No one sane would ever want their relatives, friends, work colleagues, and neighbors to be able to know (quoting from the OP):
> who you sleep with because both you and the person you share your bed with keep your phones nearby
> whether you sleep soundly at night or whether your troubles are keeping you up
> whether you pick up your phone in the middle of the night and search for things like "loan repayment"
> your IQ based on the pages you "like" on Facebook and the friends you have
> your restaurant visits and shopping habits
> how fast you drive, even if you don't have a smart car, because your phone contains an accelerometer
> your life expectancy based on how fast you walk, as measured by your phone
> whether you suffer from depression by how you slide your finger across your phone’s screen
> if your spouse is considering leaving you because she's been searching online for a divorce lawyer
No one sane is OK with corporations, governments, and other third parties being able to obtain and save this information either -- especially if their only hurdle is to get you to click "OK" to agree to some legal agreement almost no one has the time to read or expertise to understand in its full implications.
We need a New Declaration of Human Rights for the 21st century that takes into account rapidly advancing technologies for collecting and acting on data at mass scale.
This is a great list. SO many times people have said to me, "Let them track me, I've got nothing to hide." And you hit them with a few things off this list and they immediately change their mind. There should be a tinurl for website I can send people to that shows a simple list of all the ways personal information can be used.
> There should be a tinurl for website I can send people to that shows a simple list of all the ways personal information can be used.
I just now set up a small site for it at https://whynottrack.com/! It's open source -- GitHub link in the footer -- so anyone can PR changes / reasons / etc.
I think this list makes a case for better sharing/access controls but I can see applications for most of the things listed here. I might just want the insights for myself but not want to share it with anyone or my data being sold without my consent e.g. monitor and improve my sleeping habits, monitor my expenditure by tracking my restaurant and shopping habits, my health data and/or insights into it. Maybe not your spouse but some parents might want to keep track of what their kids do online. I know people who want to have the ability to find/track the location of family members etc.
I suppose calls for better regulation, purpose oriented data collection and stricter enforcement and penalties but by no means does simply don't track/collect data is an answer where there are actual practical applications.
I think these concerns still need to be translated into real world repercussions before the average person is convinced. Right now it is certainly creepy, but does it really have a negative impact on my life for a company to know these things?
Interestingly, this attitude used to be default even here on Hacker News ~5 years ago. I am so glad to see it's changing. Why I'm finding this interesting? Because this audience always knew what's going on even without layman articles like this, but did not care for some reason. This shows how just knowing isn't enough sometimes. Public sentiment matters.
Framing seems to matter. If someone was following you all around town and you could physically see them taking notes I don't know a single person that wouldn't feel uncomfortable with this. But as soon as you can't see that person, people care less. But we all essentially have a world class private investigator following us at all times and this is a bit weird to think about.
I think it is true of the population as a whole (when the subject of such tracking is brought up most people are not comfortable with it.) But the population as a whole has the attitude of “what can you do” and aren’t willing to give up their fun apps and smart phone in exchange for this tracking going away; truth be told neither am I.
> This is a popular view here. I don't think it's true of the population as whole.
I think you're right. They can get to the point where they care, but my intuition is that it'd take a real crisis, and even then there's plenty of incentive with this topic to move on as fast as possible. We (the public) are pretty fickle, and it's psychologically threatening to admit we've had a voyeur living in our bedroom for a decade.
Add to this... everything you said is a forever kept thing. So over decades this stuff can be mined and a tiny needle can be found if it's meaningful to the searcher. It's terrifying.
Add to this that no one cares about whether the data is even correct. A glitch in the location tracking and, bam, you have an affair. Some wrongly assigned search queries or speech requests and suddenly you are a pedophile. A terrorist selecting you as a cover identity and you wake up in Guantanamo.
And as we already see happening, when cultural values shift over time, you will definitely be judged by things you did or said decades ago. Even if by contemporary standards they were typical.
Would you please demonstrate to me how I, Joe Q. Public, can find out, via collected data that I can access, with whom another person is sleeping with?
