Online

They Know You’re Reading This

I was recently complaining to a teller at my bank that the another bank down the street had given my three-year-old daughter a stuffed horse for nothing more than walking past the front door. I jokingly asked her what gifts my own bank would be willing to offer to compete for the affections of my daughter. Then I said, “Oh, you probably don’t like it when I mention the competition when I’m in here, eh?”

She surprised me with her answer. She said that she had her cheque and savings accounts at that competing bank and that she’s always found their service to be great. I was surprised. Why would a teller at one bank do her own personal banking at another bank down the street?

She told me that most of the tellers she works with have their accounts elsewhere because they don’t want friends and colleagues at their own bank to have access to their private information.

The exchange was a clear reminder that privacy issues are everywhere. Anytime you share any information with anyone or any institution, you should expect it to be shared in ways you never expected.

This week, the top story in the internet world was that the mobile social network Path had been uploading users’ email contact lists to its servers. The purpose of the upload was to make it more likely that users would find friends and colleagues who were also on Path. The problem was that Path was uploading the email data to its servers without users knowing it. A firestorm of criticism erupted. And within a day or so, Path responded by putting a stop to the offending practice and deleting every email address they had collected.

Path deserves credit for the swift and appropriate response to the criticism it faced. But the whole incident was one more reminder that almost everything you do on the Internet puts a dent in your personal privacy, whether you’re aware of it or not.

When I first heard about Path’s plan to delete all the email addresses it had collected, I wondered if Facebook would respond by agreeing to delete those embarrassing photos from 2006 that you already manually deleted 6 times in the past. As it is now, the photos you delete from Facebook never really get deleted. They’re still accessible via direct link (and of course, by anyone at Facebook who has access to the data). Once you put something on the internet, you should assume it will be somewhere out there forever.

Maybe that’s no big deal when were talking about a few collegiate kegstand photos that you’d rather forget. But it is a big deal when you consider that almost everything you do or share on the internet is being tracked by someone.

The Path story got big because it’s exceptional in two ways. First, thanks to one guy who wrote a blog post, we all were made aware that Path had a policy of borrowing your email contacts without your consent (and that iPhone apps easily allow for such a transgression). And second, when confronted with valid complants, Path acted swiftly to change its policy and right its former wrongs.

There’s nothing all that exceptional about the notion that your data is being collected and saved, and that just about every click you make and every piece of data you share is being tracked by Internet companies and the marketers who pay their bills. Companies like Facebook are so valuable precisely because of the effectiveness with which they transgress your privacy and piece together a portait of you that can be sold to advertisers.

Pennsylvania professor Joseph Turow explains how you’re tracked in the modern world.

Websites, advertisers, and a panoply of other companies are continuously assessing the activities, intentions, and backgrounds of virtually everyone online; even our social relationships and comments are being carefully and continuously analysed. In broader and broader ways, computer-generated conclusions about who we are affect the media content – the streams of commercial messages, discount offers, information, news, and entertainment – each of us confronts. Over the next few decades the business logic that drives these tailored activities will transform the ways we see ourselves, those around us, and the world at large. Governments too may be able to use marketers’ technology and data to influence what we see and hear.

They are watching. And they know you’re reading this right now.

And it’s not like you can just go offline and avoid the tracking. If you get a postcard advertising a lung cancer screening from your local hospital, it’s not by coincidence. Everything about the offline you is being shared across corporations as well. In the age of data mining, it just takes a few clicks to piece together enough information about your age, address, income and insurance status to figure out if you’re a likely smoker and therefore a good target for a lung-screening pitch.

I have a friend who used to fill out nearly every online and offline form with a different title (Mr, Mrs, Dr, prince, king…). Then over time, he tracked the mailings that came to him with those various titles attached. Over time, he could easily track who sold what information to whom.

Today, it wouldn’t even make sense to try to keep up. We share our data with everyone and everyone is sharing our data with everyone else.

It’s worth putting this Path story into this broader perspective and reminding ourselves that we are only at the tip of personal data mining iceberg. By the time my three-year-old daughter is my age, she might walk into her bank and have the teller ask: “Hey, didn’t we give you a stuffed horse back in 2012?”

Dave Pell is an internet addict, early adopter and insider. He blogs regularly at Tweetage Wasteland and has even been known to tweet.

Discuss

(15 Comments)
  • [–]

    Mark

    Friday, February 10, 2012 at 11:22 AM

    I have a friend who uses a different email address for every company / website he deals with so depending on which email address the marketing is sent to he can tell where the date came from. Eg. for Giz it would be mark.gizmodo@email.com

    Reply
    • [–]

      Richard

      Friday, February 10, 2012 at 12:33 PM

      Your friend obviously has way too much time on his hands. And maybe even a case of paranoia.

