Conversations about life & privacy in the digital age

Staring Into The Black Mirror

These dark, reflective surfaces are everywhere now. Whether you’re out at a club, in an art gallery or just sitting at home on your sectional couch, it’s more than likely that there are multiple devices in the same room as you. They’re impossible to get away from as now they have become essential for people’s professional life and for their social one too. The question is whether this is a problem that needs to be reassessed or a fantastic force for good. One of the most important aspects is that a lot of these items share a trait and that is their near constant connection to the internet.

Pretty much every single new mobile phone, tablet PC and laptop is online or has the capacity to be online. Long gone are the days where wires were necessary. Now it is as simple as checking a single box in the “settings” part of your device and you’re ready to go. The entire world is now at your fingertips, literally. This must be having some kind of effect on people and one of them is that people are becoming more and more relaxed about being online, and in turn about how much personal information they allow to be stored there.

Constant technological advances have completely changed large parts of the world, and as technology becomes cheaper its spread becomes wider. The number of devices connected to the internet has surpassed 8 billion in number, with some reports suggesting there will be 30 billion of them in 2015. We are always connected now and this means people are open to see everything from your wedding day to your breakfast, but is this really a problem? A lot of this information is trivial with anything important hidden in a sea of low quality photography and inane status updates.

Of course the depth of the sea does little to put off salvage divers, and if people want your information they will make an effort to find it. So why is it that when people are still wary of giving out details over the phone they are perfectly happy to do it in an instant over the internet? The numerous stories of successful internet scams are testament to this. It’s hard to believe someone falling for the Nigerian prince scam over the phone, isn’t it?

The internet is no longer a scary place to people. It has lost its intimidating demeanor along with hellish dial-up noises, modems and wires. The world wide web now sits neatly in your hand just waiting to order you a pizza with any special request you desire, and all without the hassle of having to talk to a real person. This is the issue.

The internet has become easy to use and inviting to everyone while at the same time being de-personalised. You can use a website like Facebook for years without ever having correspondence with a real member of staff. Everything is automated for you and it becomes easy to forget that Facebook is a company like no other and that it stores everything you do. You are now welcome to download all of the information Facebook has on you, but rather than serve to relax the customer it is in fact a stark reminder of how lax you have been with your own security.

This may sound like hyperbole, but feel free to try out a little experiment for yourselves. If you so wish, pick a random friend from Facebook. You don’t have to know them personally, but as long as they’re pretty active they’ll do fine. Try as hard as you can to glean as much information from their profile over the space of a month. The amount of data you would have at the end of those 30 days may come as a shock to you.

Thanks to the check-in option you will have known exactly where they’ve been, for what reason, and at what time. You’ll know what job they have, what clothes they’ve been wearing and most of the activities they’ve undertaken. You will have learned a large amount of their interests. Most worryingly of all you’ll most likely know where they live and a rough schedule of their life. This sort of information is a goldmine for stalkers and companies alike. But with bills like SOPA (Stop Online Piracy Act) and ACTA (Anti-Counterfeiting Trade Agreement) being just the beginning of government attempts to find the place in the virtual world, it is easy to imagine other sinister uses for your personal data. Oppressive regimes around the world already try to employ these tactics, but even now the British government is trying to bring in a law that will allow it to see everything you do online in real time.

It isn’t all doom and gloom though. There are some very simple ways to help keep you in control of your information online. The first and most obvious step is to simply consider what you post online and what is linked to you. A search of your own name with a few defining parameters like your location could bring up a few surprising results. You could of course remove yourself from websites like Facebook, but it pays to be realistic here.

Facebook and other social sites aren’t essential to you, but they’re very important. Just remember, you control what you post online so make yourself your own filter. If you’re worried about companies gaining to much info on you, try to switch to open source alternatives. Rather than Microsoft Word, use Open Office; rather than using Apple’s operating systems change to Ubuntu; or rather than Photoshop, make use of GIMP. The best thing is they’re all free too.

There are simple solutions all over the internet to help you learn what data you should be giving out and to whom. If you really want to go all out, I would suggest using the Tor Browser and converting all your money to Bitcoins. In turn though, that is probably the equivalent of moving into a bomb shelter permanently on the off chance you may get attacked. All you need to do is pay attention. It’s not the time for complete online anonymity yet, but it’s never bad idea option to keep u with the game and keep your options open.

