Tag Archives: Privacy

Facebook, Sears, and Kodak

When I was a lad several decades ago, many Americans did their shopping at Sears and took their pictures with Kodak film (I can explain “film” to you youngsters if need be). More recently, my kids might have shopped at American Apparel or Claire’s. What all of those formerly huge companies have in common is that they are all nearly dead. The reasons for that range from bad management to dumb financial deals to changing tastes to the digital revolution. In every case, however, I think there is a common thread of a failure to understand their customers in the context of the customers’ changing world.

We have something similar going on in my mind with Facebook. It’s huge and seems invulnerable but one might have said the same thing about Kodak or Sears 50 years ago. First, think about how the world is changing for their customers. Privacy has moved from something that digital folk like me were babbling about many years ago to something that is on everyone’s mind. In an April survey of 1,051 US adult internet users by Janrain, most respondents said they are not in favor of websites or apps using what they learn about them online to target ads. In fact, 70% of them want some very restrictive laws, similar to the E.U.’s GDPR, passed here. I don’t think there is any doubt that a tech backlash is going on and the more consumers and lawmakers find out about the sloppy (at best), invasive, and maybe criminal (at worst) data use by large tech companies, the greater that backlash is going to become.

Facebook’s entire business is built around invading your privacy. Two points from eMarketer:

More people are becoming suspicious of sharing data through third parties. In a March 2018 survey from Raymond James, more than eight in 10 US internet users said they were at least somewhat concerned about how their personal data is being used on Facebook. Similarly, in a Gallup survey of 785 Facebook users in April 2018, 43% said they were very concerned about invasion of privacy. That’s an increase of 30% in 2011.

What has resulted is that people, especially young people, are sharing less content. The entire reason Facebook is valuable for most people is that content that their friends, classmates, and family post. It’s the network effect – that value of the network relates to the number of people on that network.

I’m not shorting Facebook stock today but I’m not so sure that unless they get their privacy house in order that won’t be a bad play down the road. Less content means fewer active users which leads to less revenue. Will they all move to Instagram (a Facebook company)? Maybe, but probably not since that’s not what’s occurring now. As each day brings a new headline involving a bad actor and data, another nail gets pounded into the coffins of companies that don’t respect their customers’ privacy and wishes. Privacy and data use are no longer just food for geek chats. They’re on the front page. How long can Facebook or any company last if they don’t figure this out? Longer than Sears or Kodak?

Advertisements

Leave a comment

Filed under Consulting, digital media, Reality checks

Zuckerberg Unbound

Philip Roth wrote a series of books in the late 1970’s and early 1980’s. The middle one is called Zuckerman Unbound and deals with the relationship between an author (Roth’s alter-ego Zuckerman) and his creations. It’s not a great relationship although it is a pretty good book. Roth’s character seems to express regret for the books his younger self brought into the world, and at one point he finds out that a book he wrote has caused his mother a great deal of pain and suffering.

English: Mark Zuckerberg, Founder & CEO of Fac...

(Photo credit: Wikipedia)

I thought about Zuckerman as I watched (and am watching as I write this) another Zuck – Mark Zuckerberg of Facebook – testify before Congress about how his creation, designed to bring people together, has morphed into something that has blown many people and institutions apart. I doubt any of you reading today’s screed touch billions of people every day the way Facebook does, but I think there are some lessons to be learned here.

One thing that rings hollow for me is the apology offered to the committees. I and many others have been writing about Facebook’s lack of privacy and transparency for years. This isn’t something new nor is it something about which Facebook was unaware. One might suppose that they, like so many others in business, were of the mindset that it’s better to beg for forgiveness than to ask for permission. Bad call, and they’ll be doing a lot of begging as the inevitable new regulations on the use of data are put into place. That’s lesson one.

My favorite moment of yesterday’s hearing came when one senator informed Mr. Zuckerberg that Facebook’s “user agreement sucks.” It does, but it’s far from alone. I’d also argue that any “simple” agreement that links out to a dozen other pages for further explanations of things not explained in the initial policy is far from simple. I doubt I could pass a quiz on what Facebook can and can’t do with my information and I’ve been on the platform since 2006. Anyone that generates data that you’ll use to benefit your business should understand what they’re giving you and why. Lesson two.

