Skip to main content
About KTH

Before you swipe, remember your privacy

Published Feb 04, 2015

You give up more than your money when you make purchases by mobile phone or bank card. Every non-cash transaction sends a new stream of personal data to the government, insurance companies and anyone else who wants your personal details. A KTH computer science researcher explains what you need to know — before you swipe.

Before you pay the check with that credit card, consider what else you are handing over.

Bank cards, smartphones and tablets haven't just made our lives easier — they've made it easier for governments, businesses and even individuals to map out the details of our private lives.

Targeted marketing is the most visible sign that we're being tracked, but computer science researcher Gerald Q. "Chip" Maguire Jr. sees another, more troubling trend. "The social control increases with the computerization of society," he says.

"Merchants can target direct marketing to you, or sell information to others. And health authorities can obtain your data to see if you're risking your health by what you eat and drink."

Gerald Q. "Chip" Maguire Jr.

Knowing the risks of making your data available is key to making the right choices, he says. Maguire advises people to use cash rather than credit cards.

"You give up your privacy when all of your transactions are electronic. All it takes is having dinner at a pub in Stockholm and paying by card," he says.

Maguire points out that if, as in Sweden, the pub's cash register is connected to the tax authority, the government can assemble a record of your purchases and surreptitiously assess the accuracy of your income tax reporting. Health systems or insurance companies can also obtain the data to see if you are risking your health by your choice of food or drink.

Data from your purchase can also be used to determine whether or not you are home, which would be useful for a burglar or a stalker. Further, the data can show what your favorite food or drink is, and therefore be sold for direct marketing.

Maguire notes that while some people value their privacy very high, many people do not care at all. Nevertheless, he says it's important to spread knowledge about what actually happens when you pay by card.

"For those who care about their privacy, it is becoming increasingly difficult to maintain it — especially in countries like Sweden, where cash is becoming increasingly difficult to use. In many cases here, it's no longer even possible to pay with banknotes or coins."

Katarina Ahlfort

Professor Maguire's advice on internet privacy

1. "Use cash."

2. "Customize your life on the internet according to your ideals, doing the things you believe in. Opt out things you can not stand."

3. "Face the facts: keeping secrets on the Web does not work. As soon as you do anything on the Internet, then your actions are possible to observe by anyone having an interest in mapping and monitoring them. Whether that's worth the money and effort required to follow someone, that's another thing. But technically, it is always possible."

4. "Many years ago, I began to propose the use of a "black" credit cards, unrelated to personal identification. All transactions appear to go through a bank or other intermediary server. The server mixes different networks to break the link between the card user and transaction, and ensures that the card owner can only use their money once. A similar solution can apply to a bus pass. A group of people with season passes for the local transit system, SL, mix their passes and randomly exchange them with each other throughout the year. Then it is no longer so easy to use that information to identify how a particular individual travels over time."

5. "When using debit and credit cards, think carefully about what you want and need to reveal - exactly how much information do you really have? Why should you need to provide a wealth of detailed personal information, for example to be able to see a play, buy a book, go to a museum, buy a train trip ..."

6. "Remember that your e-reader not only reveals what books you have downloaded, but also how much time you spend on each page, the order in which you read pages, which chapter you are reading or not reading ... All that information can be obtained through your mobile phone's built-in technology coupled with where you are. So now it is possible to register if a person is reading a chapter of "The Anarchist Cookbook" at an airport, or perhaps in pharmacy queue waiting to buy peroxide."

7. "No complete anonymity is guaranteed on the Internet, but anonymity services like Tor and TAILS are effective, at making the monitoring process more irritating and expensive. The system prevents the computer from writing down data information to the disk, and the tool encrypts all information. If it's about keeping things secret from the neighbors, it is definitely worth going for; but if you want to hide data information from the government, it is useless to even try."

8. "As soon as you communicate something close to a person who has a mobile phone then you should act as if someone is listening to what you say. The call will in many cases be available in plain text with your telephone operator. But it is technically possible to protect conversations through technology such as Voice over IP (VoIP), in combination with Secure Real Time Protocol (SRTP) and MIKEY, according to a Licentiate thesis of the Royal Institute of Technology researcher Elisabetta Carrara. (http://kth.diva-portal.org/smash/record.jsf?pid=diva2%3A14269&dswid=1212) .I use a mobile phone less than twice a year, otherwise I have it turned off. For the last decade, I have not had a work phone."

9. "Remember that today there are institutions that use MOOCs (Massive Open Online Courses) to track what individuals do in study situations, i.e. how they learn, how they fail, and so on. The information is then processed by companies that are studying how to strengthen human learning."

News archive