Another day, another horrible bit of news on the privacy front. I’ll take it as a sign that another post on data collection and privacy is called for. I think that by now we all know that everything we do in a digital world is collected and that nothing collected in a digital world is private. 
Oh sure, maybe your Aunt Sally can’t see your phone records, but someone can, and it’s probably not someone who needs to know that you called a suicide prevention hotline 4 times last month. As one writer put it:
Collection means access, period. Someone who wants information can always find a way to get it, and yet we’re only expanding methods of information collection: trackers, cameras, beacons, glass, drones. This puts all of us in a very public place, constantly.
Amen, and it’s a thought each of us needs to keep more forward in our minds. The Pew Internet folks have been doing an ongoing survey with respect to privacy and the latest report (which you can read here) contains the following quote:
An executive at an Internet top-level domain name operator who preferred to remain anonymous replied, “Big data equals big business. Those special interests will continue to block any effective public policy work to ensure security, liberty, and privacy online.”
I’m not really aware of any recent business model that isn’t centered around data collection and monetization at least in part. Retail, health care, entertainment and media, finance, and insurance are sliding their models to revolve more around robust data collection and usage. We as consumers can say “fine, I will gladly give up data in return for convenience, better pricing, or an improved product”, but that’s a choice WE make, not the provider. It implies informed consent.
The latest fiasco to which I referred earlier comes from Lenovo, which, as Ars Technica reported:
…found itself in hot water last week when researchers discovered that pre-installed adware from a company called Superfish was making users vulnerable to man-in-the-middle attacks. The adware installed self-signed root HTTPS certificates that made it easy for Superfish (as well as low-skilled hackers) to intercept users’ encrypted Web traffic.
In other words, by buying a Lenovo computer you made data which you thought was secure and private very much not so. That’s the sort of corporate bad behavior which is intolerable. But in order to respond, we have to be aware, and I suspect that this is only one example of this behavior.
OK. Rant over. The take away is this – if you’re a business, act responsibly and transparently. If you’re a netizen, pay attention. It’s not just Big Brother who is watching.
Thoughts?
Consult Keith 