Especially “secret” ones.
One of the interesting aspects of my job is that I hear from a wide variety of computer and technology users. And by wide variety, I mean a very wide variety.
The vast majority are just folks trying to get things to work. I sympathize. Deeply. I’m often in the same situation myself.
But one thing I don’t do, unlike a small subset of folks, is believe that corporations have some hidden agenda with nefarious plots to invade our privacy, separate us from our money, or force us to upgrade our hardware when we don’t want to.
I don’t believe in conspiracy theories.
Become a Patron of Ask Leo! and go ad-free!
Conspiracy theories
Some people believe big companies conspire to exploit or harm individuals. I just don’t see concrete evidence. Common theories include misuse of data collection, hardware sales manipulation via Windows 11 requirements, cloud-storage spying, using smart home devices as surveillance tools, and social media mind control. These theories generally lack proof and overestimate the ability of people to keep secrets. It’s critical to stay skeptical and remember that simpler explanations — not driven by malice but perhaps by incompetence or error — are almost always more accurate.
Before I begin
Needless to say, the topic is controversial in some corners. Some are absolutely (and angrily and loudly) convinced that big tech corporations target them individually for who knows what. They carefully explain1 how their conspiracy theory is the most true and the most egregious and how the rest of us are sheep for not seeing what’s happening right in front of us.
Of course, they typically use the very technologies they’re complaining about to make those accusations. OK, then.
I’m a very, very strong believer in Occam’s razor:
The simplest explanation is usually the best one.2
And perhaps even more strongly, Hanlon’s razor:
Never attribute to malice that which is adequately explained by stupidity.
People love to attribute things to malice even though we are surrounded by more than ample evidence of stupidity or incompetence.
That being said, I absolutely believe malice, and even complexity, is possible. All I need is proof. Once there’s proof, conspiracy theories are no longer theories.
And there’s precious little objective, verifiable proof.
Let’s tackle a few of the common theories.
Data collection is used to track you individually
There’s no doubt data collection exists. I’m not debating it. As I said, I care about proof, and the proof is everywhere. Search for something you’re interested in purchasing, and the ads you see for that very same something on various sites you subsequently visit is just the tip of the iceberg of proof that our data is collected.
Heck, I even collect data relating to my newsletter: how many people open it, which articles get the most clicks, and so on.
Here’s what I believe is a critically important distinction: Data used to make generalizations about large numbers of people — aka “aggregation” — is completely different than data used to target specific individuals. It might be the exact same data, but how it’s used makes all the difference in the world.
The fact that I can tell that 1,000 people clicked on a link in my newsletter intrudes on no one’s privacy and allows me to learn how to provide a better, more relevant product. If I were to use that information to ask, “I wonder what articles John Smith is reading?” that’s another matter, and I’m not doing that.
I believe the same is true of most tracking and data collection efforts. No one cares what you as an individual is up to. Don’t take it personally, but that information is virtually worthless. What matters is what large numbers of people are up to. That information is gold.
I understand that the opportunity for abuse exists. For example, while it’s totally possible to identify how many people opened a newsletter without recording who they are, my newsletter provider still tracks at the individual level. Why? So I can diagnose specific delivery problems when they come up. I do that fairly often, and it allows me to provide better service.
But you do have to trust that I’m not stalking you personally through your newsletter opens and clicks.
The same is true for big data collection. We don’t know what level of data is truly collected — individually identifiable or in-aggregate only. I trust that they’re not stalking me as an individual because I see no benefit (and only high cost) in doing so.
I don’t believe data collection is generally used to track the average individual at all. My exceptions are oppressive government regimes, of which the U.S. is not (yet) one, and individuals targeted by law enforcement. But the average Joe? No.
I’ll believe it if there’s ever evidence, though.
Related
Did Microsoft Lie?
The release of Windows 11 proved the statement that Windows 10 would be the last version of Windows to be wrong. But was it a lie?Windows 11 exists to sell more hardware
More specifically, the accusation is that additional hardware requirements were added to Windows 11 to force people to purchase new hardware in order to run it.
It could happen. It’s just extremely unlikely in the face of these facts.
- You don’t have to upgrade to Windows 11 — ever — if you don’t want to. Eventually, there may be inconveniences, as support for Windows 10 may drop from the software you use, but once again, you’re not being forced to upgrade. You can choose to solve your problems some other way. There are many alternatives.
- Corporations (Windows’ true, primary, customers) have successfully pushed back with workarounds to install Windows 11 on “non-compliant” hardware.
- The new hardware requirements have been explained to be about increasing system security. Not only has this always been a perceived weakness of Windows, but it makes more sense that Microsoft might use this as an opportunity to address it than some nefarious plot with manufacturers.
