The tech industry is still reeling from Donald Trump’s election to the White House earlier this week, with new statements from Apple, Microsoft, and Facebook already seeking to make sense of the president-elect. But as those conversations have played out, a lesser-known CEO was suggesting a more unorthodox response for tech companies in the Trump era: stop collecting so much data.
The comments came from Pinboard CEO Maciej Ceglowski, a longtime critic of data collection on the web. According to Ceglowski, the only sane response to a Trump presidency was to get rid of as much stored user data as possible. “If you work at Google or Facebook,” he wrote on Pinboard’s Twitter account, “please start a meaningful internal conversation about giving people tools to scrub their behavioral data.” Both companies declined to comment.
The sentiment was echoed by sociologist Zeynep Tufekci, who wrote that “tech companies should immediately go to end-to-end encryption and ponder alternative financial models.”
For both critics, the concern is surveillance. Once Trump is legally in charge of the nation’s intelligence agencies, all that data will be subject to FISA orders and extra-legal hacking campaigns. And given his alarming comments on muslims, refugees, and members of the press, there’s no telling who might be subject to such a campaign. “If the FBI wanted to round up every muslim in America for detailed questioning, that didn’t seem like a likely scenario, but now it seems much more likely,” Ceglowski said in a call with The Verge. “It’s viscerally brought home why this matters.”
Even Ceglowski recognizes that company practices can’t change overnight. Targeted advertising is the core business for both Google and Facebook, and that business makes them billions of dollars a year. Targeting those ads takes specific data on specific users — but Ceglowski is betting it doesn’t take quite as much data as is currently being collected. “I’m calling for them to shorten the horizon over which they retain the data,” he says, “and be especially careful not to collect extra data they don’t need.”
Those companies’ data has been used for surveillance before -- most notably through the NSA’s PRISM program, which showed the agency accessing internal servers at Google, Microsoft and Facebook. Earlier this year, Facebook drew fire for providing API access to Geofeedia, a company employing social media data to target protestors. (Facebook was later revealed to be a client of the company as well as a supplier of data.) Police have also used Android’s location data to place suspects at the scene of a crime.
Crucially, data requests can only succeed if the company retains the relevant data, which has driven many users to end-to-end encrypted services like WhatsApp or Signal that are mathematically prevented from intercepting and storing user messages. Google users can also manually delete their data through the service’s My Activity portal, which will scrub it from Google’s servers within days.
Outside of intelligence services, police typically obtain company data with a court-ordered warrant, and most companies freely admit to filling lawful requests for data in that form. It also gives users some security: Trump or no, a judge has to sign off on probable cause before the warrant can be issued. As the prospect of another encryption battle looms, the warrant process may be the one part of the system that both sides can agree on.
But for Ceglowski, the presumption of the rule of law simply may not apply under Trump. “I don’t think the US is going to turn into a lawless state overnight, but look at the dynamic in places like Russia,” he said. “He’s not going to care enough to prevent such abuses at a lower level and certainly he’s going to protect anyone who’s taken to task for them.”
“I hate to sound fear-mongering but I’m from Poland,” he continued. “This fits a pattern that I recognize. It’s just that it hasn’t happened before in the United States.”