Excluding fake and paid users (without a declaration of who is paying them) from that space and protecting free speech in that space is essential to having a public policy discussion.
Private corporations have not done this, and probably never will, so government is the only option left.
I think that governments should provide a verifiable digital ID the same way they provide physical IDs and that they should provide communications platforms that allow people to communicate with these digital IDs in a way that protects their rights the same way that they provide mail service.
I do not think that governments should be regulating/banning activity on private platforms but should be offering an alternative where private platforms fall short. This is really nothing more than bringing existing government services (ID, mail, voting, parliaments) fully up to date with digital technology.
There is a big gap right now where governments don't understand what they should be doing or are incapable of doing it. They recognize the need for action because they see that things are going wrong but are not proposing or implementing the correct solutions yet.
What do you think cell phones and credit cards are? In all of your examples you do have to provide an ID.
I disagree. Laws like this are outwardly hostile to the culture of innovation that the internet enables.
> This particular law may not be the best implementation but governments do need to take action to provide their citizens with a real public square online.
I disagree. Governments do not need to provide a public online discussion forum. Plenty of forums already exist. Reddit, Facebook, Hacker News, various phpBBs, deviant art, the chans, tumblr, mastodon, etc. The beauty of the internet as it stands is that if you feel like you don't have a place to speak your mind online, it's extremely easy, and in many cases, completely free to create your own blog or forum. Government should not be involved in public discourse in any role besides that of an observer. It is important for a government to hear the words of it's people, but it is ridiculous to suggest that a government should hold control of where people can have discussions or who can have discussions. This law is authoritarian at best, dystopian at worst.
> Excluding fake and paid users (without a declaration of who is paying them) from that space and protecting free speech in that space is essential to having a public policy discussion.
Protecting free speech is very important. However, this law does no such thing. In fact, it makes it easier to persecute people whose opinions you don't like. Requiring identification for the exercising of free speech is not free speech at all.
> Private corporations have not done this, and probably never will, so government is the only option left.
Regulation on how private companies handle their users is not inherently a bad thing. This law, however, is not only stifeling to free speech, it prevents smaller players from entering the game. It makes it hard for individuals to create their own small online communities by forcing them to navigate murky legal waters.
This law is bad. Everything about this law is bad. There is no single part of this law that is good for the internet.
You can take as an example the problems Facebook's "Real Names" policy caused for sexual minorities:
https://en.wikipedia.org/wiki/Facebook_real-name_policy_cont...
... except multiply it by a thousandfold when the government is in the pocket of a political party which is... disinclined... to acknowledge the existence or legitimacy of such people.
Oh, and if we want to extend the analogy - with current and pending legislation, the mail service would be liable if anyone breaks the law via mail...
Users of online forums in Austria will have to provide
operators with their true identities or risk fines that
could run into the millions.
Users do not risk being fined millions. The webmasters will.
A lot of the financial regulations of the past decade have been heavily identity oriented. Companies/banks need to ID customersID the origin/destination of funds, etc.
Gambling has recently become more regulated in a lot of european countries. Similar story. ID customers (mostly for age, but also aml). ID where the money is coming from. Take all reasonable steps to find out if a customer is has more money than they should have, is a thief, gambling addict, etc.. In practice, this they request customers' passports, bank statements, payment slips... while at the same time pay for services that estimate customers income, review social media profiles, and such.
Even GDPR, which I think did some to improve data security and a lot to reduce data selling, requires (in practice) most websites to keep of track of users' consent, which means keeping track of user identity, to some extent.
I have a bad feeling about the current political drive to "regulate" more. There are certainly problems that need solutions, which are likely regulation. But, the details matter a lot. We don't want the default regulations.
Austria is a beautiful country and most people are nice but man..some people can be very small-minded there. The news would make you believe that the UK is this backwards right-wing nation because of Brexit but you'll never see a muslim of Pakistani descent as mayor in Vienna or people of colour in the Austrian parliament and that's honestly very depressing.
