Your information is out there. It’s everyone’s fault, really. Well, not dogs, but they’re not legally people, despite all the letters I’ve written to my congressman, who’s a woman. Damn gendered language.
Visit a website? Google Analytics adds one to a hit counter. Buy a framed photo of your cat? Guess what sort of ads you’re going to see for the next 6 months. Have a persistent heartbeat? You’re probably wearing a watch that knows more about it than you do.
This is the lowest-grade invasion of your privacy. It’s happening constantly, quietly, all day long. In the best-case scenarios, when that data is reviewed by a non-you person, it’s anonymized. They don’t know who said, “I don’t know, what do you want for dinner?” They just know how well a new choose-your-dinner-for-you app will be received.
“My data!” cries the average American, who’s probably high on several amendments and having vivid hallucinations of rockets’ red glare. “My privacy! Oh, woe is me, that my life is laid bare for callous and faceless corporations to exploit! Surely, the political party to which I’ve ceded my beliefs is working tirelessly to put a stop to this savagery!”
Spoiler: They’re not.
There are cases where hysterics are warranted. The Cambridge Analytica scandal exposed the raw, non-anonymized data of 87 million Facebook users to the Trump campaign by means of an app that exploited a loophole in Facebook’s privacy framework. Whether we believe that Facebook CEO Mark Zuckerberg is truly penitent for his company’s role in the affair or not, the fact is bad actors benefitted from our ill-gotten data with neither permission given or compensation offered.
While Cambridge Analytica wasn’t an isolated incident, not all invasions of privacy should rise to that level of outrage. Data privacy is an important concept, but data is not inherently private.
What is Personal Data?
Personal data is facts about you. That’s it. Everything from your bank card PIN to the number of spiders you’ve eaten in your sleep is personal data. A better question would be, “to whom does that data belong?”
In the case of your bank card PIN, unless you’ve posted it on Facebook as a handy reminder, the answer is evident. But what about aggregated data? Consider the guy running the bodega that has really good prices on oranges, but toes the line with the legal definition of extortion for everything else. If he installed a door sensor to count his daily customers, does my increment in that count belong to me? It’s technically information about me—I walked into the bodega—but it’s also information about the bodega. By using anonymous, aggregated data to find the least busy time of day and schedule his lunch accordingly, has the owner violated my privacy by usurping my rightful data?
Let’s say the bodega has a security camera. My privacy isn’t violated when I’m recorded purchasing a shameful quantity of whiskey and sugary cereal. I entered a public place to acquire the means of my digestive self-abasement. I’m fully within my rights to be outraged by the recording, but what I lack—and rightfully so—is recourse. I can be pissed off that the sun is sustaining human life on Earth if I want, but that doesn’t justify revenge.
But consider what the bodega owner does with the footage. Were I to write a bad check for my embarrassing defiance of common-sense nutrition, he might print my picture from the footage and hang it up with the caption, “look at this fat bastard who has less than eighteen dollars in his checking account.” An assault on my reputation in a public venue! And for what? Because I’ve effectively stolen from him? Setting aside the fact that we’re both horrible people for trucking with checks in flagrant defiance of vastly more convenient forms of payment, who’s the rightful owner of my image? It’s my face, his camera. The real question: how much has my reputation suffered from a public shaming over an uncompensated box of Count Chocula and a plastic bottle of Toilet Hugger Bourbon?
Sure, I could engage a lawyer to send a cease-and-desist letter. That’s a predictable response from someone who bounces checks for bottom-shelf whiskey and marshmallow cereal. Or—hear me out—I could bring cash to the bodega, settle my debt, and ask him to take down the picture. Leave the philosophers to ponder whether I’ve bent the knee to low-grade tyranny, and let my dietician scold me for not buying the more reasonably priced oranges instead. They’d have averted the bounced check in the first place, not to mention the hospital bills that my cirrhosis and hypertension will inevitably bring on. It’s a good thing hospitals don’t publicly shame their debtors on the sliding doors to the emergency room (yet).
Apologies for the ruse. I’ve never seen a dietician. If you’re sufficiently outraged to demand remunerations, I hope you’ll take a check.
Internet Browsing History
In lieu of vengeful bodega operators, consider internet service providers (ISPs). To hear them tell it, they’re fully within their rights to sell your browsing history to third parties for fun and profit. Most Americans disagree. Across political divides—a demilitarized zone where few Americans dare to tread— the majority of us feel that we have little control over what’s collected about us or how it’s used, and think the potential risks of businesses or the government collecting data about us outweighs the benefits.
But how is their data collection different from the door sensor at the bodega? Isn’t it partially their data? On the one hand, my ISP is selling my alarming rate of purchases of adult-sized footy pajamas. On the other hand, it’s their customers whose families are embarrassed by their life choices. Are they necessarily mutually exclusive? If they’re anonymizing the data, what’s the harm?
The problem is leveraged consent. Sure, I signed the ISP’s interminably long terms of service, including my agreement that they can update said terms whenever they like. But what was the alternative? Don’t go online? The Internet has increased in scope and value in the 40-ish years since its inception. It’s not a toy, it’s a necessary component of modern life. As necessary a utility as water and electricity, and the water company has no business tracking how much lavender I put in my bath. For the record, it’s a very manly amount; but even so, it’s private. Just take my money and keep the wet stuff coming. Same for you, ISP.
What Can I Do?
The trick to surviving the modern Internet with a few secrets intact is largely common sense, a term we should really stop using in the modern era.
For starters, limit what you share. If you don’t want everyone on Facebook, their advertisers, their parent companies, and every data miner in the Eastern Bloc knowing about it, don’t post it. Even if you mark the option to only share it with friends, it’s only a matter of time before the terms of service are edited, or Facebook gets “hacked” again.
If you really want to take extra steps to block data monitoring, you can use tools like Tor or a VPN. These are especially beneficial when connecting to unknown WiFi networks, which you should avoid whenever possible.
Get some perspective. There’s a difference between Cambridge Analytica selling your personal data and your anonymous inclusion in the worldwide population of Doctor Who fanfic authors. After all, beyond a sense of moral outrage, how much have you really suffered for having seen an ad for your favorite breakfast cereal in the sidebar of some idiot writer’s blog? Marketing professionals sincerely believe that sending you ads for things you actually want is a valuable service. As long as they’re not holding your granny hostage until you’ve forked over your cash, it probably doesn’t even merit a full eye roll. Just take a peek at your balance before you write the check.