Privacy and security

I’m growing more concerned about privacy and security. Every conglomerate trains their AI models on your information. Each tiny corner on the web is scraped. It's mental.

Everything

If you ask me, ever since social media and the advertisement business model the internet turned dystopian. They've started tracking everything. Even the stuff you didn't know they were. They'll register who you message. And when. And how often. They'll track you across the internet from laptop to phone and back. Honestly, you can hide the pack of sigarettes from your wife. But not from them.

They know what channels you're subscribed to. The newsletters you get. What media you consume. The things that get you riled. They recorded the stuff you’ve said.

Are we okay with this?

I have nothing to hide

“I have nothing to hide.” If I hear this effin’ cliché one more time, I'm going to write an essay about it! Oh.

From these things, you've got nothing you rather kept to yourself?

• Financial & Payment Data
  • Google Pay, Apple Pay, PayPal, credit/debit cards
    • Transaction timestamp, merchant name and category, exact amount paid
    • Geolocation of purchase (store latitude/longitude or IP-derived location)
    • Device ID, device fingerprint and operating-system version
    • Card number (tokenized), billing/shipping address, email, phone number
    • Recurring-payment profiles, subscription status, payment failures
  • Bank accounts, loan applications, mortgage statements
    • Full account balances, deposit/withdrawal history, ACH/wire transfers
    • Overdraft events, declined transactions, ATM withdrawal locations
    • Credit-bureau pulls, credit scores, debt-to-income ratios
• Retail & Loyalty Programs
  • Grocery & big-box loyalty cards
    • Every UPC-scanned item (brand, variant, price), purchase frequency
    • In-store visit times, receipt-itemized preferences (organic, gluten-free…)
    • Coupons clipped/redeemed, digital-offer click-streams
  • E-commerce sites (Amazon, eBay, etc.)
    • Browsing history, "abandoned carts," wish lists, product reviews
    • Wishlist shares, gift registries, "you might like" AI-driven suggestions
    • Return/exchange habits, refund requests, customer-service transcripts
• Online Behavior & Digital Footprints
  • Web search engines (Google, Bing)
    • Full search queries, clicked results, time-on-page, scroll depth
    • IP address, inferred interests, saved "My Activity" archives
  • Browsers & ad networks
    • Cookie IDs, cross-site tracking pixels, device/browser fingerprint
    • Ad views, ad clicks, demographic segments (age, gender, income bracket)
    • Frequency caps, retargeting buckets, look-alike audience profiles
  • Social media platforms (Facebook, Instagram, TikTok…)
    • Posts/photos/videos, likes/reactions, comments, shares, saved items
    • Friends/followers lists, group memberships, event RSVPs
    • Direct messages, metadata (timestamps, IP), facial-recognition tags
    • Location-tagged posts, live-video geofencing, "Nearby Friends" logs
• Communication & Location Data
  • Email providers, messaging apps (WhatsApp, Signal, Slack)
    • Full message contents (unless end-to-end encrypted), attachments, metadata
    • Contact lists, group chats, read receipts, call/video-call logs
    • Device sync logs, backup archives, AI-driven "priority inbox" labels
  • Mobile carriers & apps
    • Call detail records (caller/callee numbers, durations, cell-tower triangulation)
    • SMS/MMS content metadata, SIM-card serial, device IMEI/MAC addresses
    • Continuous GPS tracking (maps, fitness apps, ride-hail pickups)
• Health & Biometric Data
  • Wearables & fitness apps (Fitbit, Apple Health, Garmin)
    • Heart rate, sleep stages, step counts, calorie burn, workout routes
    • Continuous blood-oxygen, ECG snapshots, menstrual-cycle logs
    • Third-party data sharing: labs, telemedicine providers, corporate wellness programs
  • Medical records & insurance claims
    • Diagnoses (ICD-10 codes), doctor's notes, lab-test results, imaging scans
    • Prescription history, pharmacy refill schedules, pill-count adherence
    • Insurance pre-authorizations, claims approvals/denials, billing codes
• Home & IoT Devices
  • Smart speakers, cameras (Amazon Echo, Nest)
    • Voice recordings, activation transcripts, ambient-noise snippets
    • Camera footage, person-detection events, face recognition embeddings
  • Smart thermostats, lighting, locks
    • Temperature schedules, occupancy-sensor logs, door/unlock timestamps
    • Energy-usage patterns, automation rules, geo-fence triggers
  • Connected appliances (TVs, refrigerators)
    • Viewing habits, shopping-list entries, grocery-order histories
    • Firmware-update failures, error-codes, support-ticket logs
• Government & Professional Records
  • DMV, passport/visa applications
    • Full name, birth date, address history, eye color, height/weight
    • Photo ID, fingerprints, signature samples, application notes
  • Tax authorities, voter registrations
    • Income statements (W-2s, 1099s), deduction details, audits, liens
    • Party affiliation (where recorded), voting history (where public)
  • Employer & education records
    • HR files: salary history, performance reviews, disciplinary actions
    • Academic transcripts, degrees, extracurricular activities, attendance logs
• Derived & Predictive Profiles
  • Data-broker aggregates (Experian, Acxiom, Oracle)
    • Psychographic profiles: personality traits, lifestyle segment, political leanings
    • Risk scores: credit, fraud, insurance underwriting, criminal recidivism
    • Purchase-propensity models: auto-intenders, travel planners, luxury shoppers
  • Advertising & personalization engines
    • Real-time bidding profiles, cookie-based retargeting IDs, lookalike-audience seeds
    • Email-deliverability metrics: open rates, bounce/unsubscribe history
    • A/B-test participation, content-preference clusters, churn-prediction flags
• Metadata, Logs & Miscellaneous
  • App-analytics SDKs (Crashlytics, Mixpanel)
    • Crash reports, stack traces, user-flow funnels, retention cohorts
    • Feature-flag exposures, in-app purchase events, session durations
  • Any connected service can store
    • Timestamps, UTC offsets, sequence numbers, client/server latency
    • Encryption-key fingerprints, API-token usage, rate-limit exceptions
    • Consent logs, privacy-setting versions, consent-withdrawal events

You still here? Yeah. Scary. And we all act as if this is the most normal thing ever. Sure, you’ll have to trust some organisations. And we can’t do without in exchange for some luxeries. But this? This is madness.

What’s the worry?

“This information is collected. It’s scary but so what?”

I hear you. Let me share my concerns: The most frightening fact is that your information is stored in someone else their database. You’ve lost control over it. You don’t know what happens to it. It could be bought. It might leak. You don't even know it exists!

Sure, this information being available opens you up to identity fraud and targetted scams. Sounds dangerous, but you’re careful. No worries there.

However, your ideology and your political convictions are out in the open, too. And who you mingle with. The things you bought. Everything that is in the huge list above will be up for grabs at one point.

And there is where it gets dangerous.

Knowing this, a bank might not give you a loan. A potential employer might not want to take the risk hiring you. Decision are being made for you because of the information out there.

Are these examples illegal? Yes. Hopefully. Do the decision-makers care? Unlikely.

Consider the possibility that your actions become punishable by law. Do you trust today’s and tomorrow’s governments? Do you trust them not to blacklist you because you searched “VPN services”? No consequences of expressing your opinion on same-sex marriage? Making statements about a certain war?

Privacy is personal. It is the awareness that the more you give up, the better malicious actors can target you. Regardless that actor is your government or a terrorist group. Or when your government are the terrorists.

Think twice about what information you share with who. Who you trust. Whether it’s the company hired by your doctor to hold your medical records or the new app everybody uses.

How can you protect your freedom if you don’t protect your privacy?