Apart from selling us all out to the security services in return for groovy spying software, and making the world safe from the future crime we might commit one day in the NSA's deranged and suspicious minds, the Collectors' main market for our information, excluding individuals, is for advertisers and 'marketing companies' who also gather and distribute data.
As WP says in their blog; 'Data is the new oil' (SEE LINK 1 WP blog). And they're right, although not sure why they said it =:0).
Selling data is lucrative – it's worth billions of dollars to a lot of different people for many different reasons. Every new website, game, club, product, social network or app is obsessed with getting its user information. It is often funded by advertisers or investors whose sole aim is to compile a database of potential customers. They no longer just want to sell us a product, they want to profile our whole life – from puberty until death, and sometimes even after. The big collectors even go to the extreme of buying companies for their user data.
FB has recently acquired Instagram to add to their other little earners like What's App,while Google already own YouTube, datacollectors Double Click and control a deluge of data coming from the Androiddevices they developed and Microsoft own Skype and recently acquired Linkedin. Although obviously these are popular websites and apps, sound investments with worldwide coverage, the user databases and the personal profiles are the real prize – a honeypot for advertisers. Microsoft's purchase of LinkedIn cost them about $60 per user – experts calculate the real value is $140 so we begin to see why companies fall to the big boys.
Advertisers shape how the world works. They move in mysterious ways. They will tell a network to kill a TV show if it isn't selling their product, they will demand their brand, or portfolio of brands, hits prime time viewing schedules or follows a cliffhanger scene in a show, film or serialised novel. And they will pay millions of dollars for the privilege.
This isn't just Coke, Pepsi and Mackie Ds, it's also a conglomerate of smaller companies – often led by venture capitalists, (very rich men who own many of these companies or are on their boards), who want to sell products on the back of a TV show or a website's popularity.
They will take a successful and well-loved website with millions of users, and redesign it into a vehicle that sells their range of products and brands. They will even tell a website to write its pages to their own design, which will load their products' ads and may include hundreds of buttons, all activating tracking scripts, widgets and beacons that will follow potential customers around the web to see what they are looking at, taking pictures of, or writing about. They use sophisticated data capture technologies to ID a keyword in a comment someone makes on an online forum and trace it back to the person's profile. In return, the CEO and the stockholders get a million dollar investment and the site can continue,although perhaps not in the same way it once did.
Historically, the Advertisers' job is to sell us stuff – often by any means necessary.
Long, long ago, they decided the best way to do this is by working out how we tick, what our habits are, how we live – if we'd buy a product even if we didn't want it.
If an internet user is a vegetarian it's unlikely they'll want to buy meat products; if they vote republican they may not be interested in a news story about poor people using food banks.
But hold on. What if the vegetarian has meat-eating relatives and they might have to cook them turkey at thanksgiving or something? What if the republican invests in food banks as a tax dodge?
The advertisers often needed to know much more about their potential customers than just their age or location – they had to know EVERYTHING! And the collectors were very willing to find ways of doing this.
But not only Google and FB collect data. It's a complex system – a bit like the convoluted nature of an oak tree's root structure – thousands of companies do it worldwide and on many levels. Not just on their own corporate websites – even regular people who run a website get cash for hosting certain widgets or scripts supplied by ad companies or collectors, sometimes not realising what these things actually do.
The collectors are tracking the different aspects of our online lives – for advertisers, spooks and each other – and cross-referencing and trading the info, (our music, pictures, favourite books, keywords we use, etc,) in order to build a better profile that appeals to advertisers and prospective clients. They will often say they do this to 'improve our user experience'. :)
The thing is, when someone sells a list of names and profiles to a third party, who then sells it on to another third party and so on, there's no vetting procedure. It's not like the seller checks if the company they're selling to is going to sell on again to someone really nice. They don't know if it's a criminal empire or a team of fraudsters looking to build up their 'sucker list' (SEE LINK 2 for Sucker List), black hat hackers, or if they're a front for a criminal gang or a paedophile ring. They don't care. They just want the money.
