➡ This text discusses the permanence of data on the internet, highlighting the role of email, Archive.org’s Wayback Machine, Facebook, Google Search, hackers, and Palantir. It explains how personal information is often stored indefinitely, even if users attempt to delete it. The text also warns about the misuse of this data, such as in the Cambridge Analytica scandal, and the potential for identity theft following data breaches. Lastly, it discusses how companies like Palantir use this data not just for surveillance, but also to predict and control behavior.

➡ This text discusses how city surveillance tools and social media activity are used to track young people and predict their likelihood of joining gangs. It also mentions how such data can be used to manipulate financial markets and influence people’s behavior, potentially leading to societal polarization. The text emphasizes the importance of privacy and introduces the concept of the ‘KYC layer’, which records all internet actions linked to an identity. The author suggests that privacy strategies should aim to operate above this layer. The text concludes by promoting various privacy-focused products and services offered by the author’s community-supported channel.

I’m sure you’ve heard of sayings like the Internet is permanent or you are the product. Those interested in privacy intuitively understand this. But what I want to explain to you today is the breadth and detail of this. And this is important because for privacy strategies to work, you have to fully understand the environment we are dealing with. There is a reason the Internet is permanent, and that is because of many, many entities that really make it their business to make the Internet data last forever. This includes big tech, smaller private companies, and government. The scope of this is incredible and it gets worse every day as new entrepreneurs figure out a way to make money out of your loss of privacy and governments engage in mass surveillance, which is powered by stoking fear.

Big Tech does the same and justify their surveillance actions by pushing fears of cybersecurity threats. Now, after you hear everything I will say, and some of this will be shocking, you may think that it is hopeless to achieve privacy, but I’m not discussing solutions. In this particular episode, we will build on this topic and this will be the first in the series. If you understand the starting point, you can formulate an appropriate solution. Do you want to see how deep the rabbit hole goes? Stay right there. What I’m going to do is group the entities that are involved in making your forever data.

I will tell you now that I’m just giving you a brief big picture explanation of each one. As in reality, every type of entity could itself be a video. Let’s go down the rabbit hole. Social Media aggregators Social media aggregators are entities that scour the Internet for personal data and then sell it. These use robots called web crawlers that visit every website and then collects that data and puts it into their permanent database. Examples of companies that do this are Axiom, Intellius, People Finders. There are so many. Now, in addition to the web crawling, they include databases of public records.

So every public notice, like buying or selling property or lawsuits, birth certificates, death Certificates, criminal histories, DBAs, corporate records, and so on. Just so you know, many of these companies have expanded. Instead of just allowing parties to search for people by name, this is now used by employers to do background checks. And again, to make sure you understand, this includes everything found on you on the Internet, including social media identity providers. The social media aggregators I mentioned are just the tip of the iceberg. Now new organizations or the same organizations are offering identity services. These companies are now called identity providers.

These this is very common now in many sites that require KYC or know your customer, for example government sites, Coinbase financial institutions, UPS, FedEx, Shipstation and even phone carriers use identity providers. A platform will subscribe to an identity provider and they are able to cross check. For example, if the address you provided is matched to your name, this service is able to query you on where you lived in the past and show you a random list of addresses. Then it will ask you to verify your identity by selecting the correct one. It knows your actual addresses since it has a history of them.

Thus, your identity is confirmed by the service matching names to addresses, phone numbers and email addresses. Location Aggregators There is another group of companies that I call location aggregators. They buy up information of IP addresses matched to GPS coordinates and then create what is called a reverse IP lookup database. Where does the IP address and location come from? It comes from ads that pop up in your mobile apps. Apps, particularly the free ones like weather.com will record your IP address and location and then sell it to these entities. This is how free apps make money or apps will allow paid apps to appear that perform this.

If an app requires you to enable location like Yelp or Craigslist, then you should assume that they want to sell your data. This allows several kinds of services to be sold. First, given an IP address, the database will show matching locations. Alternatively, given a location, it can list the IP addresses in that area. These same companies like Hear.com and Skyhook Wireless also provide WI FI triangulation services. Meaning they track the location of every WI fi router in existence and then they can pinpoint your exact location based on the signal strength of the WI fi routers near you.

Apple used Skyhook Wireless in the past and now I think they use hear.com while the average person thinks that IP addresses only show a general location like a city, services like these, which you can subscribe to for a few hundred bucks will be able to provide a verified location just from an IP address. This is why it is important to protect your IP address. Google Sensor Vault A discussion of location providers did not complete without bringing up the Google Sensor Vault. The biggest lie made by big Tech is that somehow you can control location on your phone with permissions.

Well, this puts that to rest. Both Apple and Google know your exact location at all times. No permissions required. In fact, they need this to power Find My Phone or even allowing Apple airtags. The significance of this was proven during the prosecution of the J6 rioters in the Capitol. All the suspects were proven to be inside the Capitol based on data from the Google Censor Vault. The fact that it is called the Google Censor Vault is revealed in court papers why they chose to use Google instead of Apple. I’m guessing that Google has data on all phones while Apple only has it for iPhones and I don’t know how willing Apple is to share this data.

If you have a regular phone, then expect all your locations to be stored historically and permanently in the location databases of both Apple and Google. Pstn. The pstn, or the Public Switch Telephone Network, is the most surveilled method of communication in the world. Many of you do not understand the extent of this, so I will make this clear. The phone network is permanently accumulated by the government in multiple databases. As Snowden already revealed, every phone call made which is recorded by each carrier is transported to the Utah Data center, the database home of the Nosuch Agency.

This is called the Prison program and every carrier and big tech company voluntarily sends their data to the government. I say voluntarily, but I believe this service is paid for. Then there’s the law called calea, or Communications Assistance for Law Enforcement. Though this law was passed during the Clinton era, It took maybe 15 years for the hardware in all these carriers to be updated to support this. Now this new system allows law enforcement to wiretap any call just by using an Internet connection which connects to the carrier network. Additionally, all the metadata of every call, such as caller and callee numbers, time of call, length of call and every single text message is captured.

This traffic is found on the signaling system of carriers called SS7. The entirety of this data is stored also in the FBI DCIS database. So every call ever made or who talked to whom, and a record of every SMS message ever sent is available. Additionally, each carrier of course, keeps their own copies of what crosses their system. So people ask me all the time if they can delete their phone data or delete their SMS messages. The answer is a strong no. It’s impossible. So you might think this is just a government type of threat. But hold on.

Later on you will find that it is not limited to government email, as I have explained in multiple videos is an old standard that has existed in its current form since the 80s. What is not clear to most is that the email standard is based on plain text. The headers, which contain the sender recipients, titles and IP addresses of the servers, among other things, are all in plain text and cannot possibly be encrypted. When you add attachments, the attachment is just converted to a format that can represent binary characters called base 64 and this can easily be changed back to the original format.

In recent years, email standards have adopted TLS encryption between users and their email providers. However, the bulk of traffic is still transmitted in plain text between email servers called MTAs. Because it’s in plain text, it is no advanced technological feat to just capture every email traversing the Internet to store it in the Utah data center. But this is actually the harder method. The easy method is that peering stations, meaning the aggregators of the Internet, actually capture the email traffic and process it for the three letter agencies. The main peering provider is AT&T. The eight AT&T peering stations in the US capture the bulk of Internet traffic around the world, and thus they are well suited to capturing this particular data.

From the big tech side, it should be obvious to all now that probably 80% of all email is Gmail. And certainly everyone has sent an email to a Gmail account. Thus it should be assumed that Gmail has a copy of the majority of emails in the world. This is of course used to profile you. As I’ve said many, many times, email is a postcard. If you’re going to send email, assume that others will read it. Archive.org Wayback Machine the Wayback Machine, which is the technology of Archive.org uses web crawlers just like what the social media aggregators use.

But this one captures the appearance of a website at any given time. If the content of the website changes, there will be a history of all the changes. So unfortunately this means that if you’ve ever made a website and your website was crawled by the Wayback Machine, then anything on that website is now stored forever. A friend of mine asked me if I can help them delete a website because students in a middle school class were given a project to make a website off their family. So the stupid teacher basically made the students self dox themselves by putting in personal information in a public site in the guise of a technology teaching moment.