I misread this as for Australia and while I wouldn't put this past the current right-wing government they are coming into an election.
But it's for Austria.....so....while I'm not affected I'm still annoyed.
couple that with self hosted(or maybe companies do it for you for a fee) mobile base stations to extend the range of that intranet for coverage that is actually free of government snooping/supervision while simulataneously being truly local and a signboard of things happening in your area.
of course they could try and ban that but unless you actually train cops to roam around with wifi packet sniffers i doubt it would be very enforceable.
That's exactly what Soviet police would do 50 years ago to catch "illegal" radio stations, to the point that the rebels eventually put it into a balloon, so there is precedence
What about Twitter? Reddit?
> In addition, web platforms would be required to appoint a liaison in Austria who would be responsible for making information about platform users available if it becomes necessary. If this person does not ensure that the regulation is followed, he or she could be punished with a fine of up to 100,000 euros.
This will just put foreign platforms, who will ignore the law, into an advantageous position compared to local platforms. Users might switch to foreign platforms that don't require identification.
Doesn't really matter, as those things move the Overton window.
Tomorrow, when the US, China, and EU adopt similar laws, there wont be any "foreign services" to use.
Anybody got an ideas, on what we are supposed to do when that happens
But in the meantime --Your ISP has informed that a foreign social media provider has connected to your account, identify yourself and provide your alias used on said social platform, or [insert consequences here]
Amazing how people are completely blind to this gaping misfeature despite infosec experts complaining about it the entire time.
While this is bad, IIRC if it has PFS this means that the phone number rerouting cannot be used to recover messages sent before this intercept. And also IIRC this phone number could only be used to trigger re-keying, which is detectable.
Data localisation is an up and coming regulatory thing, and more countries are picking it up. [2] Having a handle doesn't make you anonymous.
[1] https://arstechnica.com/tech-policy/2019/01/russia-tries-to-...
[2] https://www.atlanticcouncil.org/blogs/new-atlanticist/india-...
LinkedIn is blocked under the same law though.
Telegram is officially blocked in Russia (for not providing access to users' messages), but it works without any special setup.
> That way the data can be retrieved by the government and used to de-anonymize users.
That was probably the intention of lawmakers but there is no requirement to keep the data unencrypted.
There are "technical possibilities where software can run on the backend that can immediately identify: Does the registered mobile phone number match the name and address or not?" - derstandard.at/2000101678440/Minister-Bluemels-Ominous-De-Anonymization-Software (from https://derstandard.at/2000101678440/Minister-Bluemels-Omino...)
Translating it as "backend" is very friendly as he literally said "a software in the rear end".
Have there been any issues caused by anonymous posts recently? Maybe I'm just living under a rock, but my feeling was that the main issues we're currently facing stem from political distortion caused by populism misusing platform mechanisms to spread misinformation. I don't see how this is supposed to help.
But even if I'm right, it still damages the public discussion on privacy and civil rights. It is one of many steps pulling public opinion in a frightening direction.
- There is the idea of a tax called "Digitalsteuer": A tax for internet companies which didn't pay taxes for some reason. However, it is estimated this would make only some million dollars (~25 to 30/year). At the same time, it could lead to too much surveillance because somebody would have to save the address and location data of Austrian users somewhere. https://derstandard.at/2000100880156/Kritiker-befuerchten-du...
- And the "Überwachungspaket":
-> you need to register prepaid sim cards
-> limitation of the secrecy of letters
-> data retention by ISPs etc https://epicenter.works/thema/ueberwachungspaket
https://journals.plos.org/plosone/article?id=10.1371/journal...
The conspiracy theorist in me is starting to see these laws as some sort of ploy by the big players(google, amazon, facebook, etc.) to create a sort of monopoly on the internet by making it so difficult to enter the web application space that only large companies with massive amounts of resources can even play the game.
As someone who is currently working on a new art sharing platform that will include discussion threads, I'm starting to get worried about needing to comply with these types of laws. Not that I would comply, as I believe one's internet experience should be as anonymous as one wants it to be.
It's a real shitty place to be. I hope this law gets shot down and all future laws in the same vein don't gain traction.
So a site like unzensuriert.at (like breitbart in the US) which is a right leaning / government favourable website will not fall under such a law and won't get penalties.
“A friend of mine says, ‘Woke politics are getting absurd.’”
I wonder if this would be violation of the law...
[0] Someone Who Isn't Me. I believe it was an attempt to avoid admitting to illegal things. It was mandatory to use SWIM instead of the first-person on some forums.
He gave me such an evil glare, it was astonishing. So I glared back at him.
In real life, I found him to be as loathsome a creature as in media. Perhaps, fatter than I thought he was.
I hope I can continue to report such things on the Internet in the future.
"Das ist ja ein Blödsinn, was sie da reden" (This is total nonsense you are talking about)
So strange, this seems to be the exact opposite of the trend in the USA where the public desire is moving towards requesting these companies to allow us to be anonymous. Just like...Europe? What’s going on in Austria?
Conversely, in US, we place a lot of emphasis on preventing the government from collecting data that it could abuse, but then largely ignore the same issue with private entities.
(Note, I'm not saying that it's universally true in either place, only that it seems to be the majority consensus. There's certainly plenty people vocally dissenting from it.)
What does it mean for an internet site to be situated somewhere? What country is that?
For example, http://dreadditevelidot.onion. Where is it situated? It does have an interesting discussion forum. It certainly has rules. Is it now supposed to appoint a liaison officer in Austria (and 200+ other jurisdictions)?
The original "vermummungsverbot" is a law to prohibit people from wearing a veil in public. The pretense was that people hiding their identity were by definition a security threat to the law abiding general public. The political effect was that xenophobs liked the idea of a law that was opposed to certain aspects of islam. The reality is that the law has no effect, since there are almost no people in Austria would would want to wear a veil in public in the first place apart from maybe the odd female tourist visiting from Saudi Arabia.
The idea now is that the same should apply to the digital sphere.
My guess would be that they know full well that it's never going to pass into law and make it past Brussels. But to them it's a win-win. Either they get a law that appeases the right-wing populus. Or Brussels stops them, playing into their anti-European narrative, which would also gain them political capital.
Identification is on demand, not mandatory.
I imagine this kind of digital signature will be mandatory when signing up for the internet services described in the article...
Eliminating anonymity should be done through measures that amount to enforcing traceability at fundamental technical levels - that will affect everything from spam to fraud. But simplistic things like this just require people to identify themselves, which is just a form of social control.
Mail: PO Box 2804, Grand Cayman KY1-1112 , Cayman Island.
I don't think anybody involved with the site has ever been to Grand Cayman. Apparently, they process 10 BTC/USDT transactions per minute; and that is just one of the hundred trading pairs.
Who can claim jurisdiction over that site? Maybe Grand Cayman, but when push comes to shove, I suspect that they won't be interested either.
So do I understand that the very basis of this proposal is the assumption that "Internet usage" is "media consumption I do on my phone" ?
And going to jail for 5-10 years if you're caught bypassing the law, would as well.
Of course you could still get your hands on one registered to another name, but it's no longer trivial to get an anonymous card here.
Of course this case was only a welcome trigger to implement some law to cause FUD. Austrian government is completely illiterate in all things regarding internet, but in this case (and the case of the copyright directive), I would go as far and presume malicious intent (not just stupidity).
> Criticism also came from the former Green Party politician Sigi Maurer, whose fight against sexist posts was cited by the government as proof that the law was needed. "The government abused my case to propose this censorship law," Maurer wrote in a tweet last week. "Not in my name."
https://derstandard.at/2000101677286/Government-Seeks-to-Eli...
(I see that Facebook's ineffective harassment policy is at the root of this again)
This is just the far right interior minister enforcing his ideology of control.
Existing hate-speech legislation allows persecution of users already, but in some cases the offenders hide too well or Facebook does not cooperate with authorities. Online newspaper forums are also now full of professionally organized dirt campaigns, sometimes tolerated by left-leaning media. The government wants to be able to persecute those who break the law and thinks it's the responsibility of media to at least make their users identifiable for authorities.
