Here are some mildly terrifying things I learned when I recently did an online privacy checkup: Google was sharing my creditworthiness with third parties. If you want Target to stop sharing your information with marketers, you have to call them. And, my favorite: If you would like Hearst, the publishing giant, to stop sharing your physical mailing address with third parties, you have to mail a physical letter with your request to the company’s lawyers.
Cool cool cool.
I was inspired by this story my colleague Kashmir Hill wrote this month about the company Sift, which collects your consumer data and analyzes then scores your transactions.
“As consumers, we all have ‘secret scores’: hidden ratings that determine how long each of us waits on hold when calling a business, whether we can return items at a store, and what type of service we receive,” Ms. Hill wrote. “A low score sends you to the back of the queue; high scores get you elite treatment.” (If you’re interested, you can request your own secret dossier by emailing firstname.lastname@example.org, though the company is backed up because of the “recent press coverage.” It took them two weeks to respond to my request.)
Surprised? We were, too
Like many people, I was a little stunned at the intimate level of data that was being collected. Ms. Hill was, too.
“I know that we are tracked in surprising ways, and have reported on those surprising ways extensively, but even I was shocked to get a 400-page file on myself back from a company I’d never heard of,” she told me. “It was bizarre to see what I had ordered from an Indian restaurant three years ago in the report and disturbing to find all the private Airbnb messages that I had sent to hosts. I didn’t think any company beyond Airbnb would have that data.”
It’s no secret that we’re being tracked everywhere online. We all know this; every one of us has a story about an alarmingly specific ad appearing on Facebook, or a directly targeted Amazon promo following us around the internet. But as internet-connect devices become more prevalent in our everyday lives — think smart TVs, smart speakers and smart refrigerators, for example — and as our reliance on smartphones increases, we’re just creating so much more data than we used to, said Bennett Cyphers, a staff technologist at the Electronic Frontier Foundation, a nonprofit digital rights organization that advocates for consumer online privacy.
“There are just more streams of data out there to be aggregated and tied to profiles and sold,” Mr. Cyphers said. “Because people don’t realize that their car is collecting data about their location and sending it off to some server somewhere, they’re less likely to think about that, and companies are less likely to be held accountable for that kind of thing.”
He added: “Information is being shared completely haphazardly, and there’s no accountability at any stage, especially in America.”
Who cares? I have nothing to hide
We’ve all heard that one before.
“The only people I’ve heard say, ‘Who cares?’ are people who don’t understand the scope of the problem,” Mr. Cyphers said.
“A lot of the tracking systems out there make it easier for law enforcement to gather data without warrants,” he said. “A lot of trackers sell data directly to law enforcement and to Immigrations and Customs Enforcement. I think the bottom line is that it’s creepy at best. It enables manipulative advertising and political messaging in ways that make it a lot easier for the messengers to be unaccountable. It enables discriminatory advertising without a lot of accountability, and in the worst cases it can put real people in real danger.”
Lots of specific ways to deal with the privacy intrusions: