Babylon by Laptop: The Tech Service Supergrass

Thursday, 13 October 2022
Bob Leggitt

Tech giants still insist that this is about marketing, but clearly, you do not need someone's retina-scans, fingerprints or digital forensics to sell them a food mixer. When corporations start angling for this kind of data its intended destination is a police database.

Laptop computer with FBI markings on letter keys and an NSA logo on screen

If you know your reggae history, you'll surely have noted the sly twist on the Bob Marley album title Babylon By Bus. Just in case anyone's unfamiliar with this particular context of the word "Babylon", it's a Rasta synonym for authoritarian forces of control and/or a generally corrupt system that works against the power of good.

Sometimes it refers specifically to the police. Sometimes to a collection of state agencies. Sometimes to an entire ecosystem of oppression, including all of its sympathisers. But it's a great term around which to build this article, because it so perfectly places all subjugative forces into one basket, and removes the distinction between government agencies and private corporations who play the exact same role.

Unfortunately, this is a distinction that some very loud voices have been keen to preserve. You may have noticed that "digital rights" group the Electronic Frontier Foundation (EFF) constantly chants down the right for police forces to surveil the public. But in contrast, the group is so cool with corporate surveillance that it actually hushes up opportunities for the public to oppose it.

In early September, this Twitter reply of mine called out the EFF for diverting attention onto their own twisted version of a barely relevant government statement, rather than letting their followers know they could partake in the Federal Trade Commission's potentially gamechanging ANPR forum event, which sought to address the problems of commercial surveillance. Predictably, the group's little band of brainwashed worshippers were mad at the completely unincentivised messenger, rather than the cash-grabbing nonprofitalist that had actually robbed them of a voice in return for a fat wad of Google hush money. But the point was at least made.

You may find it odd that a supposed public interest group would hush up one of the most important chances for the public to genuinely temper US corporate surveillance this millennium. I mean, why would a campaign group be so obsessed with preventing law enforcement from getting its hands on data, but silence a real chance to oppose a whole industry that spies on the public in exactly the same way? Surveillance is surveillance, right?

Remember who told you that Brave exposes all your searches to a renowned police informant, but more importantly, remember who DIDN'T tell you.

Well, the EFF is primarily funded by tech companies, so it's most unlikely to oppose their business interests beyond a few token fanfares and turf battles. And as far as the FTC event was concerned, the EFF would morbidly fear its followers being exposed to real privacy advocacy, and discovering that approximately 100% of what the "digital rights" movement feeds them is tech industry propaganda. It was no surprise that the group covered up the event. But that still doesn't explain why it goes to such lengths to specifically oppose government and police data access.

One suggested reason - and this is my own preferred explanation - is simply that governments and police forces currently have to buy their data via the tech industry, which makes The Man a revenue source for tech giants. And not just a revenue source, but a mountainously large one. If the EFF doesn't endlessly lobby to stop gov agencies from obtaining their data directly, says the theory, a primary tech industry revenue stream goes down the sink.

A cynic might indeed say that the EFF's unusually fervent efforts to shut down all government and police surveillance plans - even ones that actually benefit vulnerable groups - is in itself evidence that major EFF funders have an extremely lucrative revenue stream flogging data to The Man. Evidence that key players in the tech industry are secretly, or not-so-secretly serving as middlemen between the public and the police.

Ah, but the EFF does attack individual tech companies, you may say. True, but the issue of turf war still leaves room for that. If a heavy funder of the EFF has a monopoly on a certain stream of data, and a non-funder tries to muscle in with a new data grab, the EFF simply exposes the new data grab to the public, protecting their heavy funder's monopoly. And we do see precisely such one-off exposures from the EFF.

What we don't see, is a concerted attack on corporate surveillance as a whole. We see the opposite. We see the EFF actually hiding opportunities to stop it.

We don't see a call for changes in law which will stop all corporations from collecting unnecessary data. We don't see the EFF helping to enforce laws that already make that demand. When was the last time you saw the EFF even protest against tech services demanding phone numbers without need (a breach of GDPR), let alone support litigation against them? I'll wait.

Were they helping to voice this hugely emotive and extremely widely-supported complaint about Google's forced 2FA surveillance scheme, which has a catastophic impact on unhoused people? I'll save you checking. No, they weren't. Eight thousand five hundred Retweets says this is a fucking problem, and it's a problem that absolutely does not need to exist. But hey, Google gives the EFF a shitload of money, so monumentally petty corporate greed far outranks the alleviation of extreme poverty.

