In this four part series we’re going to talk about how personal data is created, managed and exploited by companies tracking you online. We’ll also introduce an alternative solution for data management, and give you tips for reclaiming your online privacy. By the end of this series, you’ll be a #datawarrior
When we’re browsing online in our personal time, whether on our phones or laptops, we have the illusion of privacy. A false sense of security that what we’re doing behind our screens is somehow private.
We think that by logging out of our accounts, using incognito mode and deleting our browsing history and cookies, that we’re erasing our digital tracks. This is far from the truth. Once data is collected, erasing it is extremely difficult, if not completely out of our control.
In fact, everything we’ve ever done online — every search made and website visited — has likely been traced, recorded and packaged into neat little data sets, to then be sold on for marketing and advertising purposes that we never willingly consented to.
So what is “personal data”?
When we talk about personal data, we mean any kind of information which we freely share online that can be linked back to our identity.
“Personal data can be defined to include information about you such as your name, birth date, email address, phone number, physical address, etc. Other terms for such data are demographic information or personally identifiable information (PII).” — Ron
Read more about personal data and digital identity in Ron’s article.
Some examples of what personal data of yours might be out there, most likely stored by some company, somewhere:
- Intimate personal photos
- Contracts, such as lease agreement or work contract
- Prescriptions and medical history
- Travel history — taxi, flight and hotel bookings
- Drivers license
- IP address
- The history of everything you’ve ever shopped, browsed or searched for
- Credit score
- Exact location right now
- Your DNA
The invisible fourth wall
When combined, all of this data creates our unique digital fingerprint. This intimate, digitised version of ourselves represents the most private of our lives, but is stored in a way that’s constantly vulnerable to public exposure.
We freely express our opinions, upload pictures of our family, send personal emails, share our religious and political affiliations — and we entrust all of this information to the web, the most public domain of all.
Yet just as we wouldn’t share our home address with strangers or give our credit card details away, why do we give it away so willingly to our screens?
How is data tracked?
In order to trace our online movements, marketers install tracking codes and pixels — better known as “cookies” — in the metadata of millions of apps and web pages.
These allow companies to download our personal information, as well as data detailing our online “behaviours” while we browse. These behaviours are initially assigned to an anonymous profile. As soon as we give away some personal details — say to make a purchase or register for a service — our profile goes from anonymous, to identified.
As more traditional services move online, tracking of our “digital” movements is progressing to almost every activity — whether online or offline. When we make purchases with our cards and phones, when we use public transport, what events we go to, movies we see and the conversations we have.
Who reaps the rewards?
Tech giants like Facebook and Google tend to get the worst reps for exploiting our private information. While they are a major part of the problem, there are also thousands of other companies tracking us, who are flying well under the radar.
From private corporations, to public organizations, literally everyone is in the business of consumer data — which is expected to grow to $274 billion by 2020. The more information someone has on its users, the more power, influence and control they have.
China’s social credit system is perhaps the most extreme example of tracking gone bad. Expanding to all aspects of life, their system works by “judging citizens’ behaviour and trustworthiness”. This “use, and abuse, of aggregated data for analysis of behaviour” pairs a country-wide government system with businesses to create a unified social credit code, all linked to citizens’ permanent records.
If you think that kind of abuse only happens in surveillance states, think again. What you say and do online can cost you no matter where you live. In New York, insurance companies reserve the right to determine your premiums based on your social media posts. Uber, Airbnb — and other platforms integral to modern day life — can ban you based on your ratings and reviews.
And when your data isn’t being used against you, it’s probably being used to exploit you. Acxiom, a global database marketing company, boasts about how it obtains data on British citizens through a company called Read Group. Read Group claims to have a data list that is:
“The most comprehensive view of active online and offline UK consumers containing over 32 million individuals. It combines transactional history, lifestyle choices, behavioural insights and geo-demographics to help target our campaigns at every level”.
While some corporations attempt to analyze trends in the data to try and understand their users better so that they can improve their product offering, or gain a political advantage, others may simply want to cash it on it by selling it to the highest bidders.
By exploiting our personal information for profits, corporations simultaneously expose us to one of the biggest risks to our privacy and security today — data breaches and hacks.
Identity theft is among the fastest growing crimes worldwide. In 2018, over one billion user accounts were hacked due to corporations failing to adequately protect their users’ data.
Instead of adopting new technologies that would protect users from privacy threats, most companies opt to store their users’ personal information in insecure databases so that they can continue monetizing it.
In 2018, the European Union enacted the General Data Protection Act, which aims to protect users against privacy breaches by giving them more control over how their personal data is collected and used.
Since then, many platforms now ask users to agree to their privacy policies before continuing onto the site. But is this newfound concern for privacy as genuine as it seems, and is it enough? We doubt it.
Time to take back control
As our lives increasingly shift into the digital realm, it’s important that our online identities and personal information remain in our control. There is now a shift — driven by teams like Pillar — which returns control over data, its value and its worth back to the individual.
Instead of storing personal information in private corporate databases, it’s possible for our personal information to be stored across a decentralized network, making it much harder for one party to obtain our personal data without explicit permission.
We are building the tools and the infrastructure to do this.
- Reignite self-sovereignty over personal data
- Give users greater security over data
- Shift the paradigm of information flow and value from online giants to their users
Coming up in Volume 2 of #DataSlaves
Currently all of our personal information is spread across the web, held by the different businesses and companies we engage with, and some that we don’t.
We want to change this paradigm to make sure that corporations aren’t able to jeopardize our privacy ever again.
In Volume 2 of #DataSlaves, we’ll explain how Pillar’s Personal Data Locker and Offers Engine will help you take back control of your data.