End of privacy as an afterthought
CAPE TOWN – I ended last week’s column by saying that the proliferation of sensors and cameras is a sign of the future in which machines will eventually know everything about us. In the highly connected world of the Fourth Industrial Era face tracking is widely used in many countries for security purposes, but also by companies to track and profile people in public places, shopping centres and at large social or sports events.
It is not just our face that is being tracked, but also our voice, body functions and our private life are being tracked and closely monitored by large and powerful technology companies. With the proliferation of the Internet of Things (IoT) almost every device is connected to the Internet and sensors are embedded in an ever-growing variety of objects. Large technology, Internet and advertising companies are accessing every post, click, like, website visited, and purchase we make.
This was particularly evident at the Consumer Electronics Show in Las Vegas earlier this year where the privacy of data suddenly became a major theme and some of the major technology companies were almost falling over their feet to emphasise that the user’s data belong to the user. Partly due to public pushback and government legislation, privacy all at once became a mainstream event. If these information technology companies are telling the truth is highly debatable – one just has to study the track record of Facebook, the many cases worldwide against it and Marc Zuckerberg’s testimony to Congress in the USA. To be completely honest, I am starting to doubt if any company - no matter how virtuous or how ingenious their whitewashing - can really protect the massive amount of detailed data it collects about us.
The reality is that most people have lost control over how personal information is collected and even more so how it is used by various kinds of entities. Research has shown that very few people are taking action to protect their data. Only about 45% of people update their privacy settings from time to time. This makes users extremely vulnerable to unwanted tracking and advertising. Currently about a third of users’ Internet data is being used for unsolicited tracking across websites and incessant marketing by advertising networks and fingerprinting companies. Interestingly, online news websites have the most trackers in order to monetise their content.
The dark reality is that companies do not do the tracking themselves, but has surrendered the control to third-party trackers, meaning that they have no idea what personal information is collected, how it is used or to whom it is sold. Third-party companies in many cases can access the consumer’s demographics, political inclination, banking information, purchase history, ages of their children and many more. The use of such personal data points by the now defunct Cambridge Analytica to precisely profile voters and then to manipulate elections and referenda such as Brexit, is history.
Very much part of tracking is price discrimination – an economic concept based on the principle of elasticity where a consumer is charged the maximum amount they are willing to pay for each item. Some travel sites does price testing and assign users via cookies to different living standards categories to steer or nudge them towards more expensive hotels. They also determine the price category based on the smart phone or tablet used by the shopper. Sorry Apple fans, but iPhone users are usually shown more expensive hotels than Android users.
Similarly companies selling online products are using personalisation algorithms to steer users to more expensive items depending on the product and technology used by the user.
Privacy infringements have lately become such a problem that Google was fined $170 million in September last year for the violation of the privacy of children on YouTube. Google had knowingly and illegally collected personal information from children and used it for profit by targeting them with advertisements. Google also had to make some changes to their policies to stop violations of children’s privacy on YouTube.
The State of California in the USA felt so strongly about people’s privacy especially with regard to IoT devices that they introduced the new SB-327 law, which came into effect on 1 January 2020 and compels smart-home devices to have “reasonable protections of user privacy.” After some serious leakages of private information by the smart devices over the past year, this new law must give Erin Egan, the Chief Privacy Officer of Facebook, and Jane Horvath, the Apple Senior Director of Global Privacy, quite a few headaches.
Google tried to address the privacy issue by allowing the Google Assistant to backtrack, specify and erase certain data. The Google Assistant, for instance, now act on the command “Hey Google, that wasn’t for you,” to erase data when it overheard data that it was not supposed to hear. It also possible to get a complete report on you privacy controls through the command “Hey Google, are you saving my audio data?”
Ring, Amazon’s new doorbell and security system with an integrated camera that make it possible to monitor and open your front door via a smart phone anywhere in the world, has gained significant popularity because of the convenience it brought. However, with the convenience again came the threat to privacy, especially via the video camera. To safeguard privacy Amazon has created an interface where users can manage the devices and services that have access to their smart system. Users can also opt out of allowing law enforcement officials access to the video feed from the system’s camera.
But companies are holding onto the profitable gathering of data with the unconvincing excuse of personalisation. Google, for example, has already found new ways to circumvent the newest data protection regulation in the world via a method called “Push Pages,” through which Google invites numerous companies to share user’s profile identifiers when they load a webpage. Although this goes against the spirit of new privacy laws, it does not violate the letter of the law and is thus technically legal.
But these are the easy defilements of our privacy. The covert tracking and privacy breaches by some companies are of much greater concern. But luckily there are many software solutions, amongst others Virtual Private Networks (VPNs) that can protect our privacy.
Other technology companies offer hardware filters, which are installed between the user’s router and modem and strips any corporate tracking or surveillance and prevents non-consensual third-party data collection. The device scans all incoming and outgoing digital traffic and blocks tracking, irritating advertisements, and cookies, as well as anonymises the user’s unique Internet Protocol (IP) address by which a person can be identified and traced.
These hardware solutions also offer anti-fingerprinting. A device, machine or browser fingerprint usually entails the collection of detailed information about a remote computing device with the aim to identify individual users or devices even when cookies are turned off. Fingerprinting is an incredibly accurate method of identifying people and tracking their online behavior, which is then used for targeted advertising. Even banks are using fingerprinting to prevent possible fraud.
It seems that we as users of the digital world are eventually ending up with an uneasy compromise between the convenience of an ultra-connected world on the one hand, and the loss of our privacy on the other hand. Perhaps it is time that we become serious about our privacy after the numerous dystopian-like debacles we had over the past few years. Many companies are promising us protection of our data and privacy, but it seems as if we have to take that with a pinch of salt. It is time to ask yourself if the large technology, Internet and advertising companies really have your best interest at heart.
We have window shades to protect our physical privacy. Why would our virtual privacy be less important?
Professor Louis C H Fourie is a futurist and technology strategist. [email protected]