 I think all of us, we can agree that we don't want to get discriminated by our privacy decisions. So will our next speaker, Kirill, tell us about the toll of personal privacy in 2018. Please welcome Kirill Soloviyovs and give him a warm applause. Privacy is dead. We hear that a lot recently. Some of us, especially people here at this event today, may think those are just bad guys, those are just naysayers saying what they want to be true. But aren't we fooling ourselves? Maybe privacy is actually dead. If we look at new products, new ideas appearing on the market, what we mostly see is that none of the products take security into account. Like, look at this nice tweet from, it's a valid account, the real one, People's Daily China from this year. What else can surveillance cameras do in classroom other than exams and provision? And they actually have this great system that they're really excited about, where, you know, they take a look at how students study. Here's a Chinese classroom in question. And normal, usual classroom, except of course we have a camera. We have a set of cameras set up in there. And how the system works is that teacher gets this automatic view of students sitting, studying how many students are there, are they paying attention, are they bored, are they happy, are they afraid? So imagine being in a classroom and not doing your homework. So you sit in the classroom, you haven't done your homework, and teacher sees that you're afraid. You don't want to be cold, you don't want to be asked to report on your homework. Teacher immediately sees that. And of course if you're sleeping after a party. I mean, there is a good intention behind that. Making systems more effective. Not only this example here, other examples as well. But privacy is what's always at stake. And privacy is what's never thought about enough in my opinion. But okay, if you look at the examples I've given, you know, that's just China being China. Europe doesn't do that for sure, right? Well, I thought that as well until I decided to take a look deeper and to make this presentation to share the state of the privacy with you. So let's look at visas. I travel a lot, but I try to avoid some territories. I try to avoid some countries because I don't feel particularly comfortable with a foreign government holding my biometrics. So that's why I've never been to the U.S. I just can't trust the government, let alone the president. That's there right now. But I just can't trust the government that wants all your 10 finger friends when you enter the country. What the hell, I'm not a criminal. Anyway, speaking of Europe. So I thought it's just something that U.S. does maybe some other countries. Japan, but Japan I think only does one finger or two fingers. However, what I learned is that for many different countries, many nationals coming to Europe, coming into Schengen, the process is quite similar. Before making this presentation, I never thought about the fact that those people also need to give their fingerprints to come into Europe, come into Schengen. So we aren't much better in that regard than the other countries. Okay, but you know, once again, as Europeans, and most of you here are Europeans, we may say it's not our problem, even though that's not a good thing to say, still. You know, we don't have to deal with that. But passports, we do have to have a passport, especially if you want to travel, right? So I'm going to tell you about Latvia. That's where I come from. So originally, of course, passports didn't have any biometric data in them, the classical good old passports. Then maybe 10 years ago, a change happened. And the government started requiring you to give up your fingerprint to sort inside a passport. Even though I'm a privacy zealot, I think that's a good thing, right? Because passport forgery and terrorism migration around the world where terrorists try to infiltrate different countries and bomb a building, let's say, that's something that is not a good thing, right? So passport, as long as the fingerprint is inside the passport, in a secure container, that's okay with me. But the thing is, so I made my passport, I got it. But the thing is, I had a suspicion that what they're actually doing is they are also storing the fingerprint in a database. So I asked around. Most countries in Europe have this equivalent of the US Freedom of Information Act, which allows you to ask what your government is doing with data. So I asked around and they said, yeah, yeah, we are actually also storing the hash of the fingerprint centrally in a database, not only your passport. I told them, hey, but that's illegal. You can't do that. And then they drafted the law. So we were having this conversation over postal mail for like two or three months and while we were doing that, they were quickly, really in a fast pace, making a law saying that they can't do that, that they can actually store the hash of the fingerprint. But turns out they are now storing the whole fingerprint, even though that's