive into open data and live in a futuristic home that monitors her every move.

Winner of British Animation Awards 2016: Best Film/TV Graphics

Jury Citation: 'For its distinctive graphic design and intelligent fusion of content and style, precision in conveying information, charm and visual wit.'

👍︎︎ 7 👤︎︎ u/trai_dep 📅︎︎ Dec 16 2016 🗫︎ replies

Hey, OP cough

Next time, can you include the description.

YOU'RE SETTING A BAD EXAMPLE, MISTER! 😏

👍︎︎ 1 👤︎︎ u/trai_dep 📅︎︎ Dec 16 2016 🗫︎ replies

I'm a bot, bleep, bloop. Someone has linked to this thread from another place on reddit:

[/r/privacy] The Power of Privacy (2016) - Documentary by The Guardian - 29min - [28:46] - Cross-Post from /r/Privacy

^{If you follow any of the above links, please respect the rules of reddit and don't vote in the other threads.} ^(Info ^/ ^Contact)

👍︎︎ 1 👤︎︎ u/TotesMessenger 📅︎︎ Dec 16 2016 🗫︎ replies

Captions

digital privacy doesn't always make headline views unless of course celebrity nudes are leaked or compromising corporate emails are made public but our relationship to the Internet has reached an unprecedented level of connectedness in this new environment the state of privacy deserves a closer look in this film I'm going to travel the world to undergo challenges that explore our digital life in the 21st century I'll be stalked I'll be hacked I'll fight to get leaked documents back I'll dive into open data and then I'll live in a futuristic home that will monitor my every move all to examine 21st century privacy but how did we get here before the 1600s most people's homes were communal life orientated around a central fireplace there was very little privacy or personal space and then a revolutionary new technology the chimney people could lock themselves and their things in personal spaces they began to appreciate their privacy and expect that what happened behind closed doors stayed there the rich have always had better control over their privacy in 1890s Boston Warren and Brandeis were attorneys for the high society so the next tech innovation came along their clients had grown accustomed to letting their hair down behind closed doors when photographs of their dinner parties landed on the front pages of gossip rags they were suitably outraged and them they won and the right to privacy was born now that was fine until the next big tech innovation came along and put a device into our homes and her pockets that lets us air our dirty laundry to the world our attitudes and the law haven't caught up yet I'm in Los Angeles to meet max a professional digital detective who works with businesses and celebrities to protect their online reputations I gave him just my name and then challenged him to gather as much information about me from what I'd willingly shared online are you ready to go through the box I'm a bit nervous it to be fair let's walk you through it this is scratching the surface this is essentially a couple of hours of work that's pretty deep you have a pretty sizable digital foot and most of this represents media that you put out yourself you might say to me well my life is an open book I'm not worried about you revealing any of that information but if I'm looking to go after you and to get you to do something you might not want to do I'm going to use anything at my disposal to create some sort of psychological leverage all right what is now we get into your social media foot brain okay yep these are all terrible pictures that I took with filling pear and lots and lots of selfies and places that you go that you Yelp about so your physical rotation starts to reveal itself documenting yourself and capturing clues that you might not have intended all of this I've intended absolutely all of this I've intended you've got a grin on your face that says that we're about to dive in yeah okay so now we're getting how did you find all of my addresses because you did a registration because you signed a document your previous addresses pieces of ownership yeah and photographs from the inside Wow oh my gosh because now that's on Airbnb so again we do the walkthrough of your spaces yeah my assets I'm gaining more and more personal information including that's my business addresses tax exemptions all of my company business yes you're worth your finances and this goes into a larger question of how companies are treating their technology and their policy if they even have a policy yeah in many cases I've seen it's an afterthought in start-up mode many companies they hire their developers and then information policy comes much much later but doing it from the beginning as you can see when you register that domain when you start creating these corporations you're starting that footprint so you need to control that from the beginning yeah and so what we're looking at here is a pile of things that have been indexed and then over time as software gets more sophisticated they'll get more searchable and obtainable we cast long digital shadows imagine the footprint left by a business with hundreds of employees all with the company email address all contributing to the online reputation and this is just data willingly put in the public domain but what happens when data that isn't for public consumption ends up in the wrong hands information we assume is secure like financial details credit card numbers health records business correspondence when a business falls victim to a sensitive data breach the consequences can be particularly devastating in order to get a better idea of this threat I'm going to face it head-on I'm going to get my guardian computer hacked the first hacker struck at a live Telegraph event in 1903 John