Increasing Transparency Alongside Privacy

Privacy has been and will always be a priority for SpiderOak. Everything we plan for and develop makes reference to our ‘Zero-Knowledge Privacy Standard’. That said, we are now learning more about ‘transparency’ and its importance alongside privacy.

As mentioned in an earlier post, we have been working with the Electronic Frontier Foundation (EFF) over the last few years to better understand how we can increase our efforts around fighting for the rights of our users. As we are learning, our ‘Zero-Knowledge’ privacy covers one aspect but a commitment to transparency is also critical.

As such, we have produced the following Transparency Report that covers all activity over the last year. Please review the following:

SpiderOak Transparency Report

SpiderOak is committed to keeping our users informed about all the activities surrounding their data and the constant protection of their privacy. We will continue to work with the EFF and other organizations to improve our outreach and understanding so that you all – our users – can benefit from a fully transparent and open environment. To that end and has been asked previously, we do plan on implementing a warrant canary as part of our new website launch which is expected to go live in the next few weeks.

As always, we greatly value your thoughts and feedback so please don’t hesitate to send further thoughts or questions anytime.

SpiderOak Privacy Policy Update

At SpiderOak, our user’s privacy is valued above all else. This is the reason behind our ‘Zero-Knowledge Privacy Standard’ and why we will continually put privacy first as we develop into the future. With this in mind, we would like to inform our users of an update to the SpiderOak Privacy Policy. The changes can be summarized as follows:

1) Edits to the Better Business Bureau contact information

2) Include more firm and direct language around contacting a user should their information be requested by a third party

Regarding the second point, we have been working closely with the Electronic Frontier Foundation (EFF) over the last several years as we believe strongly in their mission – to fight for the digital rights of all users. During a recent conversation the EFF suggested we remove all possible doubt around the area of disclosure in the event that we are contacted by a third party to access data stored on our servers. To that end, we have included the following paragraph under our the ‘Disclosure’ section:

“SpiderOak’s policy is to notify a user of a request for their personal data stored on our servers prior to disclosure unless prohibited from doing so by statute or court order [e.g. U.S.C. § 2705(b)].”

To be clear, it has been our policy to make contact with any user should we be approached by a third party for the purpose of accessing a particular user’s data. The addition of this paragraph more plainly states our stance so that there may be no confusion or room for interpretation. I will add briefly that we have not yet been asked to relinquish end user data which we attribute directly to our ‘Zero-Knowledge Privacy Standard’.

Please feel free to send additional thoughts or questions about this change and/or any of our policies around protecting user privacy. We will continue to work with the EFF and others to ensure the rights of the user come first and foremost.

A special thank you to the EFF for continuing to help spread the word and draw that all-important line.

Living the CloudLife: Cloud Computing 101

Ever wonder just how far into the clouds you and your data are traveling? You are likely using multiple cloud-based services (including SpiderOak, we hope). Google offers software as a free online service to billions of users across the globe. The Internet giant hosts a set of online productivity tools and applications that live in the cloud such as email (Gmail), word processing (Google Docs), calendars (Google Calendar), photo sharing (Picassa), and website creation tools. And whereas you may not think of those services in ‘cloud’ terms, that is exactly what they are. So when someone asks you to define cloud computing, it may seem difficult at first to explain. Try asking that question to 5 of your friends and you’ll probably get five different answers.

There are many ideas of the ‘cloud’. Often wrapped in marketing lingo, definitions fly all over the net. And while they don’t clearly define cloud computing and what makes it different, they sure make it sound good. In essence, cloud computing means having every piece of data available via the Internet anytime you need it. Wikipedia defines it as “the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet).”

Do you (or can you) remember when there wasn’t a cloud? Before the cloud emerged, there was software-as-a-service computing. Instead of data pipes and routers and servers, the cloud brings full fledged services. The underlying hardware and software of networking remains of course but there are now higher level service capabilities available to build applications.

Every day new start-ups present options for cloud computing. If we follow these trends, the computer merely becomes a gateway into the cloud – removing the need for onboard storage and freeing consumers to leap from one device to another depending on their requirements.