not what they promised. So, you know, it's not that simple. It's not that easy. It's probably even here in Europe. Of course, banks. Anyone here doesn't have or doesn't use at least monthly a banking card? Three people, four, okay. Four people and me. That's five people here in this quite large crowd. So you should realize, yeah, applause to the four people, of course. You should realize, of course, and I think you know that, you know where you shop. They know what you buy. If it's a large product, they can distinguish it by the price, right? You go to an car dealership and they know if you buy the premium model or the lower end model, right? Anyway, then of course we have online profiling. It's a thing all over the world. It's borderless. It doesn't matter if you're in Europe, if you're the US, you get profiled. Even if you don't have a Facebook account. Well, but luckily for us here in Europe, EU has fixed that quite some time ago. EU fixed that in May 2011. So what they did, they said users have to be notified of cookies. So that fixes it, right? Well, not really. But then seven years later, May, they love May for some reason. EU fixed that in May 2013, right? GDPR. Now we're safe, huh? Now we get this notice in addition to the previous notice. So, you know, we're trying to fix that really hard. It's not working yet. I do hope that the low, loud cases that are coming where big corporations will get sued for large amount of money will actually bring changes to that. But for now, we are still fighting a bit. Then we have CCTV. And there's one country in Europe that we still have this year that really loves their CCTV. And here are some actual posters, actual photos of actual posters. I mean, I could have taken the poster pictures and put it nicely, but I just want you to believe that it's a real photo. That's a real poster put up by the government in the UK. So they have this nice poster saying secure beneath the watchful eyes, right? Then they have this poster saying more CCTV means more security for you. And, of course, my favorite also, we are watching you. Okay, this one isn't real. I removed a couple of words from there, but it's basically what it says anyway, right? We're watching out for you. So that's what's happening. And they're selling CCTV as if it's some kind of great feature for you. Okay. But it doesn't really matter because everyone knows that privacy is for criminals, right? We don't need privacy if we have nothing to hide. Well, if you think that you should have that come placed in every room of your house and then we'll see what you think about that. Really, in fact, privacy is power. And this is a nice article from Politico Middle of this year. And it's quite a short one, but I want to share some key insights of what privacy is. Because people here at 35C3 almost all of us would agree that privacy is important. But when challenged by a guy who says that, can we really explain why is it important? So here this article tries to do that. It's been published one day before GDPR came into force. So this says, privacy is power dynamics between the individual, the state, and the market. Meaning that privacy is your lever that you can use when big corporations try to use you as an object. Then we have, as recent scandals have illustrated so vividly, privacy is also about the autonomy, dignity, and self-determination of people. So once again, you aren't the product, you are a person, and you have the right to determine what happens not only to your body, but also to your mind, also to your digital self. And finally, the third one. Data protection must seek to mitigate the inherent power imbalances between people and those that collect process and profit of their data. We didn't want the web to become what it has become today. We just didn't imagine 20 years ago that not paying for content online would bring the web 2.0, 3.0, whatever that we have now. We just couldn't have imagined that. We wanted to save five euros a month to be abused by data providers. Now, I will talk about some personal privacy choices that I've made during the past years while fighting for privacy. The turning point in my life was that I was using Facebook back then, and the turning point was that people kept tagging me. Yeah, I know it's bad, but it seemed like a reasonable thing to do. Anyone use Facebook here, by the way? No? Oh, man, half. Good luck with that. Anyway, so I was using Facebook back then, and the turning point for me was people were putting my information up without my permission. They would take a photo of me, or we would take a group photo, and they would put it on Facebook, as it's something natural to do, and they would tag me. I couldn't control it, I couldn't really live with that, so what I did was... I just stopped doing that. Anyway, so the next couple slides, or next 10 slides, let's say so, are going to be about my personal privacy choices that I've made. Some of those slides will have a red line going all over the slide. That means I have considered that privacy choice, but I haven't made it because of the cost of that choice. So my first choice, as you can see, it happened quite a long time ago, was the operating system for my computer. I was using Windows 98, which was the latest from Microsoft at that time, and then I moved to Ubuntu Linux. But not those guys started doing this crap. So as soon as you were searching for some files in your laptop, it would send your search up to the cloud. Let's say you were typing secret protocol from meeting two days ago here, and that would go up to the cloud, that text. So I switched to Linux Mint. It's not a big deal, it's not a big cost. I get slightly slower software upgrades because it's a derivative, a clone of Ubuntu, meaning that software updates are delayed by a couple days, maybe a couple hours. So that's nothing big, right? Then browsing habits. I was surfing with JavaScript and with Adobe Flash allowed, and now I surf without JavaScript with some exceptions, and, of course, no Flash. So what I get is that's how a page looks like to me when I want to open some pages. I want to shout out to Hetty, who was the previous presenter here for including this JavaScript thingy, JavaScript notifications page. You can take a look about how to use no-script tags in this presentation from CCC from two years ago. It's a short one, a lightning talk. But I get blank pages all the time, so I have a limited ability to choose my shopping provider that I want to buy stuff from. Then I'm going to show you a small video here. So this is me going to Google Recapture Test, filling a form and checking a checkbook that I'm not a bot. So what happens here? I'm asked to identify some straight signs. I do that a couple of times, but then I do it a bit more and a bit more. So it's not a joke. Even though it's... Okay, now roads. Even though it's recording, this is how life is for me on the Internet. It's... Even if I go to a regular page and, you know... Road signs are usually on the road, right? So if I see a road sign, it's... Okay, so click verify once there are none left. So, okay, done, right? But no, not for Google, not enough. So this is how it works through a story. This is how it works for me every day on the Internet when I just want to post a form. So it's a bit hard, right? So I was accepting and honoring all cookies before, and now I only accept temporarily first-party cookies. And big tracking giants do not like that, so they make my life difficult. I think I'm a bot. I don't have any Internet history, so I'll say it with me. It does take some time, but the funny thing about this is usually it takes just one minute, not two minutes of this video here. But... Oh, so... Here's a street sign, right? But it's a poster, so probably not a street sign. It's... But it was the first attempt at recording the screencast. The first attempt I got this here. And do you have to actually click the ones that are just part of a sign or not? How does that work? Anyway, it should be over soon. I should be over to submit the form fairly soon. Just some more street signs, and I think we're done. I hope they're not using that for self-driving cars. That would be terrible, because it sure seems... Oh, yes. So, hooray. We managed, yeah. We managed to submit. And once again, through story, maybe not two minutes, but one minute, that's how I submit forms online. That's how my life is. I spend a lot of time there. Luckily, I'm a poor user, so I make up some of that time typing fast. Then, emailing. I used to use HTML emails. Anyone have heard or have used HTML emails here? Maybe using still? Yeah? Most of you, right? Anyone not using HTML emails? Wow! Half and half, right? Great. So, you know, normal people hate that. They receive this crap here, and they think, where's all the formatting? Why don't you have, like, a header at the beginning of email? Why don't you use lime and pink colors in your text? What's wrong with you? So, well, they hate me, but that's okay. That's a minor price to pay. Problematic thing is emailing. So, I used to simply use a public email service. Now I use my own domain. I've been using my own domain for 20 years now, I think. 15 years. 15 years. But Gmail users never get my first email. I have configured all the obligatory RFCs for my email domain. Gmail users never get my first email. Never send spam. IP address has been the same for the 15 years. No one knows that since, you know, good old times when you could get an IP address that's not been used, IP address that's not been used. Anyway, it always goes on this spam. You have to call people up and tell them, hey, you know, check spam. You have an email. Then using my phone. So, this is a thing. I had Siemens 665. That was my first phone with the color screen. It was a feature phone, Java. And then I moved to Nokia 3330. It's a real thing. I did that. I had it for, like, until five years ago. Then I moved to iPhone. My first cost was that I couldn't get properly encrypted communications. All I have on that phone is a mild