Fleming was not at all pleased that prankster and magician Nevil Maskelyne chose to insert insulting Morse code into his fancy demo modern day hacking started with a phone line freaker's as they were known spent the 1970s making free international phone calls in 1981 however the first Freaker was convicted in the US for hacking but this hack helped to expose the holes in the phone system in 1988 the Morris worm hit an early version of the Internet exposing vulnerabilities in this technology in 2000 the love-letter worm infected 10% of the world's Internet connected computers causing almost 9 billion u.s. dollars in damages worldwide it was a casually created joke by two friends in the Philippines in recent years the new breed of geeks are being hired by governments financial systems and corporations to both attack and defend in order to get a better idea of this threat I'm traveling to Las Vegas here annually for the past 20 years international hackers have been gathering to show off their skills and to exchange techniques we already know what can be learned about me through a legal search but what can be uncovered with these specialists skills with my Guardian computer I'm visiting two hackers can they hack my laptop what is a security situation like in the Middle East say compared with Europe or the US I think the whole region is somewhere between five to ten years behind as far as awareness of the importance of information security mainly because the media doesn't really talk about it in the States you turn on any TV channel and there's a story about a big hack and because these things happen and they're publicized yeah I've just got an email from right my director he says there's a good article on the front page of The Guardian so Oh Lord there's nothing but bad news down here is there that's the world for you this isn't it except there's a cool picture from NASA now as you're browsing through the Guardian I just told her credentials so I have your email address did you know by either comm and the password is November underused which is very nice Guns N'Roses yeah and I'm actually compromising your whole machine I could have downloaded files or I could just do what we like to call a rick roll which is redirecting your browser never gonna give me I just send you to ragazzi today how did you exact my computer the website you're on is not actually the guardian take the card II know it is but if you look at it carefully which people don't really do on the URL it actually says the guard lien so I added an L in there but yes you did yes I did but you did yes I it was on it no I actually registered the website The Guardian com available it was not any more and so I cloned a live version of the actual Guardian website so you wouldn't know that you're not there no it looks exactly I mean the guy and then it's enough to take control of your whole computer because you actually gave me access just like clicking on the link okay I clicked through right to the link from a person who said email whom I trust well your Facebook is out there your LinkedIn and out is out there and we can find out who you're associated with and then we can get their email out of their LinkedIn or their Facebook and it's a very easy fake is it as easy to do this to to company it's probably easier because out of a hundred or thousand people you know it's more than probable that G some of them will click the link every year international hackers converge in Las Vegas to attend a series of conferences Def Con b-sides and blackhat over a few weeks they exchange the latest hacking and security tricks and techniques we're here in Vegas kind of in the belly of the beast are there any examples of this kind of exploitation happening in in the wild sure in the old days and by old days I mean five years ago we used to do a lot of USB based attacks where we would drop them around parking lots and that was really common so what I want you to do is just sort of plug that in yeah for one you don't ever want to stick anything into your computer that you don't actually know what it is at this point I can do anything I want to your computer I can do a key logger I can download upload files and you can see here that we're in the C user Alex's directory we notice that you have some business files and some personal files I do yeah we're going to go ahead and download those to our computer I don't want you to have that so now we could do a lot of things I could take screenshots from your camera of me of you we could record the sound and then we're able to download a file to your computer hmm it's moving and set it to your desktop background that's a fantastic picture guys I've been hat correct what about for corporations how are they vulnerable with this kind of thing we've done a number of penetration tests work we've gone to you know our local computer store we've bought 10 or 20 key boards we've soldered one of these devices and every single keyboard and we've you know packed them up box and just send them to the company and what we've done is you know put a fake letter in there that says hey we're from HP we really want you to check out our new keyboard we're hoping if we give you these 20 free models that you'll buy 10,000 of them down the road because they're so great you know please try these out and nobody resists free stuff I mean and if you make it expensive enough and nice enough people will use it but humans are humans is there anything that companies can do I would say basically its awareness training you can have all the firewalls you want and you know all the password policies if they're just going to get online and click on any