Edit: Previously, the political center of Austria was slightly to the left, like in most European countries. Bored with the great center coalition, the conservative party (ÖVP) has burned all bridges to the center-left social democrats (SPÖ) and is now considering the center rather more near its own right wing. Refugees and immigrants and "punishing" those are now the go-to argument for every legislative initiative. Also, governmental "message control", i.e., controlling what may be leaking of internal political communication or what may be setting an agenda, is deemed of high strategical importance by the ruling parties.
This law is part of their campaign to browbeat the press and public sphere into submission and it is following attempts to rein the austrian public broadcaster (orf) in.
The proposed law is useless for any legitimate purpose, as anonymity was never a problem with hate speech or other things. People are willing to engage in hate speech, libel or just in overall awful things with their name attached without reservation already.
The problem in Austria is that the Russians have started buying a lot of property there decades ago. Property prices in Kitzbühel have been going through the roof thanks to Russian oligarchs buying up everything. Russians love Austria (as much as Cyprus) because it's a great place to hide and launder money, see[2]:
Peter Pilz, a member of parliament from the opposition Greens party, said the Italian mafia, especially the Calabria-based ‘Ndrangheta, had years ago used Austria as a money-laundering centre, cleansing around 2 billion euros.
“Now it is mainly a matter of Russian money. A lot of banks must be afraid that the Russians will take their millions and flee to Asia,” he said.
[1] https://www.cbsnews.com/news/vladimir-putin-karin-kneissl-we...
[2] https://www.reuters.com/article/us-eu-banksecrecy-austria-id...
see also: How Russia stands to profit from Austria’s new government: https://blogs.spectator.co.uk/2017/10/how-russia-stands-to-p...
edit: parent is getting silently downvoted for stating facts. welcome to HN.
No one talks about Gazprom Schroeder (center-left SPD) who destroyed the welfare state in Germany and then joined Gazprom.
Besides, the anonymity vs. other users will not be changed, we're not talking about a "visible real names" policy here. You can still use nicknames, just the forum operator has to store your real name.
[1] The final dataset includes 532,197 comments on 1,612 online petitions. There were a total of 3,858,131 signatures over the 1,612 petitions between 2010 and 2013, with detailed information about the wording of the comment, the commenters, the signers and the petition.
It's 100.000 users OR revenue of €500.000 OR being media with press subsidies of €50.000+ OR being a service partner providing an online service for such companies.
That the law was made in such a way for "unzensuriert.at" ist just nonsense propaganda, there are plenty of left-leaning or straight opposition blogs and forums that are exempt as well (e.g. kontrast.at, run by the SPÖ). It's a law targeted at online forums by newspapers and FB/Google/Twitter. Also, unzensuriert.at is not "right leaning" it's pretty far right and not very friendly to the conservative ÖVP, i.e. the larger part of the government.
Exempt are also (apparently) forums on e-commerce websites and reviews/comments, support forums.
It may also be possible to split your forums to different sites / domains if you reach the thresold.
Anyhow I can't see how this will play out in real life and I hope our president will step in and prevent it from happening at all.
I'd probably keep the content but orphan it and kill the underlying user and profile.
Dunno about currently, but afaik at the time this went down nothing was detectable, you just log into a user's account and read the history since e2e conversations aren't the default.
> The default method of authentication that Telegram uses for logins is SMS-based single-factor authentication. All that is needed in order to log into an account and gain access to that user's cloud-based messages is a one-time passcode that is sent via SMS to the user's phone number. These login SMS messages are known to have been intercepted in Iran, Russia and Germany, possibly in coordination with phone companies.
But that was there and then. We don't have any strong hard left movements of that kind in Western countries today. We do, however, have far right / "third position" movements of that kind. And ideologically, they align pretty well with Russia's own internal politics, so they're more reliable allies, as well. So, while there is some support for left-wing anti-establishment movements, most of it goes to the right. And hence we're mostly talking about that.