I do know that Facebook gives the user a lot of control over who sees what although it really doesn’t do so by default. I’m less clear as to what they gather although I’ve downloaded my data and gone through it. Some of what is in there comes from activities off of Facebook, probably either through my use of a Facebook ID to log in or via the Facebook Beacon. How many users understand that they might be tracked EVERYWHERE by Facebook and not just when they’re using the service? Facebook would argue that you’re using the service when you use your Facebook ID to log in elsewhere but I think that’s specious. Yet another lack of transparency, and lesson three.

I wonder where Facebook goes from here. As far back as 2010, it’s been under attack for its privacy failures. It’s a business founded by a man who called users “dumb f^&ks” for giving him their information. Maybe like Zuckerman, he’ll come to realize that he needs to be unbound, cut loose from everything that made him what he was and fix the problems in a way that fulfills the promise of connecting the world that he espouses. At the moment, it appears that others may step in and take steps that alter his world forever.

What’s your take?

Leave a comment

Filed under Uncategorized

Today We Say I Told You So

I was at a startup event last evening and of course, the topic of Facebook‘s data problem came up. I’m sure you’ve heard something about it but what you’ve heard might not be accurate since many of the reports I’ve watched on TV are pretty off the mark. Since I’ve written a lot of not nice things

Facebook logo Español: Logotipo de Facebook Fr...

(Photo credit: Wikipedia)

about Facebook here on the screed, let me add my two cents here. I also want to taunt you, politely, by reminding you that not of this should be a surprise. I won’t retell the story of what’s been going on but you can read it here if you’re not familiar.

First, the inaccuracies. This wasn’t a data breach nor a data hack. It isn’t a bug – it’s a feature. The whole point of Facebook’s business is to collect a lot of data from and about its users and sell that data along with ads to marketers. They’re not alone in this. If you use Google, they pretty much know what Facebook knows and a lot more. Like Louis in Casablanca, you might profess to be shocked by this but you knew about it all along, didn’t you? After all, you agreed to let it happen when you clicked through the app install or joined the service some other way. You didn’t realize that using a Facebook or Google sign in on other sites meant they could track you? Hmm…

What’s inaccurate is that many reports say Facebook was collecting voice calls and texts from Android phones. First, it’s not the actual calls or texts, it’s the metadata – who you called or texted. Second, that was a feature of some versions of Android that allowed that to happen and Facebook just scarfed up was available and THEN, only because YOU said ok when you installed Messenger. Please don’t be mad at them for doing what they said they were going to do and don’t be shocked the data is in your file.

I downloaded my Facebook data, Other than seeing a few photos I don’t ever recall uploading to the service (which makes me wonder if they’re just grabbing stuff off my camera roll), I wasn’t surprised. No metadata from my phone because I never granted the permission for them to have it. No weird ad stuff because I go through my Facebook settings fairly regularly to clean out things I don’t want them to store. You should too. In fact, you should do that with ALL your digital stuff – check your Google activity, your ad profile, etc. Go through every app on your phone and check the permissions you’ve granted. Why would a game need access to your camera? Why does a barcode scanner need your location? You can probably revoke the permissions individually and if it breaks something in the app, turn it back on. Better safe than sorry. You want Facebook to know less? Delete the app and only use it from a desktop.

Now the “nyah nyah” part. I wrote a post in 2010 about Facebook and their privacy practices (or lack thereof). I wrote another one in 2012 about how Facebook might go the path of AOL or MySpace. I wrote then:

Like AOL long ago, there are some other underlying factors that might portend bad things.

  • Just 13 percent say they trust Facebook completely or a lot to keep their personal information private.

  • A large majority (59 percent) say they have little or no faith in the company to protect their privacy.

I think what’s happened over the last 10 days has me convinced that I was right then. Facebook are no angels but you shouldn’t be surprised at any of this. Unless and until each of us takes control over our privacy, which means understanding that data is currency and you wouldn’t just throw your currency around, this will happen over and over again. Make sense?

Leave a comment

Filed under Helpful Hints, Huh?

Watching You Watch

Welcome back, and I hope everyone had a restful and joyous holiday season.  I spent some of it watching TV and you probably did as well.  Of course, depending on what brand of TV you have or what apps you use, other people may have been watching you watch TV.  OK, maybe not exactly watching you, but they’re well aware of what you were watching as well as who you are.  The point today isn’t to make you more paranoid than you might already be.  It’s to  make you aware of where things are and are heading and to take a step back and ask you (and myself) if this is really where we ought to be taking our business activities. 

