Showing posts with label tracking. Show all posts
Showing posts with label tracking. Show all posts

Saturday, September 10, 2016

Facebook, Fiefdoms, Privacy and the Potential for Abuse

(Image credit: churchm.ag)
 
“All human beings have three lives: public, private, and secret.” 
Gabriel García Márquez

Let’s start by asking ourselves a simple question; what value does Facebook provide to society?

I can already hear people say 'wait a minute', and start to argue that Facebook informs, entertains, connects, and allows us to stay in touch with family and friends. Facebook is a social sharing platform that connects people. However, unlike a Warby Parker or Unilever, it does not make or sell any tangible products to improve our health or well-being.

It is true that the same can be argued about eBay, Alibaba and Airbnb. They don’t manufacture goods, but merely facilitate transactions between buyers and sellers. However, Alibaba is an online mall where third parties sell products and Airbnb’s service fills a real-world need for accommodation.

With Facebook there is one fundamental difference - you and I are the product.

Without user-generated content and our friends and family engaging with it, Facebook makes and offers nothing. It is entirely powered by our routines, my stories, your creativity, and our combined curation of third party news and articles we post. Facebook is powered by you and me.

And their entire revenue model is based on effectively mining, stealing (through an opaque privacy policy) and selling our personal information to advertisers; arguably they provide no meaningful benefit to society. As for connecting us, we already did all this, through letters, movies, television, travel, newspapers and phone calls, much before Facebook existed.

Technology has certainly made it easier to connect and as a result we have all become lazier about making the effort to stay in touch; but let’s be clear that there is no innovation in terms of how we share, build relationships or create emotional bonds that Facebook has invented.

Consider that the non-technological version of the online platform existed for millennia in the form of Roman marketplaces and even modern day malls where people broke bread, socialised and had the ability shop from multiple vendors, all under one roof.

Facebook says they offer a forum to express ourselves freely and in saying that they pretend to empower us. They claim to be a democratic and open platform designed “to give people the power to share and make the world more open and connected” (source: Facebook Mission), when in reality and behind the scenes, they are doing exactly the opposite.

They have been caught manipulating our newsfeed, by showing overwhelmingly negative or positive posts and using us as lab rats to be “part of a psychological study to examine how emotions can be spread on social media.” (Source: New York Times article).

More recently an employee claimed they routinely censor right-wing content…” (Source: PC Mag article).  Another tech consultant who worked there disclosed that “Facebook collects all content that is typed into its website, even if it is not posted…” (Source: Information Age article).

More worryingly, earlier this year the Wall Street Journal reported that Facebook was starting to spread its tentacles into the personal lives of non-Facebook users; going well beyond the four walls of their own platform by tracking people all over the web under the guise of showing more targeted ads. “Now Facebook plans to collect information about all Internet users, through “like” buttons and other pieces of code present on Web pages across the Internet.(source: Wall Street Journal).

On the heels of this announcement, we found out that WhatsApp, which Facebook bought in 2014, is going to start sharing personal user information that includes your phone number, contact list and status messages with Facebook (Source: Scroll India article). This after WhatsApp had unequivocally promised that it would protect users' privacy when they agreed to be purchased by Facebook. You can read the WhatsApp co-founder Jan Koum’s blog post and 2014 promise about how “Respect for your privacy is coded into our DNA…”

Facebook has also announced that they are going to crack down on ad blockers and click bait headlines to make room for more advertising. They intend to do this by “making its advertisements indistinguishable from the status updates, photo uploads, and other content that appears in your news feed” (Source: PC Mag article). They justified this change with the now all too familiar refrain that because Facebook is a free service, they rely on advertising to keep them going.

A free service that claims unlimited ownership of and rights use every status update, family picture and personal video. A free service that believes it has a right to mine personal data, track people around the web, and then sell all that information to third parties (in non-transparent ways). A free service that stores personal data “…for as long as it is necessary to provide products and services to you and others…” and one that defines their collection of information in the broadest terms possible; “Things you do and information you provide. Things others do and information they provide. Your networks and connections. Information about payments. Device information. Information from websites and apps that use our Services. Information from third-party partners. Facebook companies.” (Source: Facebook Privacy Policy). Free indeed!