link that's sent to them then it renders all of that moot sometimes we have to sacrifice some convenience for safety if it's too good to be true either in an email format or something you found on the ground or something somebody sent you it probably is Wow it was quite unsettling to see how easy it was to get hacked but the consequences of getting hacked aren't always destructive sometimes it ends up exposing corporate vulnerabilities or flaws that a business can then address and improve upon certainly from this hack the Guardian will be more astute with its domain registration thankfully none of my personal or the Guardians business data was subsequently leaked online but what if it had been how can we start to take control and what can we do to get information we never wanted to be on the internet removed there are clearly examples we're taking action to remove content from the Internet can have negative consequences so there's an example where Barbara Streisand had some photos of beachfront property published online in a public archive she tried to sue the photographer to take the images down and result of that was was a much larger public outcry and the image went effectively viral online as a result of the action that she'd taken so the very first thing is just to be conscious that if you put something on the internet there's no guarantee that it's that he's secured and under your control I think companies need to have some sort of incident handling plan to know when something does occur and it will how are they going to respond to that so it isn't just a panic in the business at that time I guess what we see in many companies is they've moved to adopt the new technologies because they bring great business benefit but not thought through necessarily the risk how do you ensure that that information doesn't make you vulnerable it really depends on where the data is so if it's you know it's linked through somewhere like Google Twitter Facebook there are removal procedures you can go through but if your data is on a you know a Russian hacker site somewhere are they're unlikely to respond to a takedown request so the best you can do is to try to mitigate the consequences so for both businesses and individuals once the information is out it seems nearly impossible to take back control of it since the earliest days of human communication we quickly learn the importance of confidentiality it's been good business 3,000 years ago in the Middle East Potter's used cryptography to keep their glaze formulas secret from competitors particularly during conflict protecting correspondence has always been of the utmost importance but it wasn't just military and business information we sought to protect in 400 BC the writers of the Kama Sutra recommended that lovers encrypt their messages to keep them from prying eyes now in the 21st century we're exchanging more business and personal information than ever before though we've relinquished control of this data to governments and a handful of corporations often instead of safekeeping this material we found that they're exploiting it to learn about preventive techniques my next stop is Berlin where I'm meeting Stephanie Hankey her organization provides tips tools and techniques to individuals such as journalists and activists whose lives depend upon retaining control of their digital privacy if you're interviewing people it may be just as important for you as a journalist but somebody from the outside can't see who you're talking to what they say about a phone call that we might have we might think it needs to be encrypted so people don't know what we're talking about and sometimes that's true but very often what's more important is that we're having a conversation not that we're just having a conversation now but that we also talked last week and that today we talk for an hour and that's better data what other forms of data might be collected about me you know for example if you're walking around a city in order for the phone to know where you are as I look at the map whatever you have to have location data on if you look on your iPhone in the system services section Oh lo and behold down somewhere buried in the menu there's our frequent locations most people are quite surprised when they look at it because it gives the kind of overview of something for example even guesses what your home is Wow when you start to look at the patterns then you can start to see things like you know probably when you come into the house after work when you leave in the morning those kinds of things you can't stop there but what you can do sometimes switch off location services yeah so what are companies doing with this metadata these companies are not yet very transparent about what they're doing with the data some of that's profiling and advertising and so on but some of its gone much further for example LinkedIn is also using their large-scale analysis of the data to advise governments and that becomes very complicated because people are not thinking that they're contributing to that sample in the modern world a huge amount of information is collected about each of us as we go about our daily life whether we disclose it willingly or unwittingly this valuable data is now a commodity that is traded amongst a handful of companies trading data is hardly a new thing we've always benefited from sharing information it's helped to advance civilization the Internet is the latest in a long line of technologies that have ushered in great innovations and social change ancient trade routes introduced mathematics and astronomy from Arabia weapons and vaccinations from China and spices and