The days of downloading and installing memory-hogging applications on their device will be gone and replaced a powerful Internet browser capable of accessing and computing. However, we are not quite there yet as there are many drawbacks to this system still. The first is accessibility as we still don’t live in a fully connected world where the Internet is accessible everywhere. Further, there are critical security and privacy concerns and who ultimately has access to what data (an issue we worked hard to solve at SpiderOak with our ‘zero-knowledge’ privacy).

The idea of handing over critical data to a 3rd party company still worries many people – and with good reason. Ultimately, users adopt a hybrid approach where some data lives in the cloud and runs off of cloud applications while other more valuable data stays firmly on their machine.

As you are aware, we at SpiderOak are very passionate about privacy and security. In fact, the founders – Ethan and Alan – created SpiderOak to dis-spell the myth that just because data is online doesn’t mean that it cannot be completely private. We believe, as hope more and more companies will agree, it is in the users best interest to employ the most advanced techniques around protecting user data. This will only grow in importance as the cloud becomes more ubiquitous.

Another somewhat lesser known complaint about the ‘cloud’ relates to outages. In the ‘cloud’ world, we have come to expect that data should always be available. And when it is not we become very very impatient and frustrated. For example, imagine not being able to access email or an important business document. All companies suffer from outages as nothing can be perfect all the time (including us humans). Amazon, generally considered the gold standard, had devastating downtime last year that had millions of users suffering. Though no company can promise an outage-free service, there are methods in place to quickly restore service and make sure data is not lost.

Despite some of the drawbacks and a bit of hype, cloud computing remains a critical trend. Many of you have voiced your opinion on Facebook and Twitter on cloud computing. We would love for you to also sound off in the comments. How would you explain cloud computing to your mother? What do you think of cloud computing? What are some of your predictions for the next 5 to 10 years?

I’d love to look back at this blog post in 5 to 10 years to compare your thoughts!

New Browser-Based Signup Process & Maintaining ‘Zero-Knowledge’ Privacy

One of the things that has always made SpiderOak unique is our ‘Zero-Knowledge’ privacy policy. ‘Zero-Knowledge’ means no one at SpiderOak has the ability to access your data – ever. Even if we wanted to access your data or received a subpoena to do so we could never turn over plaintext data. This is accomplished by encrypting all data on your machine before it is sent to us, using encryption keys generated from your password.

With this new version of SpiderOak, we are changing our signup process to include password creation in the browser. But how can we do this and ensure ‘Zero-Knowledge’ privacy? Isn’t creating a password on the web (via a browser) in clear violation of how we maintain our security?

The short answer is that we hash your password before sending it to our servers. A hash is a one-way algorithm such that there is no way for us to reverse the hash and figure out your password. When you try to login for the first time, we hash your password again in the client and compare it to the hash stored in our servers. If the two match we know that you entered the correct password. We use a javascript implementation of bcrypt to do the hashing. This gives the convenience of a simplified signup process while maintaining your privacy. And if you don’t trust this process, we encourage you to disable javascript during signup and you will be not be prompted to create a password in the browser.

Now to focus on our motivations for making this change. We used to have everyone signup in the SpiderOak application which was great from a security perspective; however this process was awkward for customers who are used to signing up for services on a website instead of downloading an application first. It also didn’t work well with tracking behaviors – most notably our Refer-A-Friend program. Previously, when someone followed a Refer-A-Friend link to our website we had no way to know when they signed up in the application. We had a system that was pretty good at guessing after-the-fact but it was slow and often missed signups. It could take up to several weeks to get credit and sometimes the user wouldn’t get credit at all.

We needed a better solution so we conceived a way to move a portion of the signup process to the web. Since password creation was still handled in the application, we needed a way for the user to identify him/herself when the application launched on their computer for the first time (otherwise anyone could steal the account before a password was created). We accomplished this connection through generating activation codes. This system solved the Refer-A-Friend problem but activation codes proved to be a bit clunky. People would lose them or not understand what they were for.

That brings us to today. The goal of any signup process is to make it as easy and seamless for the user as possible. In our case, we also always have to keep in mind our user’s privacy which adds to the complication. With this new process in place and thanks to bcrypt, we have a much simplified process while maintaining our important ‘Zero-Knowledge’ privacy.

In the end, privacy isn’t just something we seek for additional challenge but rather a philosophical approach we believe in deeply; we have never been willing to abandon it for convenience. That said, we are always looking for ways to provide our high level of security in simpler and more usable ways. I believe that this change accomplishes our goals.