Without anyone asking, the EFF used the homeless as a prop when trying to protect Big Tech's data monopoly from state grabs, but it's quite happy to completely dismiss homeless people's own calls for help when Google stands to lose a petty dribble of extra 2FA data. Tone deaf on steroids.

And if you're still in any doubt, consider that the EFF have a website called Atlas of Surveillance, where they document surveillance tools. So that'll be Big Tech's surveillance tools, right? Nope, they only document tools used by police forces. As far as that site is concerned, Big Tech, by far the world's most dominant surveillance machine, does not exist.

This, then, is very much a two-tier attitude to surveillance. State surveillance bad. Corporate surveillance absolutely fine. And given that we see ongoing and overwhelming evidence that corporate surveillance IS state surveillance, this two-tier vision does not make any sense at all at face value. Only if you see tech companies as highly-paid snitches can it be made to make sense.

Concepts such as parallel construction allow tech providers to sell incriminating data to the police without ever being named as the source.

ABOVE THE PARAPET

We know from documented cases that when government agencies do buy data from tech companies they can pay eye-watering sums of money for it - in the $millions. So the money that can be made from intelligence data is not in question.

Operations such as Safegraph were set up specifically to serve as supergrasses and have profited enormously from their Corporate Babylon antics. Safegraph's data mission was in fact so blatant that the Google store banned apps containing its spyware. After becoming embroiled in the abortion-tracking uproar, Safegraph has since announced a closure of its all-access "data shop", but the idea that it would not continue to sell data directly to government agencies in private is naïve in the extreme.

Safegraph is not alone in its mission. Clearview AI is equally well-noted as a self-identifying police snitch. But these are just brands that were stupid enough to have tea and cakes with the police in the middle of the high street, rather than snitching behind closed doors like other data dealers.

Then there's Amazon. A provider whose "security" wing is indistinguishable from a police department, and who literally partners with hundreds of actual police forces. The brand epitomises the common notion of The Babylon. It obsessively and aggressively surveils the general public, and is doing everything in its power (at the highest possible levels) to destroy all unsurveilled avenues of life activity.

This despotic surveillance machine has offered the public money for hand scans. It's registered a ridiculous number of patents for biometric ID technology and is a driving force in the identification race. It's sold face scans and other visual data to law enforcement agencies. Any notion that Amazon is not a police annexe can at this point be categorised as comedy.

Brave Search exposing users to Amazon
Brave Search exposed by the Big Tech Detective browser extension for making 11 - yes ELEVEN - requests to a well-recognised police informant. You can also see the Brave Search traceroute in this post, which shows that the search engine is actually located on Amazon servers.

I will issue a reminder here that ALL OF YOUR ACTIVITY ON BRAVE SEARCH PASSES THROUGH AMAZON'S HANDS. So it's not just ecommerce that exposes people to these almighty destructors of liberty. The "pRiVaCy BrAnDs" do it too. And yes, I am lumping all "pRiVaCy BrAnDs" into one. They all know the dirty secrets. And in case they weren't already aware (which I can assure you they were), I told them directly. Response: universal silence, followed by continued sucking of Brave's shtick. So when they start calling out each other's bullshit rather than helping to spread it, I'll treat them separately. Until then, they're all part of the problem.

This is, of course, the point where any self-respecting investigative writer would say "remember who told you that Brave exposes you to a renowned police informant", but in this instance it's far more important for me to say "remember who didn't tell you".

If you want to sit back and "enjoy the Web", the price will not be tracking. It will be your human rights.

There are, then, already some names we can aim to avoid (or in the case of face recognition providers, confuse), based on existing knowledge of their collusion with the authorities.

And you don't have to be guilty to fear this. One badly-timed search or email that happens to contain the wrong keywords can get the world's most law-abiding citizen into untold trouble. Likewise a coincidental venture into crime scene territory which is transmitted by your phone and then sold as location data. And we're seeing the same prejudices cropping up in the digital world that we saw in the pre-internet age. Innocent people of colour are more likely than white people to be digitally misidentified and even wrongfully jailed, so this is a discrimination issue of the utmost seriousness, in addition to a valid concern about wrongful arrest.

UNDER THE RADAR

But what about tech brands that don't shout "Supergrass for hire!" through an SEO megaphone? Could they be selling data to The Babylon on the sly?

At first glance, it seems this would be impossible. I mean, let's say Mr X leaks a piece of classified government information in a public interest, but still illegal, whistleblowing exchange. His communications provider sells a bank of data to the police, which incriminates Mr X.