Let’ start with the TV.  If you own a number of brands of internet-connected TV (a smart TV), the TV is logging and reporting what you watch as well as your IP address.  That information can then have demography and purchasing information integrated from third-party databases because it isn’t hard to figure out who someone is from their IP address.  Once you connect your phone to that IP address (you do so when you attach to the home wi-fi), it’s possible to connect where you are as well as all of the other information a mobile device contains.  In other words, your purchase of, say, a Vizio TV makes you an extremely visible and valuable commodity: a consumer with known habits and an addressable means through which to access them.  I’m not hypothesizing.  If you own a Vizio and haven’t opted out, you’re being tracked.

It’s not just the TV’s themselves.  There is a lawsuit going on.  It was brought by Samba TV against its rival Alphonso. The two companies provide TV analytics and second-screen targeting capabilities.  What’s interesting to me is what it reveals about their methodologies, which involve targeting users on their mobile devices with relevant content based on their TV viewing.  How would they know what you’re watching?  One uses the set top box but the other uses the mic on your phone (who doesn’t have it with them these days) to listen to the TV.  That capability is in more than 5,000 apps, including some big ones.  You give the app permission to use your mic for some purpose (maybe to record a video) but once it has that permission, it can listen.

My question is this.  Do we really think consumers are aware of this?  If they’re not, aren’t we as an industry responsible for letting them know what’s going on?  After all, the two examples above are not part of the content value exchange we discuss sometimes (you give me your attention and I give you free content).  A consumer PAID for that TV and yet the manufacturer is continuing to monetize that customer without their knowledge.  The consumer might have an awareness that a free app is monetizing them but they presume it’s through advertising.  Do you think they know the app is listening to their TV watching and passing on a record of what’s being watched to a third party?

Here is the first of my 2016 predictions: this stuff will stop or some laws will be passed to make it stop.  Transparency of data gathering and usage will expand a lot as consumer backlash heats up.  What do you think?

Leave a comment

Filed under digital media, Huh?

A $24 Billion Secret

If you use any sort of connected device – a computer, a tablet, or a cell phone – you’re probably (hopefully, anyway) aware that someone is watching.  Maybe that’s a bit of an overstatement, but it’s accurate.  Everything you do, and everywhere you go if it’s a mobile device, is logged, along with some sort of device identifier.  It’s not hard to link a device with a person and that person with behaviors.  That’s really what the targeted advertising business is about.  

In that context, this article from Ad Age shouldn’t come as a real shock, but it’s always a little disconcerting to get a glimpse inside the factory where they make the sausage:

Under the radar, Verizon, Sprint, Telefonica and other carriers have partnered with firms including SAP, IBM, HP and AirSage to manage, package and sell various levels of data to marketers and other clients. It’s all part of a push by the world’s largest phone operators to counteract diminishing subscriber growth through new business ventures that tap into the data that showers from consumers’ mobile web surfing, text messaging and phone calls.

That’s why Verizon bought AOL and some ad tech companies, paying over $4.5 Billion for them.  Think that’s a wise investment?  Well, the global market for telco data as a service is potentially worth $24.1 billion this year, so it seems like it might be to me.  What’s less wise is that most consumers have no clue that all of this information about them – their surfing habits, their travel habits, potentially numbers they’re constantly texting, etc – are being packaged and sold without their consent.  Oh sure – when you sign the contract to use any of the carriers there is a lengthy terms of service agreement you probably clicked right through, and it contained language that said your data may be anonymized and aggregated and sold.  I’m not sure most people understand what that means in real terms.  Try getting phone service without agreeing.

Unlike most apps, which are opt-in, you really have no choice about this.  Are there benefits to the consumer?  Maybe.  In theory, you don’t see ads for things in which you have no interest, and you don’t get information about companies and services that aren’t in your area.   There is a huge downside, however, aside from the creepy factor.  Hackers can steal information that might allow them to know when your home is vacant on a daily basis, for example.  In fact, this sort of thing doesn’t go on in the E.U. countries because of the strict data protections those countries enforce.