assurance that people are not eavesdropping on my communications in the room. But when I actually call someone, I cannot get proper encryption. It does the old standard, right, AFI-1. It doesn't support AFI-3. So, that is a bit problematic. That's why I actually have moved away from this solution and just use it as a secondary phone and use my iPhone to communicate in an encrypted manner. Then, of course, if you have iPhone, you have mobile apps. Five years ago, I was just getting my first one, so I didn't have a smartphone back then. And what I do, I manage my permissions carefully. I do not give GPS permissions, I do not allow them to access contacts. I do not allow them to access microphone or camera. So, that means I'm fairly safe as long as I trust the operating system. The thing is, many apps will either not work without giving them enough permissions or will work badly. So, I'm forced to use WhatsApp. Don't say, don't boom me, but I'm forced to use WhatsApp on apps. And, of course, I'm not giving it my contact permissions. So, how do I start the chat? I go to my iPhone dialer, the classical one. I dial the phone number, the country code, I dial it, I drop it, I got recent calls. I hold button on call. WhatsApp appears, I press WhatsApp, I call on WhatsApp, I put that down. I go to WhatsApp recent calls, then I take the entry, then I start the chat. Yeah, there you go, you can do that as well. So, yeah, that's how it works. But some apps don't work at all. Like, we have these taxi apps, like Uber, back in Latvia, and I was trying out a new app, a new taxi app that's just coming to market. I was going to a conference, so I was going to the airport to fly away. I installed the app. I didn't provide any data. Didn't give it any permissions, no GPS nothing. I draw there. I see the driver of the taxi app. So, yeah, I'm going to go to the airport. I have five stars, which is the maximum for the ride. I do the same. I turn my phone off because I was flying outside EU, and I come back a couple of days later. I turn my phone on to order a taxi back home from the airport. Message greets me that your next taxi ride may happen no sooner than December 31st, 2022. Social networking. As you know, I was using Facebook. I was using IRC. Nothing wrong with IRC, of course, but it's a bit hard to use in 2018. So I'm using XMPP, wire, Twitter, stuff like that. The problem here, the cost is limited to social circle and social exclusion. I have to pay for my choices with less people in my life. I can communicate to just some amount of people, not the whole circle of friends. For example, me and my friends, we're planning a New Year's party for the 31st, back in Riga. The thing is, it was being planned on Facebook and I'm not on Facebook. And I was the one that wanted that party the most and it's not going to happen because I'm not on Facebook, everyone else was like, let's just not do anything this year. It has actual real-life consequences. Resocializing, right? So after being put in this situation where my social circle shrinks rapidly and persistently, I decided I need to resocialize. So I installed all the apps, all the communication apps, like, for example, Telegram here. What I do is, I buy a phone number. I come to a conference in Germany or in Serbia. I buy a phone number, like a prepaid card, I register it and, you know, because they are asking for a phone number, except wire, which doesn't ask. So the problem is that your accounts can be taken over when someone else gets that phone number. The good thing that I learned making the presentation is you can actually use Telegram to take over your account unless they know the five, six-digit or a passcode for your account. So that's my solution there. This is actually quite good. Then other people's apps. So people keep giving away my information to different companies even though I haven't authorized them to. Well, the obvious solution here would, of course, be to have private caller ID or maybe take them to court, but you wouldn't want to be taking them to court. So I haven't really implemented this either, even though I do have private caller ID, the problem is it's not enough. So you do have to actually threaten to take your friends to court, which I'm not doing. I'm not that bad of a guy. Well, you know, Facebook still knows your phone number because your friends have given it to them. Same for me. So I think in a photo, I really enjoyed that. Well, when all the Facebook saga happened, my personal one, not one of the large screws that they've had this year. So I decided, you know, the easiest thing, since you cannot really be suing your friends, you can just not be in a photo. So that's what I do. I try to avoid photos because it's much easier to do that than to control whether your friends will think it's appropriate to put the photo on Facebook or on Instagram or whatever, right? So now I'm just taking the photos. I'm always a photographer. If you're at a party and you need a photo taken, I want to take your photo. Obligatory