So the police now know who leaked the classified info, but surely, if this were to go through the justice system, the police would have to divulge the source of their evidence, which would mean the comms-providing supergrass being named?

No. When they need to protect the identity of a regular corporate grass, the police use a technique called parallel construction. In simple terms, they only use the info from their corporate source as intelligence - not evidence. Big corporate data provides only an initial tip-off, and the police then gather separate evidence to build their case. Because the police already know who the suspect is, they know exactly where to look for independent evidence.

They can now surveil the suspect themselves and wait for him to incriminate himself again. If that's not possible they can monitor from the other end of the exchange. Watch the end recipient of the info, or another person in the chain who is much less likely to be on guard. They can warrant records from ISPs. Buy location data from a data broker. Approach security providers for CCTV footage. The police already know where Mr X was. And they know what time he was there. Once they can join everything up with admissable evidence, the original corporate data source is out of the picture. But without that original source, the identity of Mr X would never have been found.

This is just one of the many landslides of freedom that the wider public are not going to wake up to until they're full-on prisoners in their own homes. The tech industry is already angling for biometric data, which will inevitably end up in the hands of the police, and the most brainwashed members of the public simply shrug. My generation has seen a progression that looks like this...

1992: "Begone, Babylon filth! I will disfigure my hands in acid before I ever give you a single fingerprint!"

2022: "So I can have dark mode for a full 28 days, and all I have to give you is my entire biometric profile? Where's the catch?"

Clearly, you do not need someone's retina-scans, fingerprints and digital forensics to sell them a food mixer. Only people who have been brainwashed to the brink of lobotomy could possibly think this has anything whatsoever to do with marketing. When corporations start angling for this kind of data, its intended destination is a police database.

HOW DO WE COMBAT THIS?

Brainwashing to the extent described above only affects a minority. In fact, most people are already saying no when they recognise that surveillance giants are straightforwardly trying to grab what's essentially police database fodder. The response to Amazon's cash credit for hand scans offer has been very poor indeed. The problem is that if the surveillance giants can't get in via the front door, they go via the back door. This has happened again and again, and it can be extremely hard to spot.

The actual data harvesting resource may be two or more steps away from the general public, behind a public-facing business, and then, say, an intermediate verification app. The chances of the public finding out that the biometric data is being processed through a Silicon Valley giant are approximately nil. So we have to simply refuse to provide ANY biometric data, to anyone, unless the request is accompanied by a police warrant.

This WILL mean making sacrifices. Some locales are already seeing organisations attach the conditionality of biometric verification to trivialties such as refunds. For centuries, refunds have been perfectly simple without the recipient being added to a police database. So why are public-facing enterprises starting to head down this road of clear human rights violation? Simply, because tech giants incentivise them. If we won't accept Amazon's measly £10 in exchange for human rights abuse, there's a whole line of potential middlemen who will. Welcome to 1984.

We have a new Babylon, whose tentacles reach into every corner of our lives. As time progresses, life will become almost impossibly difficult for anyone who clings to their human rights. And let me tell you here and now, the fake-ass collection of commercial "pRiVaCy ToOl" providers will not save you. Vivaldi has already ditched its formerly incessant "PRIVACY!" chant, and the rest of them will do the same when it ceases to serve their marketing needs.

The privacy chant is JUST, A GIMMICK. You cannot resist a system which is co-opted at government and infrastructure level, by using some alternative browser, search engine or communication service whose provider has no other monetisable product but YOU. Freedom comes with big-picture sacrifice and inconvenience. If it's got "cool features" and it feels no different from using Big Tech, it has nothing at all to do with privacy or freedom. If you want to sit back and "enjoy the Web", the price will not be tracking. It will be your human rights.

Let me show you what I see when I browse the Web...

Stack Overflow sparse interface with all third party content blocked

If you instead see stackoverflow.com like this...

Stack Overflow normal view with some 'third party' content loading

You are not insulated from third-party trackers. If you're ready to endure a much less friendly vision of the Web, and comprehensively block the third-party stalkers that ALL "pRiVaCy ToOlS" are currently letting through, you could start by setting up a full third-party content-blocking rule as described in the content-blockers post. Also try out either Big Tech Detective or Cloud Firewall, if only to gain a sense of just how many supposed privacy resources reside on a recognised police informant's servers. Yes, it's all still a lost cause in the long term, but at least you can say you tried. At least you can say you fought a real fight, and did not chant for your own subjugation.