The frustration is strong. I am breaking my own rules again. I am allowing myself a rant. The trick now is to avoid being the angry pundit and to keep it readable, though really it’s about venting without turning it into a show of how clever I am.
I have always been sensitive about my data and label myself as paranoid about privacy as a response to eye-rolls about the subject. Why am I ranting? Because it takes a lot of effort to keep my data private. It is tiring plus it keeps on getting harder.
It used to be that simply polluting my data with multiple birthdays, multiple cities of residence, and other random data points was enough. Now I need to use anonymous windows, a VPN and browser add-ons. There are 11 layers of security parameters, 43 clicks to decline different forms of tracking and all sorts of hoops to jump through because you have chosen not to share. All this effort a constant reminder of how much my data is worth to the collectors.
Listing everything that is wrong with Facebook would take many thousands of words, however, as to the subject of my current rant, it requires relatively less effort to opt out because it doesn’t care. Even if you are not using their apps, it is a master at collating data from everyone else who does share. Case in point (seen with my own eyes): A friend who separated from his wife. He is an occasional (reluctant) user with only a handful of friends, privacy settings activated and his relationship status marked Complicated since forever. His wife was not on any of Facebook’s platforms until, a few months after the separation and using her maiden name, she created an Instagram account for her art work. He learned about it very quickly when, despite having no connections in common, he received a suggestion from Facebook to create a matching page on their platform. I told him it they had probably used IP addresses, contacts from their phones and second degree connections to guess at the relationship. The lack of direct connections and low level of use is probably what lead the algorithm to miss that they were no longer together. Unfortunately, you cannot stop other people from sharing so, as an individual, the only way to reduce the value of the data they have is to limit the visits to their platforms because they cannot display advertising when you aren’t there.
GDPR,the EU law on data protection and privacy, has been very informative on just how much data is being collected. It is also responsible for some of the hoop jumping. Ever since it came into effect sites have to tell you what they are collecting, how they are using it, and have to obtain consent for that. I bail out of sites that want too much information and that require you to accept to continue using the site.
However with time, sites have gotten more sophisticated. Instead of locking you out, they now offer options to opt out of some or all tracking options. It is also where reading the notification becomes really important. There are the sites that allow you to opt out of everything and inform you that, regardless, they are going to fingerprint your system (location, operating system, and browser) or in other words gather as much information about you as they can deduce, then sell it to data merchants who will match it and merge it before selling it back to them as well as to all their other clients. All most all have multiple types of tracking to which you have to opt out of individually. They bury long lists (really long lists) of third party advertisers in separate popups/windows that need an extra click to see. Some make you visit more information pages with instructions on how to opt out of each option individually (bye-bye). A lot are labelled as being managed by a third party with trust (as if they earned it) in their name.
This is where you see the value they assign to getting your data. How many users deliberately choose to only accept some types of cookies? It takes money to build these hoops, to slice and dice all the types of data, put them into different buckets. Instead of giving you an in-or-out option or having an accept-or-leave policy they prefer to make you navigate a privacy minefield where in the interest of “transparency” they will have separate options for groups of cookies labeled “legitimate interest.” The remaining (illegitimate) cookies requiring additional individual opt outs. Miss one option once and your fingerprint will keep on giving.
Then there is the do-no-evil empire that keeps on notifying me that I have turned off notifications, asking me if I want to be geolocated, suggests that the do-not-track option (originally invented by a competitor) is useless, gives me local results despite turning off geolocation, tells me my perfectly functioning phone wont work correctly unless I turn this or that option on, and makes me prove I am not a robot, even when only searching, every time I use a VPN. They are a little more helpful when it comes to keeping other people from my data, then again, that gives them exclusivity to the data they are collecting (it’s not for nothing they are starting their own VPN service).
In short, the money and effort being spent to get at my personal data and the net profits the collectors are making shows how much it is worth. With profit margins well above historical averages for traditional businesses the services offered are overpriced and it’s not surprising that instead of giving me accept-or-leave options they keep on trying. All this while constantly reminding how much they care about my privacy when what really want is exclusive access to my data. Not that not-using some services is a true option anymore. It’s like not having a car in a place with poor public transportation: you can get around but… .
If you have made it this far into my rambling rant, I thank you for your indulgence. If you are interested in learning more from real experts, I suggest the sites of the Electronic Frontier Foundation and Citizen Lab as excellent resources for information and resources on Privacy