Or, in lieu of that, walk me through how that would be done with Facebook's, Google's, or Apple's data via your first-hand knowledge of those data and where and how they are stored and accessed?
These fear mongering comments about data collection have never demonstrated real world harms, AFAIK. It reminds me of the genetically engineered foods bogeyman that, in spite of a complete lack of empirical evidence, continues to be trotted out as a huge danger.
If you think the problem is merely Facebook, Google, or Apple, then I think you are underestimating the amount of data and who is processing it. There is an entire industry of companies you have never heard of that are thinking up ever more creative ways to put data together from various sources, identify it, correlate it, and then sell the 'insights' to whoever wants to pay.
At the very least, at a bare minimum, I think we need legislation that covers how this kind of data processing happens by third-party companies and we need to provide a way for citizens to at least see what data has been collected about them and what 'insights' it has generated.
Facebook, Google, et. al. might not make the data available to you, but they have it.
If the information is stored on servers in China, then the Chinese government has it as well. Maybe you aren't a Chinese citizen so you don't care, but it's at least worth considering.
The politicians we elect to craft and enact legislation that affects the big data companies are always at risk of being essentially blackmailed by those companies with the incredibly detailed and personal information that those companies have on politicians.
> These fear mongering comments about data collection have never demonstrated real world harms
Notable examples:
* Strava revealed the position of US military bases
* Muslim prayer apps sharing location data with US military
In my own experience, I work for a call center. We have many important American companies as clients. They give us access to their systems so that we can service their clients. I am overseas dealing with their customers and I can access their personal information. I can see their face linked to their Facebook profile. I admit I've been tempted to misuse the information any time a customer makes me angry.
I'm undecided on this topic, but playing devil's advocate: Does the fact that this knowledge exists, and only in the hands of some of the largest (and most pervasive) tech companies in the world, make this information 'safer', or does it mean that it's a 'force multiplier' that increases the risk that this information will be used a) to enable anti-competitive behavior or b) be co-opted by authoritarian governments to suppress dissent.
I personally think that if I give this data to a company, and they keep it "safe" and only to support features that are beneficial to me, that's totally OK, but I wouldn't like companies reselling my mobility data to health insurers (without aggregation or cohorting) to give me a 100% customized insurance rate, regardless of how beneficial that would be.
Data that's used to distill people down to a number and value them precisely seems to have a potential to enforce systematic inequalities and further improve the lives of "haves" at the cost of "have nots".
You don't get it. It's not just FAANG and the risk adds everyday. Eventually some of those companies will go bankrupt, be hacked and the data will get in the hands of malicious actors and will be use to commit fraud, to blackmail, etc. Also even if it's used legally and 'ethically' it means things like: 1- we will pay you less because you only earned X at your last job, 2 - we will increase your healthcare costs because you bought a pregnancy test online.
Think along the lines of dating apps that show your distance to other users. That could be mined for changes in proximity over time - one day you are miles apart, then next day you are within 500ft of each other for the whole night.
There was Uber's "God View" which showed travel history of customers, which was at one point available to anyone who could pass Uber's driver onboarding process.
Venture capitalist Peter Sims wrote about being tracked in a blog post this September. Back in 2011, he wrote, he was in an Uber car in Manhattan when he started receiving text messages from someone he barely knew telling him exactly where he was. That person later told him that she was at an Uber launch party in Chicago, where Sims' movements were being tracked via God View on a large public screen.
Commuter data is good, so is foot traffic. Data sets centered around health and income or quality of life can be beneficial as well. The game is to use publicly available information about your person to tie them conclusively to set of entries in an 'anonymized' data set.
If you aren't at least investigative journalist tier or the resources you need cost too much/require a corporate presence, then hire someone to do it for you who already has the pipeline set up. PI's have been available to Joe Q. for years and they still are. This all just makes them even more efficient.
There have been a number of instances here in .au where centralised location/health/etc data has been misused (stalking, checking out potential dates, domestic abuse or aiding domestic abusers) through inappropriate access. I doubt we're unique.