I understand that we need to give up some privacy in a digitally connected world, particularly where we expect things for free. But there also need to be rules around what is permissible and what crosses the line. Beyond privacy, the greater issue is that so much information concentrated in the hands of one or two companies makes conditions ripe for abuse.

The point is not whether Mark Zuckerberg is trustworthy or if he truly has noble intentions. Nor am I suggesting that Facebook is an evil corporation run by hobbit in a hoodie. Facebook has already been caught abusing their power numerous times from manipulating the newsfeed to using sophisticated algorithms to pick, choose and limit news, articles, politics, entertainment and information we are able to see and share.

Like every other global corporation in history, they are not immune from the temptation to abuse power in the search for growth, expansion and profits. Their misleading and altruistically packaged attempt to create a walled off internet, with a Facebook monopoly, in the developing world is yet another example of business intentions gone totally awry. You can read my piece about it here “How Facebook Can Fix Internet.org”.

Think about the fact that, with 1.7 billion active users (a number that continues to grow), they have greater influence than any government or news organisation has ever had over our worldview. They have more personal information and greater power than the Soviet Union had on its people at the height of communism. This should concern all of us.

The point is that no single company should hold this kind of power and influence over so many people. It will not end well; human beings are corrupted by absolute power. We cannot change the nature of the beast.

Wednesday, July 23, 2014

The Value of Privacy

“All human beings have three lives: public, private, and secret.”
Gabriel Garcia Marquez 

There has been much furor and attention in the news regarding the NSA’s blatant overreach and invasion of privacy but the reality is that the manner in which the private sector has been invading our personal lives is far more intrusive and concerning. What’s more, nobody really knows how much is actually being collected, which companies are doing the collecting or the methods they are using. 

In this regard the internet remains the Wild West. In the words of Tim Berners-Lee, the inventor of the World Wide Web, “A digital Magna Carta is required if we are to stand any chance of halting the Internet’s steady infringement of our right to privacy.” What is scarier is that the information being collected, on each of us, is also being compiled and sold to third parties without our knowledge or consent. 

For many years we were assured that the information we shared via online searches, sites we visited and ads we clicked was being collected and stored in a non-personally identifiable manner. And that it was being collected with the intention of improving our online experiences and adding a greater degree of personalisation for marketing to us. It turns out that this is far from the truth. 

Today, there are numerous companies compiling dossiers on us; gleaned not only from our online behaviours and habits, but then supplemented with information from the real world. Frighteningly, these dossiers are not anonymous. They identify us by name and contain comprehensive profiles that include everything from political and religious affiliations to medical and criminal histories to shopping and surfing habits. These dossiers are being openly sold to everyone from prospective employers and research companies, to marketers and financial institutions. Watch 60 Minutes report: “The Data Brokers” 

The argument used by marketing companies, internet firms and these so called data brokers, to defend this gross invasion of privacy, is to say that anything we disclose on the internet (as well as data that exists in the public domain) should be considered fair game. They argue that people are fully aware of the information they are sharing online, doing so willingly, and free to read the terms and conditions on each website about how their data is being handled. In their estimation, consumers are willingly parting with all this personal information. 

They further contend that the internet is a marketing medium, so people need to accept that information gleaned off it can and will be used not only to personalize experiences, but also to better advertise and market to us. Based on this flimsy argument they also staunchly believe that there is no need for government regulation to prevent anyone willing to pay money to know more about us, than a spouse or parent ever would. 

Then there are those who argue that if we have nothing to hide, why should we be concerned?  They ask why we care if every term we search, product we buy, page we visit, prescription we fill and gift we send is tracked by companies or sold on to third parties. To me this is a totally false argument because an individual’s right to privacy has nothing to do with having something to hide. Everyone has a reasonable expectation to privacy in a democratic society. It is a fundamental right. 

Think about a really simple analogy in the real world. Imagine you walk out of your house to run some errands on a beautiful Saturday morning. You stop at Starbucks on the corner for a latte and doughnut. Next you cross the street to go over to the pharmacy to pick up the prescriptions your doctor called in. The pharmacist asks you to verify your home address. 

On your way home you decide to run a few more errands. First, you stop at another drugstore to talk to their pharmacist about recommending something for a nasty rash you have on your inner thigh (Note: you choose not to ask your regular pharmacist who knows your whole family by name, because you are feeling embarrassed and not because you have something to hide). Then it’s a stop at the local grocery store, where you use some email coupons on your phone. 

You then make a quick stop at the wine store to pick up a nice bottle of wine for yourself and a few bottles of bubbly for the party you are attending this weekend. You spend some time browsing at your favourite local boutique, on your way to the final stop at the dry cleaner. The clerk at the dry cleaner asks for your home phone number to look up your account. 

Arguably, you have been in what can be described as the 'public domain' while running all your errands. Much like if you had stayed home and transacted entirely on the internet. In both cases, you were required to divulge and share various bits of personal and private information, including your home address, phone number, medical history and credit card information in order to complete your transactions. 

Now imagine that you are running through the same schedule, except that from the moment you leave your home, you have a dozen random strangers physically following you around and secretly take down all the little bits of information you are legitimately required to and willing to divulge along the way. 

These strangers would be doing this without your prior consent or knowledge. These shadowy figures are simply leaning in closer as you give the pharmacist your insurance information and prescription list, or peering over your shoulder to look at your grocery cart, trying to determine if you are gluten intolerant. In fact, they are keeping track of everything you say, see and do. 

Now imagine that these strangers follow you around every day for months or even years collecting, storing and then combining this data with every other bit of information they can find from public records. They include your past employers, home addresses, credit history, political and charitable donations, etc. and then they put it all together to create a file on you that they can legally sell to any third party willing to pay for it.

These exact dossiers compiled by data brokers are now being used by many financial institutions to gauge your 'social' ranking and credit-worthiness, based on who your Facebook friends are. Such compilations are even being used by prospective employers to determine your character. This gross violation of trust is actually happening today, completely in the shadows and without our consent. 

I understand that technology has reshaped our lives in many ways and with these conveniences there is a reasonable and necessary loss of privacy. With this I don’t believe anyone has an issue. However, to say that if we are bothered by the extent to which we have lost control over our private information, and the solution is to simply stop using the internet or sharing personal information on it (which is impossible) – it is akin to saying we should not leave the house if we are worried about getting mugged. 

It is a totally nonsensical argument and an unrealistic expectation in a world that has become completely dependent on technology. The point is not to have zero, or even total, privacy, but that information gathering should not be done surreptitiously. It should be conducted in a way that clearly informs us, gives us the choice to participate or not, and allows us to limit the amount of information we are willing to share.

It is an absolute right to expect privacy and be aware of how our information is being used and by whom; especially when sharing information in a specific situation for a very specific purpose, e.g. at a pharmacy to get a prescription filled. It is not unreasonable to expect that the same pharmacy will never share this information or start to combine it with other habits, behaviours, etc. and then sell the information to a third party. 

Equally, it would be ludicrous to try to regulate the entire internet by creating even more complex and detailed privacy laws that cover every possible situation or transaction; not to mention trying to do this globally in some uniform way. 

The solution is to make the whole process completely transparent and allow people to make the choices regarding information they are willing to share. Make it simple and clear about how and for what purpose our information will be used on every site. 

For example, if you shop on Amazon. then the baseline should be that this site alone would have access to only the most basic information required (name, address, credit card) for someone to complete a transaction; and this information would never be shared or sold to a third party without our prior consent. Amazon should also allow us to delete personal browsing and shopping history, if I choose not to save it or be marketed to more accurately. 

Further, Amazon could build incentives for people who are willing to share more of their shopping history, or even more detailed information about themselves, their habits and behaviours; even around the rest of the web. 

The same should hold true for tracking companies; they too can create incentives for people willing to sign-up and give them permission to follow them across the web, on their mobile phones, etc. Finally, every company that sells and profits off individual data should also share that revenue with the individual; creating a sort of human-information exchange. 

However, the default on the web and every site should always be that people are opted-out and not the other way around, as it is today.