philosophies from the subcontinent the printing press blew apart traditional hierarchies letting the people interpret and proclaim rather than those in power the telegraph brought the world infinitely closer together totally disrupting business governance and the judicial system and every step of the way the powers that be tried to claw back control today there are 3 billion people communicating through the internet this latest Network has given each of us the empowering ability to collaborate share and exchange information rapidly and efficiently what if there was a way to harness it for the collective good I'm headed to Japan where I'm going to volunteer to test radiation levels using a community built Geiger counter I'll use my data to help map the fallout of the Fukushima nuclear disaster after the disaster in March 2011 information about radiation hazards that was being released by the government was at best incomplete often contradictory and ultimately not really reliable so we felt it was one thing to say oh my government tells me the regulation level is X I guess I'll believe it and or to go out there and measure it yourself I mean if you measure it yourself then you really can have confidence in that data so safecast was really formed to allow citizens themselves to gather the information that they needed and to disseminate it in a very free way safecast geiger kits are open-source through building the devices themselves people learn how the technology works and as a consequence many have offered both hard we're and software improvements this has helped to rapidly evolve the design people from all sorts of walks of life participate anti-nuclear or pro nuclear teachers housewives anyone can build it and submit data how can organizations wisely protect the data that they're collecting I think the most important thing that we found the need to protect his privacy for instance the privacy of volunteers we allow them to actually participate in anima sleep in Fukushima Prefecture there was concern that people you know would have the radiation levels in their front yard publicized and that this could somehow affect them negatively and because of that we decided to use a hardware hack to allow them to put the data in a grid of a hundred meters that doesn't identify that data spot with any one particular person's property how much of Japan has been mapped we argue that we have been able to provide a wider coverage of radiation surveys than the government has and this is because of the activities of very active volunteers certainly Fukushima has been repeatedly mapped for three years and more but there still are a few corners that no volunteers have been to so today we can go to a park encode award called kisame Park and we can check that out we're looking at 0.1 microsieverts per hour this is about normal you know pretty average for Tokyo how does that compare though with say somewhere like the epicenter of the accident this is a piece of a deck that one of our volunteers was building when the disaster happened in the town of Koriyama which is one of the fairly radioactive places in Fukushima oh listen to that yes hear it it's like the yeah it's it's it's very it's already now ten times what it was it this is a very radioactive example to get me hired and this is the degree of Fallout that was everywhere in that area inside the highly radioactive places in Fukushima Daiichi reactor itself it's a thousand times higher or more now getting to a point where technically because of the hardware and software tools things that were previously only possible if you are a government or a large research institution now a high school kid can do and this is only going to get better and quicker and easier and cheaper and we are trying to show the potential of that this is an example of the agile development that organizations can use when they open up and engage their contributors by introducing privacy measures safecast has built confidence in their project and trust amongst their collaborators this is an increasingly important consideration as by 2020 it's estimated that there will be 30 billion things connected to the Internet I'll explore the privacy and data implications by spending 24 hours in a technology Laden smart home technology liberate sus to pursue things we would rather be doing it always has done back in Iran agriculture technologies let us domesticate barley wheat and lentils so we didn't have to constantly travel to put food in our stomachs we spent our lives since then looking for ways to reduce the heavy lifting the Industrial Revolution meant labor-intensive hand production methods were given over to machines people could move to the city where the new middle class could find other pursuits when automation hit the scene we also gave the heavy thinking to these machines and they've become twice as smart every two years we've traveled to space and 20 years later we have the same smarts in our pockets we are now freer to won't want cheaper and faster we allow machines to do more of our work for us 70% of all trades made on the US stock market in 2011 were made by algorithms not people we autofill we store in the cloud we find love with a swipe right algorithms and artificial intelligences process this information for us however today it seems we serve computers most of us spend more time gazing into our four inch screens then into the eyes of our loved ones smartphones are setting us an endless stream of to do's and checklists in an attempt to alleviate this companies are creating new connected products to sense learn and ultimately predict our every need collectively these products are