Skip to content
big tech and data privacy

Big Tech and Data Privacy

In today’s age, our data privacy has been challenged by the rise of Big Tech. There is a saying, “When we get something for free, then we end up being the products.” In the age of information, all the clicks we’ve left behind — and will leave behind in future — are being (will be) used to analyze us, rate us, package us, and sell them back to us.

In a 2019 article, the New York Times outlined how we have “secret consumer scores”: a hidden rating that determines how long we wait on hold when calling a business and what service we receive.

A Tinder algorithm of sorts — a low score sends you back to the queue, and a high score will fetch you an elite treatment. The society we live in today is witnessing an enormous amount of data flow and a rampant surge in algorithm systems that make decisions without us knowing whether these decisions are fair for us.

What does big tech do with our data?

Big Techs, also known as FAAMG (Facebook, Amazon, Apple, Microsoft, and Google), are competing to harvest as much data as possible and sell it to third-party applications and businesses.

Big Techs have acquired extraordinary amounts of data on individuals through internet browsers, email, weather applications, maps, and satellite navigation. These firms document how we browse, what food we enjoy, where we buy our socks, which music soothes us, what movies we watch, where we travel and how we let the world know about it.

Google contains 4.14 GigaBytes of data on me. (Those who wish to download their Google data may use this link.) When you download a copy of your Google data, you will see a folder containing multiple subfolders, each containing multiple .json files. 

In a folder labelled location history, Google kept a history of my monthly location data since 2016 — with great details about whether I was walking, running, tilting, cycling, or in the vehicle, along with timestamps of the activity, location name, latitude and longitude.

Another folder recorded the ads I may have seen based on the websites I visited. In another, the files contained the details of the sites I have visited, images & videos I have searched for, apps I have opened and for how long. Even my Google Voice search recordings are listed in yet another file, along with the date and time. This is not just a story of Google.

In the New York Times report, Facebook was charged with holding personal data on their databases. Instagram, along with its parent company, Facebook, holds data on removed friends, phone books, blocked contacts, pictures, chat conversations, photos & videos sent and received, among other things. Instagram, of course, retains your search history to show targeted ads.

Even Alexa is listening — carefully. According to a 2019 Bloomberg report, Amazon Inc. employs thousands to help the Alexa digital assistant powering Echo speakers. Amazon, however, claims that they use the users’ requests to Alexa to train their “speech recognition and natural language understanding systems.”

While we, the users of web services, may be generating enormous amounts of data, we have no control over it. In turn, the Big Techs constantly monitor how we produce data and recreate our choices to make us better products.

How is technology affecting data privacy?

We’re in an era of data collection and surveillance — whether we opt for it or not in several instances. Panopticon–that is what Michel Foucault would have called it. These companies have been hungry for the hyper-personalisation of user data to gain a competitive edge.

As a result, they want to know everything about a particular consumer (his/her needs, desires, and behaviours) to make valuable recommendations. This quest for hyper-personalisation leads to the misuse of user data.

A classic case of data misuse? Cambridge Analytica Scandal.

In the early March of 2018, two leading newspapers, The Guardian and The New York Times, carried out a chilling report on how political consulting firm Cambridge Analytica which worked for the Trump campaign, had harvested the personal data of millions of Facebook users without their consent to “build a powerful software program to predict and influence choices at the ballot box”.

The data was collected through an application called thisisyourdigitallife, built by academic Aleksandr Kogan of Cambridge University. In collaboration with Cambridge Analytica, Kogan had paid hundreds of thousands of users to take a personality test and agreed to collect their data for academic use. However, the app also collected the data of test-takers, and Facebook friends, accumulating unprecedented amounts of data.

According to some estimates, Cambridge Analytica harvested the private information of the Facebook profiles of more than 50 million users without their consent, making it one of the most significant data leaks in social media’s history. The Cambridge Analytica Scandal exposed how third-party developers easily accessed users’ data and sold it to companies that misused this information.

Since the 2018 Cambridge Analytica Scandal, user data privacy has become mainstream. These data privacy concerns have put Big Techs under the radar of privacy watchdogs. In the last few years, we have seen (in many instances) how the Big Techs have mishandled consumer data or mined data without the user’s consent. Data privacy concerns do not just stop with personal privacy but encompass many issues related to what data protection means to democracy and who owns our data.

So, what can we do about data privacy?

Data privacy concerns how data is collected, stored, managed, and shared with other third-party entities. It focuses on the individuals’ right to know the purpose of data collection, privacy preferences, and compliance with privacy laws. Three ways of dealing with data privacy concerns are interconnected and overlapping. At first, the onus of data privacy lies on individual data users. On the personal front, we need to know what is personal to us and share the data only when necessary with entities we know we can trust.

Always Pay Attention to the URL and Ensure it Begins with “https://”

When we open our emails, we should not click on links embedded in unsolicited emails as they may open an unsecured and harmful webpage. Always pay attention to the URL and ensure it begins with “https://”, as “s” indicates the URL is encrypted and secure. Do not give unnecessary access to cookies — and occasionally delete the cookies from your browser. You (the data users) may take precautionary measures while securing your data.

Check Your Data Rights: GDPR and CCPA

Secondly, we need our governments to take the necessary steps to regulate big tech and protect individuals’ rights to data privacy. There’s GDPR (the General Data Protection Regulation) 2018 in the European Union that gives more control to individuals over their data. According to the law, the data controllers must not collect any personal data without the consent of the data subjects. They must disclose any data collection, declare its lawful basis and purpose, and state how long data is being retained and if it is being shared with any third parties or outside of the EEA.

In 2020, California State of the United States legislated a new data privacy law, i.e., CCPA (California’s Consumer Privacy Act), to enhance its residents’ privacy rights and consumer protection. The law empowers its residents to know what personal data is collected about them and/or whether it is sold to third-party entities. It requests these business entities to delete its consumers’ data. The proposed Personal Data Protection Bill in India seeks to regulate personal data collection, storage, and handling. However, there are fears about how these laws might turn the country into an “Orwellian state” — due to government bodies’ exemption from accessing personal data. More regulation is likely to come in 2021.

Innovating Dynamic CVV to Support Data Privacy

Third, we need to innovate newer ways of dealing with data products, with a priority on data privacy. For instance, in 2018, Pittsburgh-based PNC Bank piloted a card with dynamic CVV, changing the card’s CVV every 30 to 60 minutes. The dynamic CVV technology was created to fight card-not-present fraud, which has been rising for years. In another example, we can see that passwords are replaced with cryptographic keys and multiple layers of biometrics.

Signal — a Way Forward?

Signal, a California-based messaging application run by a not-for-profit organisation, offers users end-to-end encryption. Signal’s “Sealed Sender” feature makes conversations more secure as the platform cannot access private messages or media or store them on its servers. While WhatsApp provides end-to-end encryption for messages, it can access other private information — another good reason to shift sides.

Presearch – Decentralised Search Engine

Another innovation, Presearch, is a decentralised, open-source search engine with enhanced privacy features. Built on the blockchain, Presearch rewards its users with PRE crypto tokens. They do not track or store any information or searches. As a result, the users control their data. Along similar lines, Tim Berners-Lee, creator of the World Wide Web, has led an exciting project called “Solid” (derived from “socially linked data”) that aims to radically change the way web applications work today and empower users of data, their freedom to choose where their data resides, and who is allowed to access it.

PODS – Personal Online Data Stores

Solid is all about PODS – personal online data stores. Here, an individual has a PODS in which all the personal data is stored. And you may choose to host the data wherever you may wish to. Instead of uploading data to remote services, the services are granted permission to access the data in one of your PODS.

Interesting, isn’t it?

Picture: Yang Jing on Unsplash

This website and the newsletter (fuzzy notes) have been a labour of love. While they are free to access (and will continue to be free), they are not free to create. I spend significant time researching, writing, and proofing every article I publish here, apart from all the logistical aspects of buying and managing the domain and hosting plans. Each article is written meticulously to help fellow readers (such as yourself) get the best knowledge, which is also witty and articulate in this outlook. You may reach out to me at [email protected] (and tell me what you liked about the essay you may have just read or if you want me to write on anything you wish to read). If you have benefitted from reading articles on my website and the newsletter, consider buying me a coffee (as a token of love and appreciation ♥). If you cannot do so now, it’s okay! (understandably, each of us has our problems to deal with every day.) You can still do something else: share the article with someone who may like it.

3 thoughts on “Big Tech and Data Privacy”

  1. An interesting dialogue is value comment. I feel that you must write more on this matter, it may not be a taboo subject however generally persons are not sufficient to talk on such topics. To the next. Cheers

what do you think of the above post?

Discover more from Adarsh Badri

Subscribe now to keep reading and get access to the full archive.

Continue reading