Authoritarianism and aggressive statism broadly, generally prompt opportunistic brain drain for exactly that reason.
The US poached enormous amounts of talent from backwards, regressive European nations for more than a century previously.
But I am 100% sure, our current government would never ever grasp the concept of a federated social network and probably just try to ban it.
This said, when the UK government is fully convinced that Caymans “should jump”, they eventually jump.
Interesting take on overseas territories. Fuzzy sure, but it never occurred to me that it's intentional
- keeps open the option of direct subsidies and favourable treatment for Cayman. I believe most BOTs are not financially self-sufficient, including Caymans.
- keeps open the option of UK re-taking direct control in some circumstances (military requirements, oil discoveries etc).
- maintains substantial independence in practice.
For small territories, BOT arrangements provide the best of both worlds, at the low low price of occasionally bowing to UK authorities.
However they stopped when a court shot down the surveillance law that made people concerned in the first place[2].
If Austrians are even half as privacy-conscious as Germans, expect much of the same happening.
1: https://datenschmutz.net/anonym-kommunizieren-simkarten-taus...
Possibly among groups of people who regularly break the law. I can't see a normal person willingly accepting this sort of risk (e.g. being persecuted for child pornography someone else downloaded) for no good reason.
Also, the authorities will find you anyway if you've ever used a SIM card with your real name in the same phone or even if you only bought the phone from a place where device IDs are registered (like Apple, presumably).
A lot of Germans did in fact do it. So... there. Even my father considered doing it, being ever suspicious of the handheld tracking device that is the smartphone we forced on him.
There's not much police will (or can) do once it's established that you traded SIM-cards. It's actually discussed in the first article I linked.
There's also a good chance you weren't even remotely physically close to the phone/sim when the crime was committed.
Please don't attempt to change the meaning of my post with your own interpretation. When I write "left-leaning", I mean exactly that.
- Filters, Article 13 style. Youtube, Facebook and Co have to ensure you can only post legal content
- Accountability. A justice system is able to drag you into a court when you've done something illegal.
We tried safe harbor and it was a nice compromise, but youtube added ContentId for a reason and it also certainly doesn't seem to help against hate speech. I prefer we keep judges assessing what is allowed and what isn't, instead of shifting this burden onto companies. If that requires Know Your Customer laws, then this seems like an acceptable trade off to me.
The problems of upload filters have been discussed here in depth and the consensus seems to be that they would have massive collateral damage. Removing anonymity creates severe problems for freedom of expression. Consider, for example the buffer anonymity provides from strategic lawsuits against public participation.
What current problem is so bad that solving it is worth the costs of either of those solutions?
This is not about being guilty, it's about being accountable for your actions, just like you are everywhere else.
In Austria and Germany, people riding bicycles are considered the rudest on the streets. Everybody is anonymous to other participants until an accident happens, but only bicycles have no number plates, so they usually run every red light because they won't be held accountable unless the police see it and give chase. I don't think it's fair, though some people clearly consider this an important part of their personal freedom, at the expense of everyone else.
That is to say, consideration and respect goes both ways.
That's completely irrelevant. It's about the "rules do not apply to me because you can't catch me" attitude, same as with people who harass others online without remorse by using various anonymity tools. Removing this possibility would fix it the accountability problems to a great extent and make them behave more responsibly, in line with others.
To be fair, only a minority of those illegal overtakes are actually dangerous, but the same is true of most traffic law violations by cyclists.
[0] Extremely short journeys, or journeys very late at night, might encounter no motor traffic in a position to break the law.
https://old.reddit.com/r/europe/comments/9ziqfi/european_cou...
What's the limit, skateboards with license plates? Why not subdermal RFID implants to catch people jaywalking? I mean, in the end a human body is just another vehicle for consciousness.
We have people that jump in front of your car without paying any attention to their safety, almost begging to be hit. Informally we call them "jaywalk terrorists". Their ignorance is a harsh punishment by itself, to them.
