Transparent you: From data collection to data protection
July 14, 2015
2.3 trillion gigabytes of data are currently produced around the world every day - the equivalent of 1.15 trillion 2GB USB sticks, which laid down lengthwise next to each other would circle the earth almost 1.5 million times!
It's a vast amount of data and while once upon a time we might have thought it had nothing to do with us, revelations about the information being tracked by international intelligence agencies and companies alike have proved that not to be the case.
Surveillance is not only something that happens to people under suspicion of committing a crime - it happens to all of us. Daily. Now, as you read this story.
Because over the course of a day a hell of a lot of data is collected, stored, and - depending on the laws of the country you live in - also analyzed by government agencies, research institutes and companies.
We decided to go through a typical day and see exactly what data is being collected and how it could be being used:
7am: A morning jog
Let's say you're a sporty person and immediately after being woken up by your smartphone's alarm, you're straight out the door for a quick run.
It's probable that you're part of the generation that knows there's an app for everything, and so you use one to monitor how you are doing on your jog. Of course, it tracks your route via GPS - but beware, there's more: some apps also take data on your running pace, heartbeat, distance, duration and the calories you've burned.
While it's great to be able to keep track of your progress, apps like Runkeeper might be doing things with your data that perhaps you wouldn't expect. In its terms and conditions, Runkeeper says that if it sells its business, your personal data may be "part of the transferred assets", while adding that it will also hand over data where there is a need to meet "legal requirements". A 2014 study by the United States Federal Trade Commission found that developers of 12 mobile health and fitness apps were sharing user information with 76 different parties, among them advertisers.
And there are other possibilities for such data - for example, what would your insurance think if they saw that your heartbeat goes through the roof after five minutes of jogging? Might they just consider making you pay more - considering how unfit you are and assuming that you'll become ill earlier than people who are in a better condition?
Right now, this is just hypothetical, but with smart watches keeping track of every step you take, data protection activists are warning of this looming possibility.
9am: Taking the train to work
A nice cup of English tea is not the only thing people from London have to enjoy every morning, they also have the joy of being tracked as they travel to work - through their transport payment cards. These cards are scanned against a reader in the underground train station, which means that instead of being able to anonymously travel around the city, the travel authorities can, with help of surveillance cameras, potentially trace you. They can see where and when you get on and off, or when you take a break from your routines (like instead of getting off at the station you always get off to go to work, leaving the train two stops earlier to visit the new fling, that your actual boyfriend does not yet know about?!).
It is not compulsory to register this so-called Oyster card, but if you do, data, including your name and address, marketing preferences and your journey history, are all made available to the travel agency Transport for London (TfL) - information it says it uses for research and customer services. We have to say, we're not completely convinced - so when boarding a train in London, either make sure you wear one of those big floppy hats reserved solely for a sunny day on the beach, or make one of those watching smile by waving at any of the hundreds of cameras (more coming up on this) you come across!
9.30am: Browsing the Internet at work
No matter where you are, you might find that you need to know what's going on in the world. And you might just visit an online news site like dw.com. But whatever you may think, you are not there anonymously, but you are leaving behind traces. We are able to see from which website users come to ours, which articles were read on our page and which videos were played. Depending on your browser settings we will also be able to tell in which country you are while browsing our site.
If you have a job, like us, where you send and receive tons of emails during your work day, your communication could also be monitored. And it's not only the fancy surveillance programs the NSA uses that can open you up to unwelcome eyes.
If you are lucky enough to be able to work from home, you should be able to prevent others from sneaking a peek at your communications with programs like "pretty good privacy" (short: PGP), which helps you to encrypt your messages, so privately-sent emails actually are a little more private again. But if you're working from the office, beware - it could be your boss that's spying on you!
1.30pm: Online shopping during lunch break
As the hard working person you are, you probably spend your lunch break efficiently in front of your computer eating salad and being healthy. And as this is a break, perhaps you have a quick browse for dresses for your best friend's wedding.
Have you ever wondered why when you then take a quick look over at Facebook - and suddenly, so conveniently - it presents you with the ads for exactly those wedding dresses? The marketing strategy behind it has the fancy name: "predictive behavioural targeting" and aims to present you with ads that you are most likely to click (and spend money) on.
And remember that YouTube belongs to Google? You may very well find YouTube displaying advertising before the start of your video that fits exactly with what you have been googling recently.
If you want to try doing a search that is unmonitored, then maybe give an alternative search engine such as DuckDuckGo a go.
5pm: Home time
It's a nice day outside, and so you decide that you will walk home and avoid being tracked again on the train. But you're still in London, so don't think you'll escape some kind of surveillance.
There are 245 million video surveillance cameras installed all over the world with the United Kingdom having one of the highest numbers with four to six million. Some estimate that the average Briton is filmed at least around 300 times per day. And some of the camera-holding authorities, like London's TfL even offer you to send you pictures of yourself, if you let them know where and when you crossed a camera.
But don't you think it's only a British agency that can help you out with your pictures. You might even be able to get them yourself. A fifth of the world's surveillance cameras are connected to a network - and a US photographer just proved how easy it is to hijack them. For an art project he followed people down the streets watching them using the video cameras.
6.30pm: Do some grocery shopping
If you do your grocery shopping in some Western European countries like Germany, you will most likely also have it: a points card, the plastic-cast promise of discounts. But with every purchase you not only carry your goods home with you, but also leave information behind - like how much was spend on what, where and when.
The advantage is that you receive discounts. But is it enough? The German Business Magazine Wirtschaftswoche calculated how much of a lower price you actually receive: if your purchase costs 30 euros, you could buy a chocolate bar with your points that would usually costs 39 cents - a discount of 1.3 percent.
So before using your card next time, have a think about the 1.3 percent discount and whether it's worth sharing the information about your shopping for condoms, the pregnancy test you bought or when you started stocking up with baby food.
By the way: this not only the way it works with loyalty cards - the payments made with your credit card can be used to predict your divorce!
8pm: Arranging to meet up with friends
If you live in the US, for example, and you want to meet with your friends for dinner - you might just give them a quick call, send an email or text them via the world's most used messenger Whatsapp to arrange something.
But beware, all of those ways of communicating might be tracked, meaning that somebody could know who you've called and how long that call lasted. If you send something digitally and the information crosses the borders of the US while being transferred between internet servers, it might also be captured.
If you think, "I'm not talking about any secrets on the phone, they can listen…", fair enough. But think about the things you might actually not want to be shared without your knowledge, like … nude pictures.
John Oliver, host of Last Week Tonight, produced a whole show on surveillance, and it's well worth watching the entire clip. But for now, we'll direct you to the part where Edward Snowden explains what US mass surveillance programs could do with pics of a (partly) naked you:
11.30pm: Relaxing with a Netflix film or reading Kindle
After a long and fun, but exhausting day, you're probably looking forward to something relaxing like watching a movie or reading a book, but with no idea of what to watch or read next. Lucky you, there's technology to help with that: Netflix will recommend a new movie and Kindle will tell you which book to dive into next - all based on your previous reading and watching habits.
Still, it's not only these personalized services they are using your information for. There's a fairly long list of those Netflix will share your data with, for example Internet service providers, for promotional offer and for anonymous analysis. Perhaps not so bad, but still something to think about when you're watching one of your favorite movies.
12am: Falling asleep
If you think that by falling into the realm of dreams you can escape this whole surveillance nightmare - welcome in the next one: even in sleep you can be tracked. Apps like Sleep Cycle monitor how you are resting - or how restless you are.
If you agree to use the Sleep research feature, they state in their privacy policy that they "collect, compile and analyse information (and) share this aggregated data with research institutes, our affiliates, agents and business partners. (...) Without further notice to you (...) we may use third parties to process your Personal Data on our behalf, for instance to perform certain business-related functions such as maintaining databases."
… Until you wake up again.
Good morning - it's Groundhog Day!
#NoEsc from data observation
Of course, most of this information is used in a way where individuals are not identifiable. To the data-collecting entity you are anonymous, for example, they might know that card number xxx bought the following items, but in most cases they won't be connected to a name.
And in a lot of cases, we are talking about hypothetical use of data – just because the information is collected and/or stored, doesn’t necessarily mean it will be analyzed or sold. But there is the always the looming possibility that someone might use it in a way you wouldn’t want it to be used.
To some extent, this might even be desirable: Governments argue that extending surveillance capabilities prevent terrorism attacks or help in terms of solving crime.
And wouldn't it be great to enter a clothing store where the assistant already knows, with the help of data sent by your phone, what size you wear, what colors you like, what is already in in your wardrobe - and what of the store's collection would suit you? Or how about your smartphone being connected to your fridge? What if it was able to alert you - when you’re close to a supermarket - that you need some milk for your morning coffee?
As desirable as it might be, the precondition is that such data are collected, stored, and analyzed. After all, we're trapped in a trade off: we want perfect safety on the one hand, but perfect privacy at the same time - which is almost impossible.
Giving away personal information
And even if it was - it is not that we are super cautious which information can be found about us: We consciously make them available in social media profiles and opinion forums, for example.
The Swiss newspaper magazine NZZ Folio recently published a portray of New York real-estate agent and politician Jeff Goolsby, without even speaking to him. It was solely based on what journalist Boris Kartheuser reconstructed after digging through the web. Goolsby later commented on the story, proving most facts to be correct.
But are we concerned about all of this?
Once upon a time, we weren’t really worried – statistics from an EU survey in 2011 showed that a majority of people were not concerned about their data being recorded "via store or loyalty cards (48 percent), in a private space (54 percent) or in a public space (62 percent)."
But that seems to be changing – another EU survey conducted in 2015 showed that two-thirds of people asked (67 percent) were concerned about not having complete control over their data online.
Despite people becoming more aware of what can be done with their personal data, activists like Irene are still needed to show people how can protect themselves and be warey of the information they put online.
Just think about it: if you monitored your own emails, search terms, the websites you visited, the calls you made, books you read on a particular day - what would someone else be able to tell about you from that?