When it comes to our online privacy, most of us are willing to sacrifice a lot in return for the services we get from companies like Google. I’m the first to admit that I usually just click ‘accept’ on the Terms of Service without reading any of the fine print. Many of you probably do the same. But a must-read New York Times Privacy Project article has me rethinking the way I share my information with apps and websites.
The companies we allow to access our data all say that our security is their utmost priority. They promise to protect our data, and for the most part we blindly trust them at their word. What this article highlighted for me was not just the threat that comes from data breaches, it was the very real and rather frightening ways that companies can legitimately use our data – particularly from our smartphones – to learn so much about us. They can easily piece together a very accurate picture of who we are, where we live, where we work, what we buy, how we commute and so much more. In fact, there’s a whole industry built around buying and selling data under the pretense that we can’t be personally identified by it. The reality is very, very different.
Here’s just one example. Advertisers commonly access the unique mobile advertising ID on our smartphone and combine it with demographic information that they can easily purchase from other sources. These identifiers, including ZIP codes, age, gender, phone numbers and email addresses, can be used to build a very accurate profile of us. We’re told that advertisers need this kind of information to ‘personalize’ the ads we are served online. But when multiple datasets like these are combined, the risks to our privacy are amplified. As the NYT article points out, any protections that existed in anonymized location data quickly evaporates when companies add one or two additional sources into the mix.
There are dozens of companies that collect users’ location information from software that’s surreptitiously hiding in applications on our phones. It could be any kind of app. It could be a weather app or even a popular social app like TikTok. This location tracking software is constantly transmitting information about where we spend our day, who we visit, what shops we frequent, and even what kind of medical treatment we might be getting. It doesn’t really surprise me that there’s a gray market for this kind of data, but it blows my mind to find out that many of the companies we trust are actively involved. AT&T, Verizon and T-Mobile have all been accused of selling user location data for profit, and only in the last few months have they agreed to stop this practice after being sued.
Let’s think about this from a different perspective. Most people are wary of a big brother government with sweeping powers to monitor and control our activities. We wouldn’t want the government to track our every move, so why do we readily allow companies to track us? When push comes to shove, corporations have far less oversight and accountability than the government.
“Every minute of every day, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are logging the movements of tens of millions of people with mobile phones and storing the information in gigantic data files. The Times Privacy Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles.”Stuart A. Thompson and Charlie Warzel
New York Times
For me, the takeaway is simple. The benefits of being served personalized advertising or location-based services just don’t outweigh the risks of letting companies collect so much information about me. The companies that collect this information about you and me qualify their existence by claiming that we consent to be tracked, that the data are anonymous, and that they keep the data secure.
The Privacy Project found, however, that none of these claims is true. In fact, to test how untrue this is, they followed military officials as they drove home at night. They tracked law enforcement officers as they took their kids to school. And they watched high-powered lawyers (and their guests) as they traveled from private jets to vacation properties.
Again, it’s shocking that none of this kind of behavior is illegal. The only thing stopping a company from doing this is its own privacy policies. As we saw with cases like Facebook and Cambridge Analytica, companies that claim to only share user data with a select group of trusted partners are probably fooling themselves if not us.
I get it. Companies like Facebook don’t like to be regulated or have a watchdog body overseeing their actions. But if they don’t like it, why should we? Should we take these companies at face value and blindly trust that they have our best interests at heart. Absolutely not.
And on a larger scale, just think how tempting this kind of power must be for less democratic countries like China, where camera surveillance is already widespread (although you may be surprised to learn that the US is not far behind). It certainly doesn’t take a stretch of the imagination to imagine that the Chinese government might use location data to track and identify protesters in Hong Kong, or the 11 million Uyghurs living in the Xinjiang region.
At the end of the day our privacy is only as safe as the least secure app on our smartphone. So it’s up to us to be more proactive and vocal about our privacy. Check out the Privacy Project’s list of practical tips to protect your data, by turning off some of the location tracking capabilities. Our connected world means that so much of what we do relies on sharing information, but that shouldn’t come at the cost of compromising our privacy.