I'd argue that it doesn't need to be "Joe Q. Public", because companies are made up of Joe Q. Publics.
Not all of it is data you can access as the public. However as the author of a program with access to internet and location you can easily upload where the phone is at all times and thus figure out when two are near each other. (this is why newer phones OSes let users choose if the program can access these things all the time or only when active)
> No one sane would ever want all their relatives, friends, work colleagues, and neighbors
I'd happily share basically all of that information with that specific group of people - except maybe my neighbor that keeps reporting me to the city, they don't need to know my life, but if in turn I could know who was googling city ordinances in the middle of the night it might make up for it.
At worst I get a funny look for something I googled in the middle of the night?
To your point, it's 100% the government I'm worried about. They've got legal and lethal authority to do far worse than a weird look.
> They've got legal and lethal authority to do far worse than a weird look.
Society scares me more. The government has the authority, but society has the power and the inclination to weaponise it. The government would never bother reacting to anything that RMS said but people did.
But how would you trust any company to properly respect who you share stuff with? There's a multitude of anti-patterns that make some things public already with social media.
I think we should all be looking at this as either they're getting -all- of your data and sharing it with -everyone- (because that means more $$$) or they're NOT getting your data and they CANT share it cuz they don't have it.
We cannot trust companies to respect our privacy because it goes against their core value of turning a profit.
> how fast you drive, even if you don't have a smart car, because your phone contains an accelerometer
Minor nitpick: you can't measure speed with an accelerometer, at least not with a cheap one like the one in your phone. I mean, in theory you can numerically integrate the acceleration to get the speed, but in practice the noise will be so big as to render the result useless after a few seconds. It's much better to have a GPS and derive the speed from the position.
Signed: someone who spent too long programming an IMU and fighting with stupid bosses full of misconceptions.
Other than that, I totally agree with your comment.
Its location is a bit more obscure, but I think there's a much simpler list of privacy practices to follow: whatever Mark Zuckerberg does. Anything he does to protect himself in the data realm is what we should be doing. Yes, I know there was the "Mark's FB has better defaults than yours" story some years ago, but this is outside of FB (though applicable anywhere).
So what is it? Exploding email addresses? Making friends with someone with DMV database access? Temporary credit-card numbers? Tinted windows? Never carrying a wallet? Having an entourage take care of all of this for you? All of the above? Anyway, it would be nice if the zillionaires who have put a lot of resources into personal safety told us what they've learned. Heck, if adopted wide enough their practices might put the crunch on data criminals (though probably also data businesses, which would maybe be a reason they'd resist it.)
I thought that was interesting too. Looks like the research on it came out 10 years ago. A couple of links from some quick searching. The second link has some charts and graphs, though it limits its estimates to 65+ age groups.
Just to respond seriously for a second: it's good to remind ourselves that ML isn't magic. If it knew your weight and age it would use those for predicting life expectancy instead. Same for smoking history, sleep habits, etc. But all it has access to is the accelerometer, and a weak correlation is better than nothing, so that's what it uses.
Apple Health and many fitness tracker apps can estimate your Vo2Max score based on your height, weight and how your heart rate varies during brisk walks and runs.
It's not incredibly accurate but Vo2Max is regarded as an important indicator of your cardiovascular health.
>No one sane would ever want their relatives, friends, work colleagues, and neighbors to be able to know (quoting from the OP):
The things you mentioned are kind of how it was before the advent modern civilization. Before Facebook tracking it was old biddy tracking. Through gossip everyone knew pretty much everyone's business.
That said, there's not an immediately obvious connection between surveillance and our neighbors knowing things. I have 0 information about who my neighborhors are sleeping with based on their cell phone tracking.
I downvoted this because I can’t read this as anything but a disingenuous comparison. Surely you can understand the difference in scale and motive behind village gossip and global surveillance by profit-seeking corporations.
>Before Facebook tracking it was old biddy tracking. Through gossip everyone knew pretty much everyone's business.
