As long ago as 1999, Scott McNealy, the CEO of Sun Microsystems, told reporters: “You have zero privacy anyway. Get over it.” Others, including the top executives of Google, LinkedIn and Facebook, have since said much the same thing.
They are right.
Privacy in 2011 is a matter of nostalgia. In the past two months, Facebook introduced “frictionless sharing,” Verizon told customers it could share their location and search strings with advertisers, and two members of Congress have called for the FTC to investigate “supercookies,” which track your activity across multiple websites and are difficult to detect and remove. These developments signal an accelerating rush to compile, index and disseminate personal data in the digital age.
There are several reasons for this, but the most important is corporate profit. Many people freely surrender personal details on social media sites or in exchange for a discount. Government agencies monitor and catalog a dizzying array of personal information, from biometrics to travel history.And a huge reason is what security expert Bruce Schneider calls “the rise of Big Data.” This is the emergence of huge data brokers such as Axciom, Reed Elsevier and Eloqua, and more familiar suspects such as Google and Facebook. Such companies make a business of packaging and reselling information about you to marketers.
Even if you live alone in an isolated situation, you leave a trail of information every day. Consider a typical routine in contemporary America:
Morning
You make your first cellphone call of the day: Your service provider knows who you called and for how long. At the same time, your phone regularly pings cell towers so that somebody can tell almost exactly where you are. Although this can be handy in search-and-rescue situations, companies such as Retina X Studios sell software that lets anybody snoop on your location and message traffic.
Further, carriers such as Verizon are increasingly brazen. This month, Verizon notified customers it intends to monitor customers’ location, websites they visit via their phones and apps they use. And it may share that information. Though it’s possible to opt out, the default setting for Verizon and other carriers is to share.
Sen. Ron Wyden, D-Ore., by the way, is sponsoring a bill that would set boundaries on the GPS information agencies and companies can collect from wireless phones.
You turn on TV to catch the news. Thanks to a growing reliance on Internet Protocols for distributing signals, your cable or satellite provider knows exactly what you watched and for how long. Read your provider’s privacy policy to see all the ways this information may find its way into the hands of others.
You go to the doctor’s office, where your weight, prescription data and diagnosis are entered into an electronic database. Though safeguards aim to protect this intimate information, data breaches occur. In 2006, Providence Health & Services in Oregon said personal medical data on 365,000 patients were lost when a car prowler stole disks and tapes from an employee’s van.
The U.S. Department of Health and Human Services lists 345 cases of medical records breaches over the past two years that affected at least 500 people each. Some exposed records of hundreds of thousands of patients. Reasons range from theft of laptops to digital intrusions.
As you drive to work, your OnStar device tracks your location. Until late last month, the company quietly continued to track even after you canceled its service, a policy the company dropped in the face of a political uproar.
You also may pass a smart billboard by NEC, IBM, Research in Motion or one that uses Immersive Labs software. These billboards can target you with specific ads. Depending on the technology, the billboards may track age, gender, length of time you look at the board, or the speed of your vehicle.
Along the way, your car’s license plate may have been scanned and collected by the police or a private surveillance service, revealing where your car has been. Law enforcement agencies use the systems across the country, from Maine to California.
On the other side of the world, somebody looks at a picture of your house on Google Street View. Perhaps he even sees you in a bathrobe, retrieving The Oregonian. Though some countries, such as Germany, have limited Google‘s efforts to photograph its people and buildings, most have not. But in Portland and other American cities, you can see cars parked in driveways, people leaving shops and trash piled in yards, without leaving your desk.
Midday
You check Facebook and you’ve been tagged in someone’s photo, adding to Facebook‘s treasure trove of facial recognition information. Facebook is the largest collection of digital photos in the world –90 billion. It’s pitched as a fun way to share your activities with friends: It’s also a fun way to share your appearance with a voracious commercial company and anyone else who accesses the data. Given Facebook‘s continuing refinements that tend to compromise personal privacy, this is not reassuring. Recently, an Australian technologist noted that Facebook can track online activity even after you’ve logged out of Facebook.
Back at work, you use a computer connected to an internal network and the Internet. Your browsing history is logged by members of your employer’s IT department. (Seventy percent of companies acknowledge monitoring browsing.) Your phone records are logged and kept.
You use an online search engine to check a fact. If you used Google, your query is added to the world’s largest collection of crowdsourced data. Distracted by a pop-up window, you agree to take an online survey. Unwittingly, you have just handed over an extensive list of personal detail for companies to pitch products to you.
For a single example of how your personal information is indexed, sorted and reused, take a look at one major data broker, infoUSA.com. A few keystrokes will deliver a list of consumers by geography –all the way down to a single mail carrier’s route –by household income, marital status, number of credit cards, second mortgages, hobbies, veteran’s status, ethnicity or religion. (“Choose from 10 major religions.”) Of course, by buying such a list, you have offered another layer of information that will help marketers sell to you.
Finally, in the course of your computing session, you jump to a website such as Hulu or MSN, where you unwittingly download a “supercookie” that can’t easily be removed from your computer. It collects information about your activity across multiple sites, while resisting efforts to delete it.