Do Not Track

I remember the chills that ran up my spine and the quickening of my heartbeat when I realized someone was following me in the grocery store. It was an initial exchange of smiles in the produce section that turned into multiple disturbing encounters throughout the store. I was deciding between various flavors of rice when I noticed he was standing by the pastas. I was reading the nutritional content on a container of yogurt and noticed he was peering over at me from the jugs of milk. This continued on.

It was broad daylight and there were plenty of people milling around so I didn’t feel terribly threatened, just totally creeped out. Did this person think he knew me? Was he working up the courage to ask me out? Or was he evaluating how a fit 34-year old mom kept her kitchen stocked? Whatever the motivation – innocent, vicious, or somewhere in between – this person was invading my space. I didn’t give him permission to accompany me. I wasn’t followed out of the store but I did leave feeling violated.

When I became aware of the online companies that have been tracking what I read, watch, and listen to – I was overcome with a similar feeling as I described above. One Sunday morning, I overheard a debate on a news show on this very subject. One gentleman was pointing to Facebook and how their users are volunteering their information; therefore, the personal data is fair game and the company has a right to it. But the last time I checked my account settings, the update I chose to share with my select circle of friends was intended for them, not for everyone who has a Facebook account, and not for the people who work at Facebook, and certainly not for the creepy guy in the grocery store.

A month or so ago, I received the announcement from Groupon, the deal-of-the-day discount site, regarding its new partnership with Expedia and its updated privacy policy which includes sharing my information between the companies such as my birth date, where I reside, where I’ve traveled – even my current location should I use it’s mobile application. Hmmm, all this in the spirit of more customized deals? I’m getting those chills again…

Had I found the manager of the grocery store that day and reported what I was experiencing, I’m 100% confident he would have personally escorted my stalker out the door. Perhaps a security guard or police officer would have gotten involved. I find it unsettling that companies are now helping themselves to this data without so much as asking – not dissimilar to those spying eyes. Is it necessary to better understand me as a customer? Would they send better deals my way?

Herein lies the real dilemma. It is easy enough to shop at a different market as there are plenty around the city. And if I can’t find the exact item I like then so be it. However, am I supposed to completely disengage from sites like Facebook and/or Groupon? Is that possible? Realistic? The larger companies like these get, the more complicated these privacy issues become. What do you think?

H.R.1981, the end of online privacy as we know it.

The sponsors of bill H.R.1981 are not stupid people. By naming a bill ‘The Protecting Children from Internet Pornographers Act of 2011′ they have managed to take a piece of legislation that could be the worst threat to online privacy ever and make it virtually impervious to critique. Who will stand up and vote against the safety of our children?

So what does this piece of legislation hold that could possibly threaten online privacy?

Bill H.R.1981 contains legal responsibility for any Internet Service Provider to keep detailed records of “your Internet activity for 12 months, your name, the address where you live, your bank account numbers, your credit card numbers, and any IP-addresses you’ve been assigned.”

To be honest, these are characteristics that a lot of Internet Providers most likely already know. The real difference here with the Bill is how they would easily they could then provide this information to law enforcement. It’s an intricate set of rules whereby the government agencies have to go through the process of… well… just asking for it. Yep, that’s it.

As the bill is written – any person under investigation of a crime (or possibly even civil matters such as custody battles or divorces) could look forward to having an extensive part of their life accessible without warrant or cause. As Rep. James Sensenbrenner says, (R-Wisc.): “It poses numerous risks that well outweigh any benefits, and I’m not convinced it will contribute in a significant way to protecting children.”

So what are some of the obvious risks of this new legislation? Well as many people know, losing your credit card or having your identity stolen is a horrible experience. Can you even imagine what kind of damage could be caused if someone got a hold of all this information PLUS your web habits and login and passwords? (See. Update)

Consider a scenario: Someone steals your web habits and your identity. How do you recover your identity and credit when the first thing the hacker does is cancel your credit monitoring service account and then sends your power bill, bank account, and new drivers license to your ‘new address’? All this would be possible if someone gained unlimited access to the email, personal information, credit card number, surfing habits, and login/password to web services that are used by many people daily and are the very items which would be compromised. (See. Update)

Many people today live a life where everyday services such as email, banking, document handling, photos, social media networks, and data storage are as important as the documents you carry in your wallet. With this in mind, how can we allow the government unlimited access to such an extensive part of our lives virtually without restraints?

Equally as important, how can we allow companies with anything but stellar security track records providing us unqualified services to have virtually unlimited access to all parts of our online life?

To protest H.R.1981 you can visit the Electronic Frontier Foundation Electronic Frontier Foundation and fill out a one-click petition against the bill.

UPDATE: After further investigation and as hacker news user; ‘skymt’ pointed out (thank you) bill H.R.1981 amends the current bills storage of only the assigned IP-address of the consumer, and not explicitly Internet usage records. One possibly argue that it is likely that this data is also available for the ISP. However, the does NOT state that these shall be stored or made available.

FBI Wants Your SpiderOak Data; North Korean Hackers Steeple Fingers in Anticipation

The FBI is again looking to circumvent cryptography to expand their wiretapping capabilities. They want to require that all service providers (like SpiderOak) give them a back door to encrypted communications. To be clear, we have not, nor will we ever, give third parties access to your private data. It so undermines the very core of what SpiderOak believes in, that we would sooner go to jail than comply with such an odious requirement.

Such a provision would put us on a short list. Several countries currently have laws that require decryption keys to be produced on court order, but I could find only one country that requires plaintext access on demand: Iran[1]. Not even China, a country often cited for its severly restricted freedom of speech, has such a requirement.

Aside from the obvious Orwellian issues, there’s a simple technical argument against crypto backdoors: Any cryptographic system that can be broken, even if it’s only by one person, is not secure. It wholly defeats the point of cryptography. Any backdoor made available to the FBI might be found by people with less noble intent, rendering the encryption moot. A lot of our daily life depends on crypto — would you trust your bank knowing that there was a hole in their security just waiting to be found?

And yes, we have a passionate interest in security because it’s our business. If this becomes law, it will terribly pervert or destroy SpiderOak, but ultimately, this is about you. It’s your data we have here, and we want to protect it. Help us help you by raising awareness and contacting lawmakers to make sure this doesn’t get any further.

[1] Crypto Law Survey

Privacy Does Matter – Or At Least It Should

Far be it from me to challenge one of my colleagues but a friend passed me a recent article that I thought was worthy of a post:

Google chief: only miscreants worry about net privacy

In reading, it would appear that Eric Schmidt at Google believes that anything uploaded/sent/transmitted through the Internet should be of a public nature – ANYTHING. He goes on to claim that if you would not want someone else to be privy to what you are sending through the wires then perhaps you shouldn’t be doing it. This strikes me as a bit odd.

In stepping back from the absurdity of this assessment, I suppose we find a man who has no other choice but to make this claim. The vast information Google has at their fingertips – Gmail, Google Docs, Google Analytics – and the further fact that it is and/or can be made into a readable format without consent from the ‘owner’ makes it a prime source and target for everyone from the government (hiding behind the Patriot Act) to a rogue hacker looking to ‘poke’ around. And hiding behind the idea that people simply shouldn’t be doing anything that they might find of a private nature on the web is his only real defense against this attack. And I suppose he is a bit too far down the path to turn back now.

In asking the SpiderOak staff what they thought – here are some of their reactions:

“I think it was a stupid thing to say but I also think it’s being blown out of proportion. The appropriate response isn’t to attack Google or Schmidt, but simply to the make the point and emphasize that privacy is a basic right.” – David H

“One of the most important agreements embedded into our Constitution via provisions in the Bill of Rights is a reasonable expectation of privacy, particularly in one’s home, one’s beliefs, and one’s words, letters, and effects. I think it is particularly poignant that these provisions make no mention of the technology involved, and that an evolution of the tools we use should not be paired with an erosion of our values, regardless of the extra work that creates.” – Bryon R

“The first comment has a picture of big brother and the appropriate comment. Ford routinely searched worker’s houses claiming ‘If you haven’t been doing anything wrong, then you don’t have anything to hide’.” – Andy B

“I think that there is a difference between ‘Having something to hide’ and the fact that everyone controls information that they wish to keep private. If you want to keep something private yet accessible to yourself online you should have access to tools that allow you to do so.” – Daniel L

“Schmidt must realize this is the same asinine line of thinking that justifies the invasion of even your most basic privacies. You don’t want someone tapping your phone? Well, you shouldn’t be talking about anything private, like your medical history! Don’t want someone reading your email, or even your snail mail? Better not be saying anything about your significant other that you don’t want the world to know! There’s an infinite number of reasons why I might want to keep my conversations or my actions private – and I’m not even going to justify them, because they’re none of Google’s business.