The “tell” I see is that the phone companies don’t want to discuss this data business and the revenues they make from selling off our data.  If there wasn’t something nefarious going on, why isn’t it more out in the open?  Maybe if we all knew what was being gathered (300 cellphone events per day per subscriber by some counts), we’d be more curious?  Maybe we’d take steps, as some of us do with tracking blockers on the web, to maintain control of our own data?  What do you think?

Leave a comment

Filed under Huh?

Idiotic Injecting

No one that I know enjoys going to the doctor and getting an injection. Whether it’s as simple as a flu shot or something more complex such as a regimen of allergy shots, it’s not a particularly enjoyable experience. 

Today’s topic is an injection of another sort, but the experience isn’t enjoyable either. It turns out that AT&T has jumped on the “no free lunch” bandwagon with respect to offering wireless hotspots to its customers. A Stanford computer scientist and lawyer was travelling and discovered that the AT&T hotspot to which he had connected was serving ads over web pages he was accessing. When he went to Stanford’s home page, for instance (a page that has zero ads on it), he saw a pop-up ad for jewelry and AT&T itself, and the ads persisted for several seconds until he could close them.

He discovered that the ISP was tampering with HTTP traffic – that’s what serves web pages. It is using a service from a third party to inject the ads and to monetize the traffic. AT&T is far from the first “free” service to do this – Comcast and Marriott are just two others. But as the professor wrote:

AT&T has an (understandable) incentive to seek consumer-side income from its free wifi service, but this model of advertising injection is particularly unsavory. Among other drawbacks: It exposes much of the user’s browsing activity to an undisclosed and untrusted business. It clutters the user’s web browsing experience. It tarnishes carefully crafted online brands and content, especially because the ads are not clearly marked as part of the hotspot service. And it introduces security and breakage risks, since website developers generally don’t plan for extra scripts and layout elements.

In other words, while you might have accepted that as your ISP the folks at AT&T will see and record everything that you’re doing, you might be concerned about an outside company doing so.  Moreover, as a publisher, your beautiful content environment is now sullied by ads from which you derive zero revenue.

If you’re on an AT&T hotspot, you’re already an AT&T customer.  I don’t believe you can log on if you’re not and you’re probably paying them handsomely each month (I know I am).  This sort of nickel and diming might help revenues (I wonder how much in the scheme of things) but it doesn’t help with customer satisfaction. That’s a point from which any business can learn.  Idiotic injection from my perspective.  Yours?

Leave a comment

Filed under digital media, Huh?

The Real DNT Question

The good folks at the Electronic Frontier Foundation released their own definition of “do not track” the other day.  You might wonder why there needs to be more than one definition of such an easy to understand concept.  After all, what could be more clear than “do not track?”  As it turns out, marketers and others seem to misunderstand the term, at least then they are wearing their business hats.  They’re also hiding behind those hats in order not to address the real issue.

Here is where the EFF is coming from:

We think using the Web—including viewing online advertisements—shouldn’t come at the cost of privacy.  Whether their business is analytics, advertising, or social networking, companies dealing with data must be persuaded to respect a universal opt-out from tracking and collecting personal data without consent.

Pretty clear, I think.  You can read the policy they’re promoting here.  DNT Means Do Not Collect…And Do Not Retain…Except Where Required…Necessary to Complete a Transaction… Or With the Clear Consent of the User.  That seems very clear and yet even though this discussion has been going on for years, there is still no effective implementation.  As MediaPost said:

One reason why do-not-track never gained broad support is that the ad industry and privacy advocates couldn’t agree on how the signals should be interpreted. Some privacy advocates argued that people who say they don’t want to be “tracked” don’t want any information about their Web-surfing history compiled. But ad industry representatives said they were willing to stop serving targeted ads to people who turned on do-not-track, but wanted to continue to be able to collect data for purposes like market research and product development.

In other words, we’ll tell you what you mean.  Opting-out is never as good in my mind as opting in.  While advertisers and publishers aren’t exactly holding people against their will in their ad universe, they are forcing users to ask to leave as opposed to inviting them in.  Opting out has been made hard on purpose.  But we’re avoiding the real issue.  We are very focused on finding a good and technologically persistent way to respect users’ privacy and to opt them out.  What we really ought to be focused on is how can we  keep users engaged and opted in while maintaining their trust in how we’re using their information.

How do you see it?

Leave a comment

Filed under Huh?, What's Going On