What do businesses know about you — and why does it matter?
Americans are really unhappy with the way big companies are hoarding information about them.
Unfortunately, with the way the world is currently set up, it’s pretty much impossible to exist without constantly handing over your data. Without doing so, you wouldn’t have access to healthcare, smartphones, social media, or email.
While Americans are concerned about their privacy, it’s easy not to think or do too much about it. That’s because the mechanisms that handle our data are, for the most part, invisible. If an employee of Google followed us around in public, taking notes on our life and personal information with a pen and paper, we might feel differently.
But they aren’t. So we don’t.
To help shed a little light on what happens to your information once it’s made its way from your brain to a server at Facebook HQ, here’s a breakdown of why companies want your data, what they’re doing with it once they have it, and why that might not be such a good thing.
Why do companies want your data?
For two main reasons:
- They can use this data to sell you things
- Your information can help improve the quality of the apps and services you use (which can then be used to sell you even more things)
How are companies collecting your information?
There are the obvious ways companies collect your information, like when you enter your name and phone number into an online registration form. But, there’s also an ever-increasing and complex web of hidden ways in which your data is collected.
For instance, did you know that your TV might be communicating with your phone using inaudible subsonic sounds? Or that your grocery store might be using bluetooth beacons to track your path around their building? Or that the manufacturer of your car might know when you’ve gained and lost weight?
Privacy policies are another area of concern. Thanks to the unbelievably complex nature of the privacy agreements we regularly consent to, most of us have no idea what we’re actually saying yes to when we sign up for an online service.
A recent analysis by the New York Times found that the language in most privacy policies requires reading comprehension skills above the national reading level. “A significant chunk of the data collection economy is based on consenting to complicated documents that many Americans can’t understand,” they noted.
Perhaps this is why the vast majority of folks don’t bother reading the policies at all. InfoArmor surveyed more than 1,000 Americans, and we found that only 30 percent of people regularly read the privacy policies of the apps they use.
What do companies know about you?
So, so, so much. As an example, here are some details that Google might have on you, depending on which of its services and devices you use:
- Where your phone has been
- Information on every event that’s been put into your Google Calendar
- The contents of your Google Docs and Google Drive
- Every photo from your phone
- Your YouTube viewing and search history
- Your workout routine and daily step count
- The contents of your emails
- Your browsing history (including browsing history you’ve deleted)
- Every Google Ad you’ve ever clicked on
- The apps you use and who you communicate with using them
- Things you’ve purchased and the places you bought them
- The media you consume, including books, games, music, and movies
The level of information companies collect varies, but generally, if you’re interacting with the internet or a smart device in some way, it’s safe to assume details of that interaction are being logged and stored somewhere.
What are businesses doing with your data?
It’s pretty complicated.
Your data isn't held by any one company. There’s a giant network of organizations that do different things with data from different sources, and many of them are selling their data to each other.
But, in a nutshell, they use this information to match you with a product or service they think you’re likely to buy. Then, companies put an ad for said product or service in front of your eyeballs. This can be useful. Like if you’re seeing ads for cheap vacation rentals in a city you plan to visit.
But it can also be bad.
Like if you’re a recovering alcoholic and start seeing ads for beer. Most people feel targeted ads fall into the latter category. Our Data Privacy and Consumer Expectations report shows that only 19 percent of people like when ads they see seem to be directly targeted at them.
However, these advertising methods aren’t likely to decline any time soon. As an industry, targeted advertising is incredibly sophisticated and generates billions of dollars a year.
What could potentially go wrong?
There are a lot of illegal ways that a person can use your personal information. They could use it to open a credit card in your name, use your health insurance for medical treatment, or a million other things that could end up costing you a lot of time and money.
Those are all pretty major things. On the lower end of the scale, it could also be used by some guy in another country to sign into your Netflix account and mess up your recommendations by watching weird stuff.
What’s already gone wrong?
Nearly 16 million Americans were victims of identity theft last year, at a cost of $16 billion. And that’s just the people who had their identities used.
The number of people whose personal info was stolen is much, much higher. There were too many data breaches in 2018 to include them all here, but some of the big ones were: Marriott Hotels (affecting 500 million people), Quora (100 million people), and Google+ (52.5 million people).
And, that’s just for one year. Back in 2013, an attack on Yahoo exposed the data of three billion (billion, with a B) of its users. At the time, the population of Earth was a little over seven billion.
You’ve likely been affected by a breach without even realizing it. It turns out that just one in five Americans affected by the 2017 Equifax’s breach were even aware their data was leaked.
There’s also the possibility that a company you trusted with your information could do something unwanted with it. This could be intentional, like the time Motel 6 employees gave guest data to ICE agents, leading to some of those guests being deported. Or it can be accidental, like when Amazon sent 1,700 voice recordings from a person’s Alexa device to a random stranger.
How can I protect my data?
The most effective step you can take is to reduce the size of your digital footprint.
Your digital footprint is a record of all your online activity. Every time you sign up for a newsletter, make an online purchase, or give a company your email address, your digital footprint expands. This puts your data –– and, ultimately, you –– at risk.
So, delete accounts you’re no longer using, keep an eye on your privacy settings, and always think twice about sharing any of your personal details. Of course, you could always live off-grid.