A CLICK here and a comment there.
For most of us, popping on the internet is part of everyday life.
But now scientists are developing a powerful new programme for the security services to sweep up every scrap of data we have left behind.
The software will be able to target individuals and harvest the tiniest scraps of online information about them and then pull them all together into a single file.
Computer experts at Dundee, Strathclyde and Edinburgh Universities have been given a £750,000 grant for the three-year project.
The prototype gadgetry is being billed as a defensive weapon to help prevent foreign powers and criminals compromising UK spies.
But campaigners say the capability could quite easily be turned around to spy on us all.
News of the project comes in the wake of the recent scandal around Cambridge Analytica, the tech firm which downloaded and sold the Facebook data of up to 87 million users.
For many members of the public, the furore was the first time they realised that a life lived online is actually far from private, especially when there are companies willing to gather personal data and sell it to the highest bidder.
Now the latest venture raises the spectre of MI5 using advanced data-mining technology to build profiles of individual citizens in secret and without any regulation, it’s claimed.
Dr John Welford, Edinburgh-based data privacy campaigner, said: “Following on from the antics of Facebook and Cambridge Analytica, it must surely only be natural for people to be suspicious of these plans to develop techniques for collecting, linking and sharing of people’s personal data.
“My particular concern is that the tools, developed ostensibly, for example, to assist the individual, will in due course end up being used for surveillance of the population at large.”
The project, which gets under way in September, is entitled Cumulative Revelations of Personal Data. Documents showcasing the venture reveal that researchers will be looking at “small, apparently innocuous pieces of personal information”.
The team, which will also include academics from Northumbria and Lancaster Universities, will be testing their software on staff at Royal Bank of Scotland, one of the partners behind the project.
The other named partner agency in the research is the “UK Government security agencies”.
The tool “maps out a portrait of a user’s digital footprint and reflects it back to them (enabling) individuals to understand the cumulative nature of their personal data”.
Lead investigator Wendy Moncur, professor of digital living at Dundee University, said: “A lot of our online behaviour is still like someone walking along the street with their briefcase open and various items dropping out of it and leaving a trail of helpful litter, all of which could be picked up by anyone. Individually, each piece of information might not tell us much, but collectively it can be used to build a picture of a person and their life.
“What this project aims to do is create a tool which can reflect back to people all of the content they have left available across social media and online.
“That tool can also be used by employers for assessing issues of reputational risk, safety and potential fraud.”
UK agents are often recruited from universities but chiefs fear that this first generation of millennial operatives could be compromised by the trail of data they left behind on the internet before they even signed up to the security services, giving away details of their friends, hobbies, habits and previous whereabouts.
However, the project documents state that there will be “opportunities to share research insights in ways that enable them to be operationalised by stakeholders”, raising fears of mission creep and that the likes of MI5 could use the technology to profile members of the public.
The university wouldn’t give any details of how the new software will work.
But data expert Rob Kischuk, of US marketing company Converge, suggests the key to it may include the ability to link up pictures and other data across the internet.
Each message, online signature or photograph is unique and contains a digital fingerprint called a cryptographic hash.
Mr Kischuk said: “What you can’t currently do very effectively is search across the internet for matches for a particular hash. But if a piece of software allowed you to do that, you could track people across their use of social apps.
“For example, the dating site Tinder and the travel organiser Airbnb use a person’s Facebook account as proof of identity.
“But then the person’s Facebook photo turns up as their photo on Tinder and Airbnb and that then opens up new avenues to explore for data about a person.”
The research is being funded by the Government through the Engineering and Physical Sciences Research Council.
Dr John Baird, the Council’s digital economy spokesman, said: “The advances in the interconnectedness of devices, data and people present both opportunities and challenges.
“Recent news items around how personal data can be obtained and used highlights the need for research that can understand the complexities of socio-technical relationships while also safeguarding the integrity and usefulness of data.”
In April, it was revealed that Police Scotland had been piloting devices that can download all information held on a mobile phone without the owner’s knowledge.
So-called “cyber kiosks” were used to access 375 phones and 262 Sim cards during investigations of low-level crimes.
Chiefs have since ordered 41 of the gadgets.
The Home Office – which is responsible for the security services – failed to respond to requests for comment.