known as IOT or the Internet of Things you may have heard of domestic applications of IOT curtains that raise with you in the morning fridges that restock themselves but what about the toilets that check your health and notify you if you're pregnant IOT is expanding across industries from manufacturing to gardening from energy to mobility it's estimated that presently 1% of everything that could be connected to the Internet is imagine a world where the other 99% are also constantly sensing storing and communicating data but every aspect of our lives what kind of hardware systems does the smart home use Tomatoes Eureka Otomo Tina's nos Sudan history studies Capasso Molina an Essenza mo esto tiene hata no network layer to a yet o to toads not network toonami - Nikita - how do you see smart homes changing people's lives in the future es manatee autonomous ichigan en Ikuta Nando's kedomo ito cents ahaha tasuku Tonio TECO's in Kota no debt atomic Tonio Tama be okey no kekkai des toca attend Toto Talackova carry on art when a snow day sodoes Cobb Tony ot Hansen Elise ESO y una y bueno Valkyr - muy mas so in Japan a primary motivation for this technology is to provide a safer and more efficient environment particularly for their aging population but are there any drawbacks I just had the experience of being in a smart home are there any potential privacy implications that I should be worried about I think that there already a number of privacy implications just because it's possible to use various sensors to track your activities you track your habits in some cases end up incidences where you have a smart home where there'll be a camera built into a device to allow for various metrics to be measured but unwittingly allowing hackers to say peer into your living room and so everything is a two-sided coin where there's pros but if the security isn't addressed they can easily be used for a con and people fail to realize that yet would you live in a smart home or work in a smart office me personally I would love to because then I can get my hands dirty on all the devices test them find out issues hack them yeah but it's a normal user I would still be a little skeptical on what kind of devices I deploy because the vendors want to reach to the market quickly they are not giving as much attention to the security they just want to quickly build it up and ship it so that's where the major problem lies and then there are three major attack surface that we are going to see one is the controlling app the mobile the client-side one is the device itself and one is the cloud where the whole user data is going to be saved so we have to be very careful on what kind of data is being saved and how it is being saved as soon as this gets mass adoption at the levels at will and as soon as more data gets online how that's protected how that could be erased how can that be forgotten these issues at least from a japan context has not been debated around the world they're starting to be addressed but I think we're still in the infancy stage of what that really means what do you think businesses should be aware of when they're implementing Internet of Things strategies when you deal with IT it's not an IT issue it is a management issue it's a risk issue involves the entire company with that said it's very very important that you do cybersecurity at the design level like the automobile or the airplane if you think about it these are actually designed security first in a transparent almost invisible background manner and that's where we need to get to there's little doubt that the Internet of Things is the future because we've always sought out and embraced ways to make our lives easier but it's clear developers and consumers need to think about privacy and not just as an afterthought it might be useful for navigation for my car to know my location but doesn't need access to my social media accounts does the information that's collected by these devices need to be stored forever if most of us strive to live in the moment then perhaps so too should our data with these devices entering our homes and offices building trust through ethical use of our personal and professional data will become crucial for these technologies to truly succeed so as we adopt digital systems and products to make our lives easier we each produce exponential amounts of data about ourselves and our businesses some we willingly share but much of it we unwittingly contribute we are increasingly placing our trust in third parties does the data that's already out there need to be stored permanently do we need regulation to ensure encryption and data decay how can we protect our legacy from being exposed and used against us the responsibility for our security starts with us it's the domain of personal and professional management today we are at a crossroad adopting these systems gives us a huge advantage but we must take stock in how we manage and regulate them to protect us as individuals and as businesses

Info

Channel: The Guardian

Views: 225,781

Rating: 4.8930202 out of 5

Keywords: privacy, hacking, hackers, hacked, online, internet, edward snowden, snowden, nsa, national security agency, gchq, online security, privacy settings, privacy law, social media, internet of things, internet security, data, data mining, hacking for beginners, morris worm, loveletter worm, hacktivist, geeks, las vegas, rick roll, rick rolling, rick astley, black hat, def con, wikileaks, how to hack, the streisland effect, google, facebook, twitter, kama sutra, military, linkedin

Id: KGX-c5BJNFk

Channel Id: undefined

Length: 28min 45sec (1725 seconds)

Published: Thu Jan 28 2016