You take a Starbucks break. If you open your laptop, another customer may be running Firesheep on his laptop, enabling him to watch your activities and, potentially, steal your identity.
On your way back to work, you pass two surveillance cameras: a public one installed on a light pole, and another that focuses on the entrance to a bank. The one on the bank has facial recognition technology.
It’s almost impossible to go anywhere in public without being recorded. A much-cited study by the New York Civil Liberties Union found more than 4,400 surveillance cameras in a few concentrated areas in lower Manhattan and Harlem. “Cameras lined nearly every block in . . . the Financial District, Tribeca, SoHo, Greenwich Village, the Lower East Side, Chinatown and Central Harlem,” the study said. That was in 2005. the same is true in London, Frankfurt, Beijing, and most other major cities as well as many minor ones.
You use a security badge to exit your workplace. Some employers acknowledge using badges to track their workers, saying it improves efficiency.
Evening
You go to the store, where you are videotaped and your purchases logged and added to the accumulating picture of your preferences. This information may find its way to third parties by legal means, such as when the data are aggregated and resold, or by illegal means, such as theft. One of the most notorious thefts was the “wardriving” case that compromised more than 40 million debit and credit cards from retailers such as Marshall’s, Barnes & Noble, OfficeMax and others.
Law enforcement may take an interest in your purchases, too. A much-cited Salt Lake Tribune story reported that the Drug Enforcement Administration sought discount-card data from Smith’s Foods in an effort to find customers buying large quantities of plastic baggies, on the presumption that they might use them to hold meth.
On the way home, you stop at the library, where you check out a book. Your borrowing history gets sent into a central database. If you use a library computer, your activity is recorded. Though librarians have a good record of protecting user data, note one of the disclaimers in Multnomah County’s library privacy policy: The library can electronically monitor public computers and external access to its network and reserves the right to do so when a violation of law or library policy is suspected.
But much of the alleged threat to our liberty is an urban myth. You order a pizza from Domino’s and your call is routed through a central office to your local outlet, where the clerk already knows you prefer anchovies to olives. According to private investigator Steve Rambam, the U.S. Marshal’s Service, the New York Police Department, debt collectors and others have used such pizza-ordering information to find people. Domino’s denies sharing “entire lists” of customer information. But noted garbagologist AJ Weberman, in a comment on this story (below), refutes that claim and is certain Rambam made it up. (Story changed Octo 31st).
You download a song from Apple’s iTunes. The company has responded to complaints that it stores geolocation data and timestamps on mobile devices (iPads, computers and iPhones) by slowing the frequency of its collections.
You stream a movie from Netflix. Be advised the company is lobbying against restrictions on disclosing your rental history because it wants to make a deal with Facebook to share. That restriction was ordered by Congress after the 1987 fight over the nomination of Robert Bork to the Supreme Court, when the Washington City Paper published a list of the judge’s video rental history.
Further, even when a company like Netflix thinks it has kept its consumer data anonymous, a clever analyst can combine it with data from, say, the Internet Movie Database to de-anonymize portions of it. That’s exactly what happened in 2006, when Netflix sought to improve its recommendation system.
You buy a DVD online. The vendor, such as eBay, the eBay seller or Macy’s knows about your purchase, as do your credit card issuer and your bank. Depending on the payment systems used, your transaction may also become known to third-party payment companies such as PayPal, fraud-detection providers such as iOvation, processors such as FirstData, fulfillment services such as Monsoon and any warranty providers, such as SquareTrade. That’s a lot of opportunities for others to capitalize on your impulsive purchase of “The Simpsons Season 24.”
And, of course, any curious person may simply use your username to follow your buying, selling and commenting on sites such as Amazon and eBay.
Your Facebook page includes pictures of you quaffing a glass of beer. You also post that you’re looking forward to a night of “Crazy Bitch Bingo,” as a local restaurant calls it. Your employer takes note. The next day, you are fired. That’s exactly what happened to a Georgia schoolteacher named Ashley Payne.
And once a photo is online, it’s permanent. Even Rep. Anthony Weiner, who acted quickly, couldn’t stop the spread of the indecent photo he sent via Twitter.
Overnight
Even as you sleep, your household is part of a smart grid of energy supply and demand. At a minimum, this information is conveyed between your smart meter and the utility, and may be shared with third-party energy management companies. California passed a law that limits utilities sharing consumption data with third parties.
Also, as you sleep, your computer restarts because Microsoft has detected that you haven’t installed the latest critical security update.
Sleep well.
Thanks to the Oregonian
2 Responses
I knew the spying ran real deep. I just saw a few still shots of my neighbor walking his dog on what looks to be morning time at around 8:30 a.m. (according to the sunlight reflections) in Google street view. They blurred out his face in all but one shot where you can see him perfectly. The average ‘Joe Consumer’ computer user could not do this just a few short years ago, pictures as clear as this could only be accessed by the gov’t and spy agencies.
Rombom made up the story about Domino’s. It has no basis in fact.