GDPR slide is 2018, so GDPR is the hot stuff right now. Companies were mishandling my data all the time before. Luckily for me, I come from Latvia and we've had a GDPR local national alternative for the past 15 years. Actually, when GDPR came, it only changed two things in Latvia. The fines got really, really big and it's not that easy to compel government to work with you to protect your data because GDPR has specific exclusions as long as the government publishes a law saying that it's legal that we mishandle your data, they can do that. Our previous legal framework in Latvia didn't allow that. I actually got a senior police employee fined 300 euros because I sent them a data request saying, hey, I'd like to know what the police knows about me, which was perfectly fine under our national legislation. And they said I'm going to get a letter like one paragraph. We're the damn police. We don't have to tell you shit. So I went to court. I won. There were fines around 300 euros. Turns out they had to. Now with GDPR, they will not have to do that because they mixed up the provision, right? The thing is, if my company is compelled to give some data about employee, for example, to the police , I can't tell them that I gave it to the police. But at that moment there was no exception for the police itself. So employee could still go to the police and ask what data you have about me. Anyway, so now we have GDPR, which is cool. And now what we have is companies are lying to me that they are not mishandling my data. I ask them, hey, have you mishandled my data? They say nope and delete the data quickly. But they are lying to me that they are not mishandling my data. They are lying to me that they are not mishandling my data. So the cost here is, of course, I take a lot of time. I'm not a lawyer, but life has turned out in such a way that I like or, well, I've learned to like to write legal documents. So I sit and write lots of letters. Just coming to a conference, a different one in Riga airport, they confiscated 30 cents. So what I did, I wrote them a letter saying that, you know, I need you to pay me back 30 cents and 140 euros for writing the letter. And please donate that to some fund in my name. They said no. So I just got the answer a week ago. We will have to see about that anyway. So I get lots of you don't have anything better to do. Questions, right? You just got this company because they have mishandled your data and they're surprised to see you. They're not used to spamming people. They're not used to spamming people and then having victims of the spam show up in their office. But that's what I do. And they're really surprised. So, you know, then visitors. So I sometimes have friends over. I do have friends and I sometimes have friends over. And what happened once, a guy comes into the party and he pulls out his phone and so he asks him what's the name of your Foursquare thingy. And I don't know what he's talking about. Apparently he wanted to check into my home so other people can see that he's at my home. I explained to him that, you know, I don't have that stuff. He said no problem. I'll take care of that. And he started making the checking point for my home. And then we came to an agreement that he registers the point 400 meters away from where I was. And what I do now is I only have like a close, trusted circle of friends, like 10 people that I invite to my home. This is of course a problem because every time I go abroad I bring the national drink back so it just piles up. And I need to get a larger flat now. Loyalty cards. I've used to give my real information to the companies when using loyalty cards. I still do that. The thing is, I can't tell about Germany, but back in Latvia it's not a crime. It's not a criminal crime to do that unless it's not government. As long as you give fake data to a company and you aren't gaining benefits you're not entitled to, that way it's perfectly fine. I was actually a victim of a data leak. My name and surname got leaked in one of them. I was smart enough to give them all the other data wrong, but now I don't even give them my real name and surname. So that's what I do. The problem here is that if something happens and I want to request what happened to my data, I cannot because I'm not John Dole. I'm Kiddles and the name on the file is different one. We had paper based discount tickets and four students. I was a student. I had a paper based discount ticket like that. This is 14 let's, it's about 20 euros and you could write a whole month. Then they created this thing, this is an RFID card. So now if you don't want to get tracked, you have to use paper based one-trip tickets without discount and if you don't want to get tracked, you don't want to get tracked. So that's the difference. It's 6.5 times more than actually having the discount. So it's actually a huge cost to bear. And to make matters worse, what they do, what the company, the local government company does, they actually publish paper based tickets. But