And of course, many years later, the students don’t remember their passwords and the website is still active. But even if they manage to delete it, the data is still on the Wayback Machine. Archive.org as of 2024, the Wayback Machine has archived 866 billion web pages. This is a primary demonstration that the Internet is forever. Facebook Meta Facebook is specifically one of the worst threats on the Internet for forever data. In fact, it was a main source of data in the Cambridge Analytica saga featured in the 2016 election. According to reports, Cambridge Analytica captured the personal data of 50 million Americans, which it then used to create a personal profile for each one and use it for target messaging.

Basically the precursor to a psyop. The interesting feature was that they captured the data of Facebook users via apps those people installed. So while users enjoyed using Candy Crush, those apps utilize expanded permissions to read timelines and friends and their timelines. While some of this has been mitigated since then, it should be clear that data will leak out of Facebook to external parties and then it will eventually end up in the hands of the social media aggregators and more. And this is just the threat of external parties to Facebook. Facebook itself has clearly indicated in its terms of service that the data you put on it is permanent.

Surprisingly, normies really don’t appreciate what this means and they start having family disputes, partner disputes, and reveals, and basically every personal detail of life completely exposed. Examples are family dirty laundry revealed in public and discussions of things like accusations of rape or pictures with a boyfriend in bed, or embarrassing life details that perhaps wouldn’t be such appropriate content 20 years later. The problem is that they didn’t read the terms of service. Even if you choose to delete your posts on the timeline, the Facebook policy says anything shared will remain shared. So though you may think that you deleted something, anything shared in the past is always visible to the parties who’ve seen it before.

On top of all this is the identity model of Facebook. Facebook relies on true identities. Every person is not only verified via 2fa with a phone number, but all are validated by crowdsourced data. Everyone will vouch for your identity by indicating a relationship, like family members or parts of groups like church, college, high school, or political groups. And the people who interact with you will also provide digital proof of their relationship with you via contact lists, photos and interactions. And as I said, this is forever. The worst part is that people assume that Instagram and WhatsApp are immune from this even though they they are on Facebook.

The problem is that the Terms of Service makes clear that the data from all these platforms are shared. Therefore your identity is completely known, even if you use some pseudonym on Instagram or WhatsApp, and all your contacts and friends create a relationship map that connects you to them via their Facebook accounts. Even if you didn’t have a Facebook account. Some people will play games like change their username and profile photos on Facebook, thinking that this will somehow save them. But it won’t, since Facebook actually links any old name and new names together with all the profile photos ever used, and this particular risk will be apparent in the next category, Google Search and Google Reverse Image Search.

While Google Search is a particularly significant threat in providing a forever threat. It is interesting how it interacts with something like Facebook. One of the quirks of Facebook has been that you cannot really change your name or profile photo on it without creating a searchable history. And by searchable I mean it is visible without logging into Facebook, thus is easily captured by Google Search. This includes both the alternate names and profile photos. So if you change your profile photo on Facebook 10 times, those 10 photos are all going to be found and be associated with your current Facebook profile.

Just to demonstrate the seriousness of this, anyone can then take any of these photos and do a Google reverse image search. And the image alone will will point you to Facebook and other social medias where you use that photo. And of course Google Search is the primary tool used by social media aggregators to get business. You put in a name in a Google search and it will point you to many of the common social media aggregator sites to sell you identification services. Now you may not know this, but a special Google search is made available to three letter agencies.

This used to be a feature used by the no such agency back in the day, but I believe Obama made sure this was shared with all the intelligence agencies. This particular search engine allows a three letter agency analyst to scour the government surveillance databases instead. Remember that Google Search is just a search engine. The original data still remains in the website that hosts your data. So laws like the EU’s GDPR allow people in the EU to to request that their search data be deleted. But it doesn’t stop the web crawling of the original data as well as discovery by search engines residing in different countries.

Hackers come into play as a source of forever data on the Internet. And this is really from data troves illegally acquired from legitimate sources of personal data. For example, one of the most significant hacks is the Equifax hack. Equifax is a credit reporting bureau. The problem is that Equifax has personal data on just about everyone in the US including names, Social Security numbers, addresses, phone numbers, email, and of course credit information. But they were hacked. The common response now of entities that are hacked is to purchase credit monitoring services for you to protect against identity theft.