      Reply
    • [–]

      Luke

      Friday, February 10, 2012 at 12:47 PM

      I have used the same tactic for years and never got any spam from companies. I sign up for a lot of stuff too.. Owning your own domain helps with this as you don’t need to create all of the individual emails, you can just redirect everything to one address and filter it there.

      Reply
      • [–]

        chris brown

        Friday, February 10, 2012 at 1:47 PM

        It’s actually not that hard. If you have gmail you can add +anything to your email and it’ll still work plus let you know which one it is… so john+gizmodo@gmail.com and now you know who leaked your email for spam…

        Reply
    • [–]

      explosionshurt

      Friday, February 10, 2012 at 6:50 PM

      I just have a “spam” email address which I use to sign up for everything, and a “personal” email address for actual people.

      The spam email address gets 500ish new emails a day.

      Reply
  • [–]

    scott

    Friday, February 10, 2012 at 12:34 PM

    ive wanted to start doing that with the gmail +filter (eg your.email+filter@gmail.com) but unfortunatley alot of webforms wont recognise it as a valid email then)

    Reply
  • [–]

    bazuden

    Friday, February 10, 2012 at 1:00 PM

    I’m surprised that the teller you spoke with, and their colleagues do their banking with a different bank, just so their friends can’t see their information.

    For people who work for banks, accessing any customer information for a non-work related reason is instant dismissal. And the most sensitive information like account balances have reports which log every time information is accessed.

    Of course, with the thousands of transactions and queries that are run each day, there will be plenty of workers who get away with looking at info, but then why would you pass up fee-free accounts and better rates which are offered to staff who bank with their employee? Of the hundreds of people I’ve worked with none have said they would rather miss out on the fringe benefits, just so their co-workers can’t access their information.

    Reply
    • [–]

      CraftyNinja

      Friday, February 10, 2012 at 1:59 PM

      I agree with your comment in principle, but it would be worth noting that this is a Giz US article and American Banks may not have the same sort of perks that Australian Banks give their employees.

      Reply
      • [–]

        bdc

        Friday, February 10, 2012 at 10:03 PM

        hehe, when I read that my immediate thought was, is this a US or AU article, because I’m pretty sure you get in big trouble in Australia for looking up peoples accounts without permission/reason.

        Reply
    • [–]

      MD

      Friday, February 10, 2012 at 11:40 PM

      But who checks….Sure you are logged on, and you are looking up loads of people every day….
      Possibly the reason that you give the teller your card and they swipe it to get your account details makes it a little harder to look up “friends” accounts…. (you may need to know the number first, though If you lost your card, all you have to do is show some ID and tell them your name and they will find the account for you, so they can find the account of someone, oh they may have to get a supervisor to verify the search (hopefully electronically) as well… but who checks the checker…

      In medical records systems, it is very simple to check anyone on the system and see their complete history (in that system).. and it is not too hard to modify systems at will… I know, I have done so (not in banking, I have not worked in banking yet), not for nefarious reasons, but when the need exists, it can be done. Once you have a certain level access, you are free to explore within the system

      Reply
  • [–]

    CraftyNinja

    Friday, February 10, 2012 at 2:03 PM

    Good Article and the statement of “almost everything you do on the Internet puts a dent in your personal privacy, whether you’re aware of it or not” is something that I’ve been trying to tell all my non-techy friends for years and its something that I see my younger cousins struggling to understand nowdays.

    Reply
  • [–]

    Pete

    Friday, February 10, 2012 at 2:10 PM

    It’s perhaps worth noting that you said Path deleted those email addresses but I’m sure they would have been captured by regular backups and be still stored somewhere.

    Reply
  • [–]

    Russ

    Friday, February 10, 2012 at 3:26 PM

    I know some people who work at one particular bank and it’s just kind of assumed that they all have access to each others accounts and they like being able to quickly ask someone they work with to do something with their accounts and they basically just accept it like it’s no big deal. Bear in mind these are all younger people who’ve grown up around FB etc. so I guess they just intrinsically know that there’s no real privacy left for them anyway…

    Reply
  • [–]

    Just This Guy ...

    Friday, February 10, 2012 at 3:55 PM

    ” Anytime you share any information with anyone or any institution, you should expect it to be shared in ways you never expected. ”
    This should be splashed across the top of EVERY login page on the web.
    Especially places like Google+Face etc.
    So sick and tired of all the web sheep bleating about “My privacy” “My data” etc.

    Reply
  • [–]

    Franz

    Friday, February 10, 2012 at 9:58 PM

    If it can be built, it can be unbuilt.

    Reply

Join The Discussion

Subscribe Contact