- Not one shred of evidence has been produced.
I’ll believe it if there’s ever evidence.
OneDrive (and Google Drive, and so on) exist to slurp up your data
The accusation is that when you upload files to cloud storage, your files are examined by these online services to update some personalized profile about you specifically or used to train large language models (LLMs, aka AI) or provided to the government for surveillance.
It could all happen. It’s just extremely unlikely in the face of these facts.
- Microsoft already has access to everything on your Windows PC. Why would they need to add complexity, and access less of your data by looking at only what you choose to upload?
- No one’s forcing you to use cloud storage. Yes, some attempts are extremely heavy-handed (looking at you, OneDrive), but that seems like more of a “stupidity rather than malice” situation. A true surveillance operation would require you to upload everything (which they already have access to if you buy into the previous point).
- No one’s preventing you from encrypting what you store online. In fact, you’re often encouraged to encrypt your data for a variety of reasons. Encryption prevents anyone, including the storage providers, from ever seeing your actual data.
- The amount of data that would need to be processed is enormous; unimaginable, even. We love to think that agencies like the NSA have unlimited computing power. I’m sure it’s a lot, but I also think it’s foolish to think that the amount of effort needed to make any sense of all that data would be expended on anything or anyone other than the highest-value targets.
- I strongly believe you and I just aren’t that interesting.
I’ll believe it if there’s ever evidence.
Smart home devices exist to spy on us
This conspiracy theory holds that voice-activated devices like Amazon’s Alexa, Google’s Home, Apple’s Siri, and others exist primarily to listen continuously and collect data on our activities.
My research turned up this interesting read. Study: How Amazon uses Echo smart speaker conversations to target ads is a 2022 article based on university studies that seem to indicate some level of data usage on Amazon’s part. Amazon, of course, takes issue with some nuances of the study.
To me, there are two salient points.
- It seems true that interactions with the device — meaning your proactive use of the device using voice commands — may cause data to be collected in such a way that subsequent advertising might be more targeted.
- But I saw no indication that non-interactions — meaning the device is passively waiting for its “wake-up word” while you talk about other things in the same room — cause any data collection.
Friends and I have run informal experiments talking about topics while an Echo was within earshot to see if it affected anything we saw thereafter. It never did, as far as we could tell.
I see this as similar to Google search. Google can use what you search for to “tailor your experience”, as they call it. But only what you explicitly tell it.
It could happen. It just seems extremely unlikely, even if only for the extremely negative repercussions such inappropriate actions would earn.
But, again, I’ll believe it if there’s ever evidence.
Social media exists to control our minds
ChatGPT reminded me of this one. The concept is that social media platforms are deliberately using algorithms to manipulate users’ emotions or political opinions, possibly at the behest of shadowy government organizations or powerful private entities.
Honestly, given the evidence, it’s hard to argue otherwise.
However, I have a slightly different take on it.
Some social media outlets, which shall remain nameless, absolutely exist to promote a specific agenda. The “catch” is that they preach to the choir. They’re not trying to make anyone change their mind but rather profit off the interactions of like-minded individuals. If anything, these platforms’ “manipulation” is limited to amplifying existing opinions in order to create more engagement.
Some social media outlets suck at moderation. There’s just no other way to put it. As a result, while manipulation isn’t the platform’s goal, they allow themselves to be abused by third parties to that effect. The platform may, as a result, begin to swing one way or another as certain manipulations take hold, but it remains independent of the platform’s actual goal, which is typically to make money. Unfortunately, making money is often at odds with effective moderation, so the manipulation by others is passively allowed to continue and often increases.
A few more
As I mentioned, I asked ChatGPT about some of this, and it presented me with a couple of other popular conspiracy theories that are less mainstream but I know are out there (besides some being “out there” 
).
Hidden messages in software updates
The idea is that regular software updates from big companies contain hidden codes or messages intended to control or monitor users in some way beyond what is stated in the update notes.
Rarely are these companies that subtle. Or coherent.
But, as always, theoretically possible. I’ll believe it when I see evidence.
Quantum computing and cryptography
The theory is that governments or large corporations have already developed advanced quantum computers capable of breaking current encryption standards, and they’re keeping it secret to covertly access encrypted data worldwide.
I suspect that if quantum computing like this existed in the hands of the government, they’d be using it to encrypt information in ways that no human could ever decrypt without a correspondingly capable quantum computer of their own.
This one is interesting because I don’t believe it’s in place… yet. We’re clearly headed down a path where quantum computing will affect many aspects of computing, not just cryptography. But we’re many years away from that, I’m certain.