Like that’s supposed to solve anything. The problem though is pretty serious as basically the entire database of stolen data is made available in the dark web. And everyone else, including more hackers or even legitimate companies like the social media aggregators, can read this data and add it to whatever they already have. Every single hack causes this new addition of personally identifiable information to be transferred to the public domain. One of the worst cases is when medical information is hacked from a health care provider. Again, it isn’t just that a hack is a single event, but it is clear now that everyone’s name, Social Security number, birth date, phone numbers and addresses are in the public domain.

Palantir I leave Palantir for last because it is a special case. Palantir is a very unique threat because it is a data company that actually uses the data it collects offensively. By the way, Palantir isn’t the only company in this category. Even Google has its division that does something similar, but Palantir is the most well known. Palantir doesn’t just use the data to surveil you, but it is used to control or predict behavior to take advantage of of people. Palantir is a major government contractor. It supplies services to federal, state and city governments. This has particularly dangerous implications.

As you will see. Palantir is also a major data analyzing resource for big firms, particularly financial firms like JPMorgan Chase. First let’s start off with identifying what data Palantir has. In contrast to the social media aggregators that take public records and then mix it with crawled Internet data, Palantir actually has direct access to government databases. For example, it has access to driver’s license databases, I presume the entire FBI DCIS database, together with all the phone records and SMS medical data from Medicare medical tax records and all other government databases. Just an example of these other government databases are city license plate readers, facial recognition databases and likely all location databases.

Then it can combine them with all the data that is available via the social media aggregators and voila. You have the most invasive database in existence. Just to show you an example of a Palantir project, they were hired by the city of Los Angeles to track potential gang bangers, meaning young teenage kids. A report identifying these kids was provided to the police who then proceeded to do random stops of these individuals to put a little scare on them that they were being watched. The movements of these young people were tracked by city surveillance tools and the propensity of the kids to join gangs was determined by their social media activity and locations.

Pretty invasive stuff and this is just an example. I’m sure a good financial application of Palantir data analysis is to predict human behavior when certain scenarios occur. For example, financial behaviors can be used to manipulate the stock market and take advantage of simple minded crowd behaviors when there’s a crisis. Worse yet, this kind of data is sufficient to perform psyops and trigger people to act in certain ways. We don’t know how much of the polarization of society may be due to this kind of psyop activity, and this psyop was already done by the Google equivalent of this company.

The problem is that the opportunity is there because the data is there. How to Use this Information in a Privacy Strategy this revelation is intended to define a layer of information that I think in my mind as the forever layer, the Identity layer or the KYC layer. And I’m going to call it the KYC layer from here on. Meaning that if your Internet actions are connected via an identity to this layer, then it is game over. All of your actions are going to be known and all your thoughts and history will be revealed, potentially from cradle to grave.

The idea of privacy is to skirt this layer to operate above it, to ensure that we are defining in advance. If our Internet actions are intended for this KYC layer or intend to be private, we don’t have a choice. All of us are found in this KYC layer. It is a feature of society now. The normies accept it. Later on we will delve deeper into how the data is structured in this KYC layer and how that translates into a privacy strategy. Folks, this channel is completely community supported. We do not have sponsors and it is you that keeps it going.

Thank you to all the people who support us via patreon locals and YouTube memberships. I don’t publicly acknowledge you for privacy reasons, but you are appreciated mainly to support this channel. We offer products and services which are focused on our goal of achieving personal privacy. One of the newest products is the Brax 3 privacy phone. Unlike your typical phone, this does not reveal your location. It is a community project involving multiple companies and is currently on indiegogo.com and also to be made available on braxtech.net we also have other products that you should check out. We have the Brax Virtual Phone which is a no KYC phone service.

We have braxmail which allows for unlimited aliases and many domains. We have Bytes VPN which is used to protect your IP address. All these are on our site Braxme. Join the well over 100,000 users that are there talking about privacy issues daily. Thank you for watching and see you next time.
[tr:tra].

See more of Rob Braxman Tech on their Public Channel and the MPN Rob Braxman Tech channel.