we managed me and some other guys managed to correlate, we managed to actually take the public database and put name and surname to each of the entries. So it's not, this is my solution. Two euros per trip. If I had that, I would pay 30 cents per trip right now. So it costs a lot. Now it's convenient when it works if it doesn't too bad, but there are some countries that don't even accept cash proper. That's in some cases. Many countries would not accept a 20 or 50 or larger euro bill to buy a transfer ticket, but they do accept cards. So that is why I actually have prepaid cards. I pay cash and I use prepaid cards a lot. So one of this is my gold customer status is unusable. So the bank that I've used a lot, now I lost the status actually because I don't use it almost at all. They decided to give me gold customer status either because of the amount of the transactions or the amount of money. So I come to the bank and one of the privileges of gold customer is you can skip the line. So there's this thing. And I go to the nice lady that's working over there and say I'm a gold customer, I need to skip the line. She says sure, just take your card and swipe it at the device. I don't have a card with you. I just have the account. She says sorry, then you're going to have to send in line. So there are some small hiccups, right? But booking flights and hotels is of the most cases. I never managed to rent a car, but I think it should be doable. There are some companies that will take a cash deposit, a large cash deposit. And the local Uber taxify in Latvia blocks all my cards. As soon as I have the card, I just block it. So we're currently in the legal process of fighting them about this. Last thing they requested is that I send them a taxi. I tell them if I wanted to do that, I'd go on Instagram. So we are still fighting over that. Then CCTVs. Obviously, CCTVs are everywhere. You cannot walk in a major city from point A to point B or inside a major store without being filmed. Obvious solution is to wear a mask. Now it could work. I mean I've done that to some extent because I ride a motorcycle and I have to wear a mask to keep myself warm. So when I take my helmet off, I leave the mask on because it's still cold. Some people don't like that. Security guards look at you funny. Sometimes they ask you why you're wearing a mask. You told them because I'm cold. Then they go away. Sometimes they ask you to go away. I wasn't wearing a mask in the first place. I went to the shop with my huge luggage and I asked the security guard at the door, can I leave this here while I go deeper into the shop? And the reply surprised me. He says, you can't leave it here, but could you please open it up. We need to take a look. It was the last day of the trip I was going to the shop. Thank you. I left the shop so security guards have a job to do, but daily, of course, you would not be wearing a mask. It's socially super unacceptable. Additionally, multiple countries have implemented bands on wearing a mask. Unfortunately for me, people like me, and the people directly affected, this is because of some fear that, you know, we are all going to start looking differently than we are right now. And people like me are also affected by that to a lesser extent, of course. Then biometric passports. I already told a small story about how biometric passports came to be in Latvia, but I did try to avoid giving my fingerprints. Now, not giving your fingerprints would, of course, be in Latvia. So me and my nice, my friend who recently got a PhD at MIT, now he's in the US, when biometric passports were created in Latvia, we decided we don't want to give up our fingerprints. So we had this strategic meeting. We came to the meeting, we were sitting and thinking, how do we get the new passports without giving up our fingerprint? I opened it and we took the top two. He took the top one idea, I took the top two idea. What he did when getting his passport, applying for his passport, he asked a friendly doctor to bandage both his hands like that from here to here and went to get the passports. What I did, which was top two in our ranking, was I decided to imitate a painting of my friend. So I mixed Cyanochrelate, which is a base component of Superglue, with blackmarkering. And then I just dumped all my fingers in there because the scanners in Latvia are optical, which means it just takes a picture basically and then processes it. Well, it worked for him. He got his passport, even though now he lives in the US and he doesn't have a passport. So I went off. I come back in five days. Apparently, employees are more sensitive towards people who have medical condition instead of people who work with color a lot. So, finally, creating photocopies of my IDs. I used to reply to the request. Can we copy your passport, sir? No, I just say nope, nope, nope, nope. You cannot copy my passport. And it has some consequences. So I cannot use Revolute N26 or for some reason Taxify, which is the Uber clone, because they require you to