Inuk Blog

It's been a busy week in the world of privacy, from Facebook telling a packed F8 conference that they will be respecting user privacy going forward, to Google announcing new privacy tools that will delete history after a certain time. These promises are all quite amazing, but what do they really mean for users and their privacy? This is part one of three posts in a series.

First of all, I'd like to clear up some general misconceptions about how these companies work. They do not explicitly sell your data, no, because the data of an individual user is what is valuable to the company. It's like if Pepsi sold the formula to the product rather than the product itself. Rather, they sell data sets based on grouping people together and observing the trends. Then once the data collector observes a trend, they sell this knowledge via ad space or marketing suggestions. Alone your data is mostly innocuous, the comings and goings, purchases, and day to day contacts of the average American would not be very interesting. Rather, they get everything they can about everyone they can and pump it through some data analysis and learn things like; white men between 20-30 years of age purchase this deodorant at this frequency. With that information, a company like Axe can learn how to alter their formula to make men buy more products more often. This information is invaluable to marketers and researchers. A vast majority of Google's Revenue is its ad business (around 80%) Now this is where you say, "But doesn't my data then provide me with a better service and as a result better products? So its a fair trade off?" Sadly the answer is no. The targeted ad business is booming, and the ones selling the data want the buyers to believe it is invaluable. This leads to more ads, more targeting, more clickbait, all to push revenue as high as they can. Some websites are so crowded with popups and banner ads that users are turning to ad block just to be sane. It only gets worse, now advertisers are testing facial recognition technology to show specific ads based on what they can determine based on your features. How much are we going to give up just to get better ads for better toothpaste? There has to be a point when people just throw their hands up in frustration right? Nope, turns out most people think that their data is unimportant or safe. How can that be the case when facebook increasingly loses valuable data to hacks and unencrypted servers? Now we see them promise, again, that they will change how they capture data and store it. How can we trust them?

Ok, you then think, "So what? I'm still getting services and products, privacy is not a concern for me. As long as I can search the web for anything and connect with anyone in the world, I think it is a fair trade." This is one of those things I cannot teach. You as a person must make the decision to want privacy and security, as long as you hold the mentality that privacy is dead, then it truly is. Losing control of internet accounts due to exposed passwords in a server or mass hacking of user information can be devistating. The most popular passwords in the US right now are just laughable. Using any personally identifiable thing as a passcode or password is asking for trouble. Then on top of that, people tend to reuse their passwords, creating the perfect storm, one exposed account leads to easy access to your entire life. Proper internet hygine requires some work, but is massively rewarding with peace of mind. Through all of this you might have noticed very little mention of Google, or links to their issues. Thats the thing, Google actually seems to care about the security of the user data that they collect, and they collect a lot. This data is so valuable that being trusted with it is paramount to their success as a company. That being said, privacy advocates, including myself, warn against overtly trusting Google. Just because it hasn't happened yet, does not mean it won't. There was a time that Facebook had not been compromised as well, and it will only take one big data dump for Google to lose a lot of the trust they desire. Well, at least there were only 3 active users of Google+ when it was compromised. They have promptly promised to shut the service down because of it. Google is guilty of the same tracking as Facebook, if not more so, because they own most of the ad agencies online. If you use Google services and don't have proper tracking blocking set up, Google can know where you go, what you buy, who you see, where you stay for how long, who was with you, what card you used for a purchase at a gas station, what hospital or clinic you visited, where your mistress' home is, etc. All of this data is taken at massive volumes per person and stored in a server with your name and IP address attached to it. On top of that, they collect more data depending on what device you use, allowing Google to get 10X the data of an android user vs iOS user.

This massive amount of data collection for one company, let alone storing it all together in their servers, leads to a massive risk. Imagine if a company said they would keep the world safe by storing all of the nuclear weapons, launch codes, and names of the enemy in the same building, would you feel protected? Apple, and Google to some extent, exercise a practice called differential privacy to hide user data amongst garbage data sets, then encrypting it locally. This means that even in the event of a data breach, there is little chance of a bad actor tracing data back to the end user. Apple does this with all of their gathered data about users and it is detailed in the linked report. I am not aware of the same practice being conducted to such an extent by any other company.

This is all to say that your privacy is at more risk than ever. I am not asking you to delete Facebook, quit Google, move to the country and dig a hole to die in, but I am asking for some more awareness and intent. Think about what you use and what you share, and find more private services online. Actually learn to skim through privacy policies to ensure you are not getting into deep water. Privacy is not dead, and it won't be as long as you and yours fight to protect it. This is part one of three in my privacy series, next up: Band-aids for Bullet Holes.

Tagged with: