Who’s Watching You When You’re Watching Porn?

The next time you visit an adult site, look for that “lock” symbol in the browser bar.
01/31/2017 02:12 am ET Updated Jan 31, 2017

In the past few years, billions of internet users have gotten their sexual information and sexual entertainment from free tube sites. But what seems free really isn’t. A recent report by the Center for Democracy and Technology revealed that many free porn sites are unwittingly broadcasting your personal information, including which videos you watch, and which terms you search for, to hackers, neighbors, spouses and family.

That’s because most tube sites don’t use HTTPS, the security protocol (the little “lock” symbol you might recognize before a web address), which means the information being shared is being encrypted. As a result, anyone using a shared wifi network, like in a college dorm, a hotel, or on a home network, is broadcasting any usernames and passwords associated with the account, and the specific pages you’re looking at, to anyone with the tools to listen.

I know because for the past several years, I’ve worked for xHamster, one of the largest free adult sites in the world. We get more visitors each day than either the New York Times or CNN, and have attract millions of users each day from nearly every country on earth. We even get millions of visitors from places like Russia and Saudi Arabia, where pornography is (supposedly) banned entirely. That’s one of the reasons that we became the first major tube site to fully implement the security features.

We operate in a lot of countries where porn is illegal. Where being gay is illegal. Where women learning about sex is illegal. Where women uploading naked photos can be punished by death. We realized that by operating an non-secure site, especially one that focuses in user uploaded “amateur” content, that we were endangering users across the globe.

This isn’t an issue that is limited to religious theocracies. Just this past fall, the UK passed the Investigatory Powers Act, the so-called Snooper’s Charter, which allows government agents the right to eavesdrop on any site you visit. In the US, the sweeping surveillance powers of the Patriot Act give our government wide latitude as well. If you think this couldn’t be used against you, think again.

Everyday users may not be worried about producing ‘kompromat’, the blackmail material Russian agents allegedly had on Donald Trump. Unfortunately, the everyday applications of this data insecurity are far scarier. Think about Tyler Clementi, the closeted college student who killed himself after his roommate filmed him having gay sex. Think about the revenge porn hack of Jennifer Lawrence and other celebs. Think about a conservative parent, or a divorcing spouse with access to your porn habits. When you’re visiting an insecure site over wifi, that information is available to anyone on that network, including what you watch and what you upload.

The mainstream news media often focuses on hacks where usernames and passwords are stolen, or where credit information is compromised. We should be paying attention to that as well. The good news is that most major retailers, and many major adult sites that are subscription-based, do now use the HTTPS protocol.

But most of the free sites still do not. That’s may not be a big deal if you’re a news site, or a blog, but it’s a heck of a big deal if you’re a repository for people’s sexuality and secret desires. Many sites fear that switching to HTTPS will hurt their rankings on Google, or be costly to implement. We’re not saying that it won’t, and that xHamster didn’t suffer when we made the decision to implement the features. But we’ve always seen ourselves as a different kind of company, one that finances sex education, and speaks out about injustice. At a time when we face a major backlash against sexuality worldwide, it’s our corporate responsibility to protect our users any way we can.

The next time you visit an adult site, look for that “lock” symbol in the browser bar. If not, close the browser. Then, get on social media and ask that they implement HTTPS protocols. Not only are you preserving your own privacy, but by pressuring companies to step up their security, you could be saving a life for someone in a far more difficult situation.

CONVERSATIONS