And yet the US has all kinds of surveillance apparatus to de-anonymize internet users...
Even if you take the parallel construction angle, no politician except maybe a dinosaur that is super-secure in their position (on the federal level that would be people like Pelosi, Fienstien, etc.) is going to tolerate that because if the other side can prove you knew then you're not going to have a job after the next election.
Obviously we need to remain vigilant but there are existing feedback mechanisms that generally prevent wide spread abuse.
The US philosophy is to do passive surveillance and assemble the pieces after the fact, rather than mandating ahead of time requirements. Which means that US-based services will continue to be unhindered by such requirements, appearing "anonymous" to the rest of the world.
As more people globally are turned off by ID requirements, if they're able to flee to US services, then they're actually walking into a more sophisticated passive surveillance flytrap. USG will have ever more surveillance over other countries, without even having to clandestinely place taps.
Close allies will be given access through FVEY and the like, making that relationship even more lopsided. But allies' domestic law enforcement won't be, so they'll still be clamoring for more simplistic mandates requiring ID, further driving the process.
This is codifying forced attribution for everyone into law.
To clarify, anonymous speech is protected by the First Amendment.
With certain limitations. If someone anonymously offers drugs on the 'dark web', that is not protected, of course.
So, it wouldn't surprise me, if the current administration would at least attempt such ideas.
More importantly, it's purely a private business asking for your ID in this case, and only as an age check. In the vast majority of cases they don't record or really care about anything except your date of birth. No bar I've ever been to kept any kind of record that would have enabled them to tell the government that I had visited the establishment.
Either way, I routinely get comments about where I live, how my hair looks now, my birthday (coincides with a major date in the US). It’s very low level invasion of privacy, but most of the time I don’t want to small talk at the grocery store, I want to finish what I need to and go. N=1 and all that, but I get the point. At least no one under 21 ever drinks here.
Not that the UK and USA don't have some problems in that area
Yet another historical marker, at the end of WW1 about 15% of the Viennese population was anarchists, some of them living in illegal settlements. (These anarchist settlements were mostly converted to allotment associations, some of them still carrying auspicious names like "Future". The reintegration of those who had already left the common political ground into a more traditional spectrum is a special and generally overlooked treat of the political history of Austria and probably the cause, why communists were rather rare in Austria as compared to the neighboring countries.)
Notably, this was about "left-leaning" as a qualifier for hate speech, which may be subject to prosecution (compare the original comment).
Move to the next of the four boxes, though ideally before it happens. We need to advocate for important civil liberties and reasonable limits on the power of the state, but we do also need to then act according to that advocacy ourselves, for example by voting for people who take these issues seriously or funding legal actions to challenge excesses. A lack of public awareness of these issues and the potential implications for normal people's everyday lives is a big part of the problem, and as coldtea suggested above, shifting the Overton window is going to be crucial to improving the situation. It just needs to shift the other way from where a lot of the authoritarians in power today are trying to push it...
only few things you can do (in that order depending on how bad it escalates), 0) start to learn about prepping and live a more unplugged live 1) flee and take refuge in a place that others call "backward" 2) take up arms and defend yourself
#2 will get you labeled a terrorist (though so was Count Stauffenberg)
It would be hard and would likely attract only technically-minded individuals to use.
That way, participation by servers and clients would be plausibly compulsory. Both because it would evade protection, and because sympathetic admins and users could "accidentally" let it install. And that would provide plausible deniability.
A plausibly deniable user interface would be the hardest part. It'd probably need to self install, and then securely delete itself after use.
... and police forces: a nice feature of leaving a few gaps that motivated users can use is that the police can focus its limited resources on the those interesting targets.
I actually would really welcome online activities no longer being anonymous.
I feel like a large part of why people on the internet are so terrible to one another is that there's really no accountability because of the anonymity.
This is true in many areas including hate speech or posting illegal/inappropriate material.
I suppose I don't know if I think it should be LAW that requires everyone be deanonymized, but I do wish people on the internet would treat each other closer to the way they do in real life.