But I could be wrong. Show me the evidence.
AI as a tool for mass surveillance
The notion is that Artificial Intelligence, especially in public spaces, is being used not just for security but for mass surveillance, profiling, and tracking of individuals beyond what is publicly acknowledged.
All I can say here is “maybe”… but perhaps not as all-encompassing as some might believe.
It’s no secret that AI is being applied to more and more situations as its capabilities increase. That it might be used on, for example, existing surveillance video and CCTV to, say, track a suspect seems plausible to me. That it might be used to track each and every one of us seems like an almost ludicrous overreach.
Again, I could be wrong, or this could happen sooner than we think. I look forward to the evidence.
Related
It Pays to Be Skeptical
If we would all be a little more skeptical, we'd be safer and the internet would be a more trustworthy place.“Three may keep a secret if two of them are dead.”
Attributed to Benjamin Franklin with an assortment of variations in circulation, this is perhaps the single biggest reason I’m so skeptical of almost all conspiracy theories and keep asking for evidence rather than hearsay.
I heard it first relating to the conspiracy theory that the moon landing had been faked. The number of people who would have had to keep the secret to maintain the cover-up was measured in the tens of thousands. In other words, the ability to keep that a secret, especially for this length of time, is so impractical as to be laughable. I know, believers have a rationale that side-steps the issue, but still… it’s a huge factor that I don’t think can be refuted.
The same is true for almost every conspiracy theory I’ve discussed above. The number of people required to cooperate on the implementation while simultaneously maintaining some awe-inspiring levels of secrecy is absurd.
It just doesn’t pass the sniff test. Or, put another way, “The simplest explanation is usually the best one.”
“There’s no conspiracy” is much, much simpler than “Thousands and thousands of people across the country and around the world were able to keep a pretty amazing secret.”
We fear what we don’t understand
Why do conspiracy theories exist? I’m sure there are plenty of reasons that psychologists and sociologists can argue about for hours.
When it comes to technology, though, my take is that our lack of understanding is at the root of a lot of our distrust.
Without knowing how the sausage is made (in gory detail), it’s much, much easier to attribute things we don’t understand to nefarious causes rather than more boring and benign ones.
Not that incompetence and stupidity are benign per se, but they’re not intentionally malicious. And incompetence — or even simple mistakes — and stupidity are much more common than you might think. Technology is amazingly complex. I’ve often commented that I’m amazed it works at all. The conspiracies that so many seem concerned about add a level of complexity that, in my opinion, just isn’t practically achievable.
Do this
If it sounds too good — or too fantastic — to be true, it probably isn’t.
If it feeds your existing paranoia or someone else’s agenda (and often their pocketbook), it’s worth being even more skeptical.
I have a conspiracy of my own: to make you more knowledgeable and more confident when it comes to computing and technology, subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Related Video
Hi, Leo,
In this blog, you stated rather matter-of-factly, “Microsoft already has access to everything on your Windows PC.”
That’s a new thought to me.
I agree that our conclusions should be based on evidence, and I’m wondering if you’d take a minute (or two) to share how you came to that conclusion.
Microsoft writes the code for the Windows operating system and provides updates and other fixes as well. Look at the Privacy and Security settings for Windows 11 and 10 and read Microsoft’s privacy policy. Microsoft does collect a certain amount of data from our systems to see how people are using their devices and how to improve Windows or update Windows to fix a problem. I’m sure Apple does the same.
Users can limit the amount of data Microsoft can collect but not eliminate it altogether. I rather doubt that Microsoft would make a change that would somehow allow it to monitor every key stroke and mouse movement. One, that would take a lot of coding to pull off and two, it would open up Microsoft to one heck of a lawsuit if it did so.
Look at it this way: If a guest comes into your house, you know what they are doing and which rooms they go into. How you react will determine whether that guest returns for another visit. Probably a poor analogy, but using Windows is along the same lines.
Microsoft has access because they control your computer through their software. Having access, in this case, doesn’t mean they are accessing your data. It just means they are able to.
You’re running the operating system that they wrote. By definition the operating system has the capability to see everything on your machine because you’re using it to work with everything on your machine.
Now, as to whether they’re doing more than just what you ask or what they claim is a matter of trust. But that OneDrive (for example) gives them access to “more”, is just wrong. If they want to go evil, they can use Windows, already on your machine, to do that.
“Never attribute to malice that which is adequately explained by stupidity.”
“Two things are infinite: the universe and human stupidity; and I’m not sure about the universe.”
attributed to Albert Einstein
I’ve seen so many poorly designed programs that indicate that what often looks like a conspiracy is just an idiotic design concept.
There is one real conspiracy, and that one isn’t a secret. Companies exist to make the most money possible for their investors. It’s required by law as long as other laws aren’t violated.. That has caused some shady practices by companies such as planned obsolescence.
Advances in computer capabilities are the reason for computer obsolescence, though. They aren’t truly obsolete as I have machines as old as 20 years running light Linux distros. If it weren’t for my work on Ask Leo!, I wouldn’t need Windows. Most people could do everything they need a computer for on a Linux machine or even a Chromebook, but many might be afraid of a Chromebook because of conspiracy theories.
Under “Smart Home Devices,” what about Wi-Fi-enabled photo frames? They give access to internal networks to anyone who has the app and generated code. Or maybe the manufacturers build them hardware-enabled for backdoor access. Workers at Boeing, Microsoft, the Pentagon, may have them on their desks. Could those devices access network traffic from inside networks handling sensitive data?
They could. Anything is possible. The question is — do they? Haven’t seen it happen yet. (There have been reports of IoT devices being used for DDOS attacks, but not for data exfiltration, that I know of.)
Smart home devices don’t usually come equipped with much CPU power, RAM, or data storage. After al, they usually have to fit into small packages (smart bulbs, video doorbells, etc.). The cost of making most such devices powerful enough to collect data about their customer’s activities or conversations to ‘send home’ would be prohibitive (It would cost more to design and produce such devices than the revenue they could generate by selling any collected data). Companies make products for one purpose – to make money, either for themselves, or their stockholders. Of course, this could all change after quantum computing becomes common place. The real danger I see in smart home devices is crackers (black hat hackers) finding ways to use them to gain access into our home networks, after which they may be able to compromise our routers and computing devices (including our smart phones) for whatever objective they have in mind at the moment (ransomware, identity theft, extortion, etc.).
My2Cents,
Ernie (Oldster)
You mention that “It would cost more to design and produce such devices than the revenue they could generate by selling any collected data.” It might not cost that much. I don’t see legitimate companies using those, but a hacker might.
Quote from Mark Jacobs:
“I don’t see legitimate companies using those, but a hacker might.”
I agree. I purposefully excluded crackers (Black-Hat Hackers) because this discussion is about what big business may do. Essentially, I believe that the costs of such data collection (when the cost/loss in revenue resulting from loss of reputation/trust, etc. is considered) would outweigh any profit from the collection itself, resulting in a net loss.
Ernie
Big businesses make billions of dollars. They would never risk their reputation by hacking our accounts. It’s bad enough they invade our privacy.
I agree and have heard these comments for many years. I have also seen them in action throughout our government as a whole and in the military management system. There have ALWAYS been “backdoors” for electronic systems and it certainly takes some very intelligent people to both write and then find them. Also, good to have a reminder that I can pass along to some of my doubting acquaintances about keeping secrets . DEEP STATE Haha !!!!
Today I went to get some gas for the car. I couldn’t because the pump (screen) insisted that I first enter my mobile number. I didn’t have time to experiment by entering a bogus phone number, so I drove away. Then I went to a big box store where they no longer have any human cashiers. At the automated checkout there is a camera looking at me.
So, I suppose no one if forcing me to buy gas or drive a car. And no one is forcing me to buy stuff at a big box store. Therefore, no one is spying on me.
Mark Jacobs is wrong. I cannot do everything I do on a Windows machine on a Linux PC. I enjoy using ancient programming languages written for Dos. Try that on a Linux PC. Is there a conspiracy at work? Am I being forced to use Windows? NO!
As usual, another great article from Leo, but not for the stupid.
Chris
How to run DOS programs in Linux
“You are not being forced to upgrade.”
Absolutely true. Hey, I still use my Commodore-128 computer from 1981!
Microsoft already has access to everything on your Windows PC.”
Again, absolutely true, but why stop at Windows? The exact same thing is true of every computer operating system, on every computer you now own, or have ever owned. Theoretically, it’s even true of my Commodore-128.
“No one’s preventing you from encrypting what you store online.”
I do this routinely. Not because I believe that Dropbox is spying on me, but just as
paranoiasensible precaution.“[T]he conspiracy theory that the moon landing had been faked.”
The two phrases that comes to my mind with this sad example of idiocy are: (1) “Never underestimate the stupidity of the American public,” and (2) (This one is from “Men In Black”) “A person can be smart, but people are stupid.”
The notion that it would even be possible to have faked the moon landing, strikes me as one of the most ludicrous things people have ever chosen to believe.
“Occam’s razor…”
“Pluralitas non est ponenda sine necessitate.”