As already noted the difference in scale, but obviously if you didn't like what the old biddies tracked about you in your small town you could move to a new one and start over - you can't with the global surveillance system.
finally it should be obvious that not everyone lived in a small enough town that the old biddy network was actually useful for tracking you.
Yeah, it's in grandma's forgetful brain, and to be fair she probably (a) has usually learned the value of discretion, (b) will pass away in a few years and (c) can sometimes be dismissed as a fibber.
The computer on the other hand, is an eternal record and can be dumped into the open by any hacker or wannabe-hacker for ill intent or just for fun.
I guess, there's no appropriate reputation scale for what we see on the internet (it's either perfectly trustworthy or a total sham), there's no forgetfulness in terms of minor misdeeds, and there's no way to argue with the public consensus once they've made up their hivemind...
"No really, I've changed in the 10 years since I wrote that post!"
If spying is tomorrow's only viable "economy" we are in trouble.
This is why "Big Tech" is a joke. Spying, like legally selling opiates, is not a legitimate business. It does not matter how much money can be made doing it.
>> Many of these companies call themselves “data brokers.” I call them data vultures.
Perfect. Except it is insulting to vultures, who at least put carrion back in the food chain.
This is straight-up theft of our data and privacy, for profit, and it needs to be both outlawed and shamed.
Seriously, but these slime should be more despised than common burglars (tho maybe a notch above mobsters). Seriously, these people are not respectable, and should not be respected or tolerated in polite society. So, don't.
> We need a New Declaration of Human Rights for the 21st century that takes into account rapidly advancing technologies for collecting and acting on data at mass scale.
I actually look through that and see quite a few things on that list I would be fine with my friends and relatives knowing. The difference between them and my work colleagues is that they are people who truly have my best interests at heart.
As opposed to most companies that are tracking me to try to take advantage of me.
I had a wedding to make sure everyone closest to me knew who I was sleeping with (Emily as is already public record). It took a fair bit of time and money to coordinate and hold that event.
When people ask how I'm doing, I tell them and that includes whether my problems are impacting my daily routines and needs. (Not lately)
I've shared the results of my IQ tests and had plenty of discussions about the validity and lack thereof of those results (145-160+ depending on test). Facebook likes are the least good mechanism to work that out by.
I think one of the helpful things I do is share really good places to eat and find things I want. (Nirmal's is my favorite in Seattle)
I hope driving monitoring helps us shift from a penalize infrequent rule breaking instances to helping manage attention and grow skill. I speed when conditions let that be safe.
I suffer depression and have my whole life as everyone I know is aware and now is more public on the internet.
You'll have to ask her but I'm not looking to leave. I'm very honest and want that in my closest relationships so if we were going that direction she'd be among the first people I spoke with. If she feels she needs to leave I'll try and help us both find happier lives but I hope it never comes to that.
I respect that you have a different level of openness. I think a good criticism of my post is that I have a ton of privilege to feel safe sharing these things. I've chosen to live a life I feel entirely comfortable sharing. Clearly I'm not handing out credentials but... I prefer a world that is more honest and intimate and that simply requires I be open, honest, and self-reflective.
Good of you to offer concrete examples. I don't mean these as ad hominems since I don't know you, more as counter examples:
> I've shared the results of my IQ tests (145-160+)
I wonder if the part of the population with <100 IQs are similarly open with their results.
> I speed when conditions let that be safe.
Admitting to breaking the law is an excuse for higher insurance premiums and for the police to hassle you.
> I suffer depression
This is one of the few relatively "safe" mental health conditions to announce. Who's lining up to hire someone who's openly struggling with addiction or has psychopathy?
> I'm very honest and want that in my closest relationships
Let's say your partner gets served ads about how your single, attractive co-worker has been googling you late at night, how your location histories have significant overlap, and by clicking the ad they can find out more. Not everyone will get suspicious, but some people definitely will click.
~~~
It would be great if we could all be open like you say you are, but society isn't even close to ready for that. Any rapid transition (like wide-scale encryption breaks) would be traumatic on so many levels.