send this picture and the copy of the passport. Luckily, it's illegal to copy a passport in Latvia unless it's done by a bank or by a university, which is a strange list of exceptions. People are getting annoyed. So there are some really nice people, genuinely nice people, and their boss just told them you need to copy the ID of the customer. And you don't want to have this conflict, but you don't feel comfortable giving them copy of your passport, right? Because the thing with the passport copy is there are some people who would indiscriminately allow you to do things just with a copy. They would just allow you to take a loan with a copy even though it's a reality. Once, in Belgium, I had to call the cops. So I was checking into a hotel in Belgium, I gave them my ID and I explained how important it is that the ID is not being copied. And I verified and the clerk said, yes, we will not copy your ID. So I give the ID that he types, types, types on the laptop, on the computer, and he grabs my ID by his keyboard and runs, running to the back room to copy it. I calmly take my phone, call the cops. My ID was stolen. Can you help me out? So then we had the cops, we had the hotel manager there, we had a party, they destroyed the copy and everything was fine. Since then I carry my ID on a leash. So when I'm checking in, I have a leash, a strong one, so it saves some time when you don't have to call the cops. I have also been called an asshole by a banker. So the thing is banks are an exception and they can copy your ID. But my bank decided they want to scan my ID. You might say I'm being petty, right? What's the difference? But the difference for me is, on a photo copy I can write with a marker, this has been handed into bank 1, 2, 3. On a scan I cannot do that. So since they insisted on scanning my ID, we spent 3 hours. So I arrived at the bank 10 minutes before closing time because it was a relatively simple operation. But we spent 3 hours, so 2 hours in a bit after the closing time working with them to resolve the situation because I really needed to do the operation that they had to pay my taxes. It was a large sum, so I had to increase the account limit. So privacy is not dead. But privacy is dying. We have to do something about it in order for it not to die completely. So the final tally is socially, if you want to provide enough privacy to yourself, you will have some communication challenges. It will be harder for you to communicate with your friends. Your friends and society as a whole may disapprove of what you are doing and how you are handling the situation. Your social circle will be not as large as it can be. Financially, you will have limited choices online. So you will only have some shops that work with your JavaScript. You will have limited lists of hotels that do not ask for a card to book it. And travel will be limited to the companies that either accept a friend's card for their travel or accept a bank transfer. Your transportation cost may increase up to sevenfold. Technologically, you will need much more time to do the same things as a normal person. You will also not get to use the new technology at the rate as your peers will be able to do that. You will probably not be part of the Internet of Things craze, which is a good thing, but still for some it may be a cost to bear if they decide to go this way. And finally, you will have no access to your own data if you register an account on a fake name. And you will, of course, not have international travel if you don't have your passport. By the way, if you're not accessing your own data, I know that at CCC usually there is a stand where you can make unofficial 35C3 ID using whatever name you like. I think it's highly illegal, but there is a stand in case you want to take a look at how the process happens. So finally, privacy is priceless and we need to do something about preventing it and preventing it from dying. There are couple things that we can do. First of all, we can contact legislators and explain to them regularly how important privacy is to us. I know that many of skilled people in IT are working in social communication matters. That is because they have dedicated their life working in IT, working to raise their experience in IT to a high level. So if you can't lobby, you can complain on social media. That's easy. Just keep mentioning all the important guys. Or you can watch my presentation on my website over there. If you're developing a system, you should make sure to develop privacy-conscious systems. You should make sure that the systems take privacy into account. If you're not a developer, demand that your developers do that. Ask them that you need the system to respect privacy. Refuse to use a system that's not designed for privacy. You should not be complicit. For yourself, you have to ask for your privacy to be respected. And finally, remember that doing all that will make you an example to others. And that will allow you to lead by example and save privacy for all of us. Thank you.