Privacy and tracking

“I can’t believe you are wearing one of those,” they said while sneering at the Pebble watch I was wearing. Yes, that’s how someone introduced themselves to me at a conference last year. Apparently, I’m not allowed to wear smartwatches, or something. It wasn’t clear what their problem was or why they thought that was a good opening line. Best I can figure, it was some commentary on the hypocrisy of me wearing a smartwatch and claiming to be pro-privacy.

The thing is, I think I’m aware of how much information is out there about me, although I’m pretty convinced there’s even more than I think there is. The decisions we make about privacy and tracking are complicated. Do I take this 5% discount on something in return for having my purchases tracked? Do I participate in Facebook knowing they’re compiling a full dossier on me? Do I stay logged into Google? Does any of that matter?

We’re watched by corporations and they know a lot about us and what we do. Loyalty cards are ubiquitous and they’re purchase tracking devices. Many apps track us and send that data back to companies. Half of Palo Alto office space has been taken over by a secretive company called Palantir that is built on tracking and profiling people. Tracking is a fact of life.

Online we’re tracked all the time. Even if we try and avoid it, if we participate in almost anything online we’re tracked. In many cases, this is taken as implicit consent to be tracked. Being a part of a community we enjoy or using services that benefit us come with the price of tracking.

Many people don’t really understand how ubiquitous tracking is. I’m sure I don’t, and I believe everything I do is tracked somewhere by someone.
I pointed out earlier this week that the company Unroll.me was using the access they had to consumer mailboxes to sell data they extracted from emails. I also pointed out there are other companies with access to mailboxes and that many email marketers are the target market for the data they’re selling.

Return Path commented on my post and clarified how transparent they attempt to be in their various data products. I’m sure they are, I know a lot of the folks at Return Path and I trust them. But that doesn’t scale. I can’t personally know the executives at every company I do business with and trust they’re not out to invade my privacy.

It’s a fact that the modern lifestyle includes tracking. That doesn’t mean we shouldn’t pay attention to apps and what access they have. But it does mean if we want to fully participate and have access we need to accept the price is some privacy invasion and tracking. What unroll.me did might be unexpected, but it’s not unusual.

Related Posts

Privacy and being online

I have an email address that’s old enough to drink. It came to me today when I was discussing data hygiene. I mean, I have an email address that is old enough to drink! And it wasn’t even my first email address, it’s just the one I still have access to.
This realization led me down a path of what things have changed since I got that address.
I remember …DataSecurity_Illustration
… when things posted on the Internet weren’t around forever.
… when Google bought DejaNews and made USENET archives more available.

Read More

Electronic records outside US not covered by US warrants

The 2nd Circuit Court of Appeals ruled against the Government today in US Government vs. Microsoft. The government is investigating a drug dealer and want access to records held by Microsoft. Microsoft turned over metadata stored on US machines. But they refused to turn over the specific emails stored on machines in Dublin. The company’s position is that the federal government needs to follow the rules of the Mutual Legal Assistance Treaty between the US and Ireland.
This has been winding its way through the appeals court.
The court’s ruling today states “§ 2703 of the Stored Communications Act does not authorize courts to issue and enforce against U.S.‐based service providers warrants for the seizure of customer e‐mail content that is stored exclusively on foreign servers.”
An interesting ruling, and I see pros and cons to the ruling. It does complicate anti-spam enforcement a bit and make it easier for criminals to hide their data overseas while they might be in the US. But it’s already easy for them to do that. Many arrests of spam gangs and others for crimes committed on the Internet over email involve multiple law enforcement agencies across the world.
Full text of the ruling (.pdf link)

Read More

FCC notice of proposed rulemaking

The FCC recently published a notice of proposed rulemaking that will have an impact on how we fight abuse on the internet. M3AAWG has submitted a comment on the proposal (pdf link). All submissions can be found on the FCC website.

Read More