Corporate Surveillance, Data Privacy, and iOS 14

I have this whole rant about security prepared, but I just realized this is the Halloween edition of This Week in Mobile. So be prepared to be spooked.

We’ve all sort of become inured to the fact that being on the internet means your privacy will erode away, at least to some degree. Every time you take a Facebook quiz like, “What Pizza Topping Would You Be if You Were a Disney Princess,” you’re giving away an enormous amount of personal information just to learn you’d be olives. And really, anything you do on Facebook is completely and irrevocably public. If you sign up for a catalog, you’re by extension signing up for every single company that company has sold its list to. If you think about socks while in the shower, Amazon will come to your house, unbidden, and put socks on your feet.

But you know all this. We’re all aware that Facebook is tracking us and that the ads we’re being served are eerily accurate. We know that pretty much every silly, time waster is actually a nefarious plot to learn everything about you.

Clario, a company who specializes in knowing such things, did a pretty fascinating report on media privacy, and which companies are reaching their hands deepest into your…data cookie jar.

According to Clario, out of all the data a business can legally collect about you, Facebook collects 70.59%. Instagram, unsurprisingly, is the second-worst offender. Both Tinder and Grindr capture not only your relevant, demographic information, but statistics about how and when you use other media platforms, and even information about your pets.

93% of companies have your email address. 18% know your weight.

As Clario points out, what companies can do with your data is limited by the GDPR. OH NO WAIT, that’s just for the EU. Sorry, Americans. Yeah, the United States has no federal data privacy regulations. And that’s worrying, but it’s just the beginning.

So let’s say you practice good data hygiene and have 30 dummy email accounts for signing up for the Patagonia newsletter or whatever; you have ad personalization off and do all your texting through WhatsApp. You’re safe, right?

You’re not.

There are loyalty cards (pretty obvious), in-app game purchases (well…), your email, from which big providers like Google and Yahoo can extrapolate information about your habits, and even satellite imagery. Companies like Orbital Insight use globally available satellite data to do everything from determine a rival company’s sales potential, to using telemetry-based sensor technology to measure foot traffic in a particular location.

They know where you are. (scary.gif)

And it doesn’t matter if you opt out or turn off — your phone can track you, with a startling degree of specificity, no matter what.

Bennett Cyphers of the Electronic Frontier Foundation says, “Information is being shared completely haphazardly, and there’s no accountability at any stage, especially in America.”

More than just sales are at stake.

While the Fourth Amendment protects you from illegal search and seizure, and the Electronic Communications Privacy Act of 1986 defines what law enforcement must obtain in order to get the information, your information is very obtainable.
Jennifer Granick, surveillance and cybersecurity counsel for the ACLU’s speech, privacy, and technology project, told Recode: “Basically, anything that a provider has that it can decode, law enforcement is getting it.”

I was chatting with Brant DeBow about this topic, and he said one of the greatest weapons in our fight for privacy is the fact that most of us are pretty uninteresting, except from a sales point of view. And he’s right. Of course he also then reminded me that for some reason the caller ID when I make calls from my New York phone number reads “Henry Patel,” and that a simple case of mistaken identity could have disastrous results.

He’s right there, too.

Plus, being uninteresting necessitates a party to determine what “interesting” is. And if you suddenly become “interesting,” what then?

Companies are fighting this, to some degree. Apple has consistently refused to grant access to suspect’s cell phones, and iOS 14 gave users the ability to determine the level of tracking some apps do, and alerts you when apps are using your microphone, camera, or accessing your photos.

But even that’s not much of a defense, because most of our information is stored in iCloud, which is accessible to law enforcement with a simple warrant.

I’m not going to give you any comfort as I close this today, because there’s none to give. We’re still in uncharted territory, here, less because the technology is still young and more because we as a country haven’t taken the proper steps to ensure consumer/human privacy.

If I paid someone enough I could probably find out where you’re sitting, right now, as you read this. Luckily, I don’t care.

But someone does.