Sounds plausible until you consider that many of the worst comments are written by real people logged in using their real Facebook accounts -
... and some of the best forums online don't demand anything but a username and password like here.
IMO real name policies are way less effective than some people want you to think, and they'll effectively prevent certain minorities from participating in online debates.
Politically, I don't know how it's possible to look at the current climate and think it will work against mass surveillance. Politicians will just shy away from directly confronting the issue. Whenever any spotlight gets close, the agencies will continue categorize it as national security / tough on crime / etc. The best political ally is seemingly the judiciary, and that itself will only slow things down.
People apparently forget that telecoms providers cooperate with authorities, new legislation is planned for this too.
> People apparently forget that telecoms providers cooperate with authorities, new legislation is planned for this too.
Also remember that as soon as you connect to the cell phone network, your location is made known. If you ever slip up and use your personal and private sims in a more private place, you are likely to get caught. Coupled with other potential identifier leakage (like device id as you mentioned) the opsec bar is high for this use case.
For me it is cheaper to use internet through roaming than buying local plan.
Imagine connecting to the Internet using a non-phone ?
However I have heard that in Spain you could anyway buy unregistered sim cards from certain stores if you asked around and paid a bit more.
If you're worried about someone taking your guns be worried about the state police.
I did a writeup that was aimed to illustrate the insane complexity of OpSec and for people to follow along to achieve better privacy (e.g. first install some browser plugins, then /etc/hosts blocking, then pi-hole, then Tor, etc ... so it gradually introduces people to the idea, until eventually the steps become too hard or impractical for them). Also be warned about the psychological pitfalls of what secrets/compartmentalization can do to the brain and remember that cops and spooks have specialists to support them while a lone wolf trying to protect themselves remains exposed to these dangers this can do to your mind.
some of the first couple of "Steps" from the document should be ignored in 2019 (or moved to the bottom - to where the more difficult points are listed - because people will get it wrong) and are no longer useful but the final points of the document give some tricks on how to hide completely. Things like sending a friend around the world with a budget of monthly $50,- debit card for beer money (under your name) remain highly relevant.
Other things are totally missing such as what to do if you think your phone is compromised or how to do damage control in general.
Again be warned that certain points are very dated and may not give you the protection they promise in 2019:
https://web.archive.org/web/20180714043311/https://iotdarwin...
> Use a burner phone with a prepaid SIM to safely enable 2-Factor Authentication (2FA) without leaking your primary mobile number to any «cloud based data-krakens». Nokia’s relaunch of the 3110 is OK for that purpose and doesn’t immediately out you as somebody holding a burner phone in their hands. But the problem is that it has a GPS chip and camera. Probably a show-stopper for stricter scenarios. Just get any cheap phone that doesn’t include the word «smart» in the name. You want to be able to text and that’s it. Consider buying a used prepaid SIM for a few extra bucks from somebody not associated to you and who hasn’t advertised this to you before either. In some countries this might be your only choice meanwhile. Immigrants are usually happy to sell their prepaid SIM for some extra cash. This gives you a number including all existing metadata (call and movement history visible to the operator and the spooks) already associated to that device and its previous owner. You have now purchased the «cover» of a whole network of people connected to the previous owner. This adds plausible deniability to what would otherwise be a pristine dataset (starting from zero). You will also inherit any active tracking that the original device owner themselves might have already accumulated. So if you’re unlucky you may buy the phone from someone under active surveillance. However the idea is that as data-sets age they increase in value to anyone studying them (and people who do are never your friends regardless if you have anything to hide). In other words, what we did above with TrackMeNot/AdNauseum, we’re now repeating with a prepaid SIM from a stranger.
Data plans can be limited for other countries, even within the EU (and frequently are), i.e. if your prepaid contract allows 5GB monthly data transfer for free, the provider might limit this to 500MB for roaming and beyond that limit, you can pay a hefty fee per MB.
In general, prepaid cards aren't famous for having a generous data plan...
Eh, no thanks