“There is a WORLD of difference between understanding that you need to be careful in any environment where your privacy is uncertain and claiming that privacy isn’t even necessary unless you’re doing something illegal. Shame on you, Google, for taking this Big Brother-esque stance on privacy, especially now that so many people trust you with their privacy on the web. There is no excuse and no defense for your remark, Schmidt, and I think you know it.” – Laura G

“My response is private.” – Doug F

As for my own thoughts, albeit self-serving, this is precisely the reason we developed SpiderOak’s ‘Zero-Knowledge’ privacy approach – combatting the idea that all information passed online should fall within the public domain. Who among us doesn’t have emails, financial documents, pictures, and other such digital content that we would rather not display or know could EVER be displayed publicly. And yet, why should we be in a position where we cannot benefit from the technology that exists today without running the risk of exposing thoughts, ideas, or content. Furthermore, how can someone else tell us how we have to think about this issue (especially when that someone is in control of a significant portion of this information).

Privacy does in fact matter. It is important. And the thoughts we have, pictures we snap, comments we make deserve the right to benefit from the flexibility of being online without having to be needlessly exposed at whim and without our consent.

Eric: I am sorry for having to disagree with you although I do understand the predicament that you find yourself. However, if you are secretly concerned, I would be more than happy to offer you a free SpiderOak account…

Online Privacy – Strange Bedfellows…

Normally, when people think of ‘online’, privacy is definitely not the first, second, or fiftieth thought that comes to mind. If fact, people generally exhibit quite the opposite response and conjure up images of complete nakedness. After all, the modern-day Internet has evolved mostly for the purpose of providing instant exposure, distribution, and presence to the world over. The question then becomes, can the value of the Internet extend beyond nakedness?

One of the driving purposes behind SpiderOak was to dispel the notion that just because data is online means it can no longer be private. The goal was simple – devise a plan where a user’s files, filenames, file types, folders, and/or any other personal information is never exposed to anyone for any reason (even under government subpoena). This of course includes the SpiderOak staff who – even with physical access to the servers upon which the data resides – should never be able to see or interact with a user’s plaintext data. Creating this environment, however, would prove more difficult than simply making these statements.

In the beginning, we grappled with how best to accomplish this feat – creating ‘Zero-Knowledge’ privacy as we call it. Most of our competitors and thousands of other companies make claims and statements about security and privacy but, at the end of the day, they would all fall short of achieving our aforementioned goals. To use the most general example – if a company can reset your password, it means someone in the company has access to your encryption keys (if they encrypt the data) which further means they can access your data if they ‘had’ to or, worse yet, someone else could with far worse intentions.

A more specific case is Mozy’s use of encryption. Mozy’s encryption is far better than most online storage providers and yet it contains serious oversights. The default options have you choosing between a stronger ‘Mozy’ key (which Mozy then knows and could use to decrypt your data) or a weaker key you choose on your own and keep private. Even if you choose the weaker private key, Mozy still stores your file and folder names in plain text – meaning they know a list of every file archived from your computer. We would suspect they know the size and timestamp of each file as well although this information has not been publicly disclosed. This seems to represent a great deal of information to reveal about the contents of your ‘private’ data, doesn’t it?

To overcome this threat and others, we at SpiderOak decided to never store a user’s password nor the plaintext of a user’s encryption keys. This ensures that there can never be a point – ever – where we could even unknowingly betray the trust or privacy of a user. Why? Because – to put it simply – we don’t ever come into contact with the keys needed to unlock the encryption surrounding the data. Even with physical access to the server or under subpoena, SpiderOak simply can never see or turn over a user’s plaintext files, filenames, file sizes, file types, etc… On the server, we only see sequentially numbered containers of encrypted data.

This necessarily meant a different approach to various processes throughout SpiderOak which you may or may not have noticed – including forced registration through the desktop application and never via the web. In the
end, however, we did accomplish our goals and proved that, although strange bedfellows indeed, ‘online’ and ‘privacy’ can sleep next to each other every night, naked, and live happily ever after…