There are so many news stories in England about how a company or a crooked employee sold off the customer database for profit – insurance companies, medical or drug companies, national charities, etc – and that's in a country that comes under the jurisdiction of strict European privacy and data protection laws.
Europe is possibly the safest place for online security – it has even forced Google to leave out certain private URLs from its search engine results and has initiated the Safe Harbor programme where US companies cooperate with Euro privacy. (SEE LINK 3 Safe Harbor) But this haven is slowly being eroded at the time of writing. Big international corporations and advertisers are brokering deals with European leaders to try and break it down. The UK government is trying to push through a law that will allow them to intercept and scrutinise their citizens' private data without permission.
Even before that, overseas companies were ignoring the European privacy and data protection laws on a regular basis – Safe Harbor or not. However, they mostly got their butts sued or their sites taken down and banned from European cyber-space unless they had good lawyers. The Euro surfer was fairly well protected.
This is when the collectors got sophisticated.
Groundbreaking technology, a myriad of online widgets, stealthy software, and even stealthier scripts, grew up so quickly that security techniques could not cope.
Technology will always outstrip security.
As soon as the hackers had written a new Trojan it already had a hundred variants everywhere – designed to look like legitimate processes few Anti Virus programmes would even notice – before the Anti Virus companies had worked out how to stop it. JavaScript and cookies had been mutated into super spyware variants, HTTP protocols were an open door, browser securities were a hacker's heaven, tracking scripts were everywhere.
SEE LINK 4 How they are tracking you and how you can try to opt out...
So what assurances did the big boys give us? They pointed to their private parts (not for the first time)...
Every website has a privacy policy – they have to by law if they operate from a democracy – and put it somewhere on their website. Very few people actually read it. Did you thoroughly check out the privacy policies of Google and Facebook I posted in the last chapter? Hmmmm. But I don't blame you.
We just want to get on the web and have fun. We don't want to read legal stuff like policies, terms and guidelines. Most websites rely on this of course, hoping we'll be drawn to the shop window, while ignoring the legal stuff they need to have to exist, lurking at the back of the store. But if we did study their terms, guidelines and PP, and it was honestly written, we probably wouldn't risk another click on many of the websites we visit.
If you did check those policies from the last chapter, note how some were very thorough and actually named the cookies they used, and what they did (we'll look at cookies in a later chapter). This is a good example of a collector being honest. Well, a little bit. :)
Another clause in a PP often stipulates that if they sell up, ALL data will be transferred to the 'buyer'.
Some PPs have a clause that says, if they are sold, data they collect will not be transferred to the new owners if users don't want it to. This sounds good, but in reality it doesn't make much sense. A site like WP for instance, which also has this kind of clause in its PP( SEE LINK 5 WP privacy policy 'business transitions'), has our date of birth, real name (if we're honest) our device IDs, our FB connections, IP address, a profile of our favourite parts of the site and much more, and has millions of users. It maintains it won't pass that data on in an identifiable form (phew!). But if a new owner took over and we Wattpadders didn't want it to have our information, (especially if it was FB), does that mean the new WP (FacePad?) couldn't continue without its millions of users agreeing? Or would we have to let them have it just to keep our books, contacts, friendships, etc?
This is all theoretical BTW. I have no hot tip about WP selling up to FB, for all you stock market players.:)
But, in an alternative universe, if FB did buy WP, would it expect us to still use the site and not give it our private and personal details?
Would it F*CK.
It would say, 'lift your skirts or bugger off!" It would expect the millions of Wattpadders to bow their heads and say, okay, Zuck, we trust you...
And we would'.
EDIT:
WP has recently changed its PP (Feb 2016) since this chapter was written (Oct 2015). Their business transition clause now says they will sell off our info if they sell the company. If the new buyer decides to use that data in 'a manner different from that stated at the time of collection' then, 'users will be given a choice to decline such different use'.
Although I am not sure if that will be able to happen and the point I made above still applies, I believe.
The uninformed delight in gaudy things and novelty. The wise delight in the ordinary.
Zen wisdom