However, like all blades, razors — especially razors! — are very sharp, and should be used with great care, lest you cut away rather more than you intend. There is a profound difference between seeing, and seeing through. C. S. Lewis pointed out that one cannot go on seeing through things forever. It is good that the window glass is transparent, because the garden beyond it is not. How if the garden was transparent, too? To go on seeing through things, is not to see.
Maybe it’s not a conspiracy:
Surveillance Valley
Yasha Levine
Hachette, 2018
Leo, your best column ever. (Or do I say that because you confirmed all my long-held thoughts.) Am going to send it to a friend who’s smarter than me but believes every conspiracy he meets. When I then send him proof the latest one is bogus, he doesn’t apologize and I never hear about it again. I attribute it to age, but I’m just as old.
Interesting article, that’s for sure. I do have some comments to share on several things throughout the article.
1. Amazon Echo: I have had mine suddenly say things like “I don’t know how to do that”, ” I can’t find that”, or similar things in response to a question in a TV program or conversation in the room, with my wife or friends. It’s certainly surprising and disconcerting when it happens, because it’s so unexpected.
2. Data collection: I tend to believe that at more data is collected than necessary. Also, the way it’s collected is not exactly comforting. That really does not inspire confidence that this collection is “benign”.
3. Forced upgrades: Years ago, when I was employed in a different industry, my co-workers and I noted that the industry seemed to have an interesting cycle:
—–
100 Software updates required additional
memory for new features.
110 The extra memory ( much more than
the new features would actually need ) was
then used by the gaming industry for their
games
120 When the next necessary update was
completed, more memory was then needed,
because the extra memory from the last
update is no longer available, so
200 go to 100
—–
I do believe that MUCH of the code written now for most PC applications is just plain sloppy. Too sloppy.
It’s too late at night for me to actually think like I need to for this, so I’m going to end here.
I don’t know if most applications have sloppy code. Many do, especially websites like Facebook that gets so much wrong with their user interface.
Never attribute to malice that which is adequately explained by stupidity, error, or failure. – Hanlon’s Razor
Great piece, thanks, Leo – it needed saying, we’ve all been crying out for a grown-up in the room, looks like you are that grown-up. Refreshing! Power to you.
I loved the US not being an authoritarian regime “(yet)”. We’re all struggling to hold our breath in my neck of the woods! Leo, do something!!!
. “In this blog, you stated rather matter-of-factly, “Microsoft already has access to everything on your Windows PC.”
– I noticed that too. Another conspiracy theory proved true!
– One of the 9/11 conspiracy theories may be true! The government’s conspiracy theory, or one of the others. I have seen incredible amounts of evidence of c…
– There’s a non-zero chance that one of the theories about a given question may amazingly be true.
– When they are conspiring, they may also devise several partly false conspiracy theories, so when the truth comes out they can say that has already been debunked!
“Maybe it’s not a conspiracy: Surveillance Valley”
That book definitely claims that it is! And it absolutely is!
– Now, which theory is correct, if any?
I’m not a conspiracy theorist, but I do think you may be underestimating the degree of individual specificity that is – at least sometimes – occurring with advertising:
https://www.npr.org/2020/02/07/803907447/how-digital-billboards-target-passersby-hint-its-cellphone-data
https://askbobrankin.com/is_your_smart_tv_spying_on_you_yes_and_heres_how_to_stop_it.html
Next step precrime?
It’s the difference between “we want to keep track of Karena”, versus “we want to show ads to anyone who passes by”.
Still can’t get that “reply” button to work . . .
Leo: agreed – exactly my point! And I still think you are underestimating the current abilities of (at least some) advertisers to track specific users (“At that point, he can track you and target ads at you very personally. O’Brien is very excited about this.”), and their desire and potential to go even further. This isn’t really a “conspiracy theory” – just a reminder of the importance of transparency and control over your personal data.
For example, I get personalized coupons from places like City Market and CapitalOne Shopping – they track what I buy, and send me coupons for items that I purchase/show an interest in. To me, this is a win-win, though I understand that different people have different comfort levels. What I don’t appreciate, is visiting a website that I’ve never registered with, browsing their products, NOT providing my email, and later receiving an email from that website *directly*, “reminding” me of what I was looking at. This has happened, and it bothers me because I don’t know *how* they got that information (ok, I kind of do) – but *I didn’t give it to them*. That is non-transparent, and I didn’t agree to it.
That happens to everybody, but it’s tracking, not hacking.
Why Do Ads Follow Me Around the Internet? (In part, to keep the internet free.)
Mark: Yes, but I’m not talking about ads following me, I’m talking about a company that I never gave my email to *emailing* me.
(In response to browsing I did on their website, not just random spam.)