This naturally invites the question, what percentage of the general populace is in fact sane? (sincerely curious to know what number hn readers would assign to that.)
From reading this list, I can deduce OP just made up most of them, because over half of them contains details that are total BS.
Also I happen to think we'd be a better society if we all knew everything about each other. Instead of discouraging companies from analyzing us, encourage them to publish everything all the time. Let governments join in on the fun. Everyone should be tracking an analyzing everyone else.
Solves the issue with companies manipulating us to sell our data, because if they publish it they can't sell it. Solves the ransomware problem as well. Publish everything, no privacy for anyone. You can't blackmail someone for data everyone has.
I wanna know what you think right now. I'm not asking you to tell me, I'll scan your brain instead. And I'll know what your dream last night was. And you'll know the same for me as well.
You say that you think this would lead to a better society. That aside, how would you personally feel if this vision was to become reality?
For me, I’m certain my mind being totally exposed like that would lead to debilitating mental illness and possibly even the loss of the will to live. I can’t imagine human beings, either as individuals or a collective, being fundamentally equipped to deal with such a thing.
The worst thing about the information economy of today is absolutely the inequality of access. We would be better off if everything that is collected was public.
I don't think that means we don't need privacy. It absolutely has value.
The problem is when privacy is only available to the rich and powerful, while the details about the rest of us are hoarded and used by the very same powerful people who pay such a premium for their privacy.
If we allow the collection of information, that information should absolutely be public, but that doesn't mean we should allow everything to be collected.
Somehow organizations get an immense amount of value out of tracking everything you do, say, think, and buy; everywhere you go; and everyone you meet. Two questions:
1. Why should they profit off of my data without my consent? (Hint: they shouldn't.)
2. Why is it so hard for me to get value out of it? Shit, if it's gonna be collected, aggregated, and analyzed anyway, I should just do it my damn self and actually get something out of it. It's like we need an open source community for personal data collection, aggregation, and analysis.
I don't think so. It is not the data itself that has value. It is a game of information asymmetry and that corporations can make you desire things you wouldn't desire without that interaction. They then convert a fraction of that desire into money flowing from you to them that you otherwise would have kept.
Maybe I am old school or too naive, but I don't see how I would make a personal margin with my own data.
If you had a clear list of "these sort of news items/OC from friends makes me more susceptible to being convinced by questionable ideas/donate money/stay up at night." then you could perhaps take steps to preserve your ability to stay more rational, more the way you want yourself to be and less easy to manipulate by ads/partisans/etc.
Let's say on average you need to see one hundred ads before you see something you want to buy. Now if you had personalized ads, maybe on average you need to see ten ads before you want to buy something.
If you are already looking through a bunch of ads for the sole purpose of trying to buy something, then your personal data is valuable to you because it saves you time. But that's definitely not the situation with most big tech products.
The response to expect with #2 is that you get paid back in the form of fast search results, map directions, live communications, personalized news feeds, targeted advertisements, etc.
Pay no attention to the fact that you’re not getting versions of these things that maximize your benefit either...
I think many people find lots of value in search, free email, Android, and other services dependent on this model. The argument that you're not getting anything out of it rings false.
You're getting their service. You want to use Facebook to talk to your family and keep up with your friends. You pay them in info, they pay you with the service you're using. Same with every other site, vox, theverge, slashdot, etc...
Sure there are a few companies you pay that also collect your data and I wish they didn't but even then they'd raise the price (maybe willing to pay more) if they didn't subside the service via your info
Not sure why the above got downvoted, it seems to echo the other sentiments.
As a developer I have a hard time imagining building an application that doesn't use data to provide a higher level of experience in some way. Of course there is a very long rabbit hole on how data collected to create a novel experience then gets used in other ways to provide revenue.
We just live in a world where applications are able to hide almost everything that is happening behind the scenes from the user, and advertising drives the majority of free applications, and this opens a gateway to major abuse...
I get free searches from DuckDuckGo without paying with my personal information. It is absolutely possible to provide free services, supported by ads, while collecting little to no personal information.
I don't get why this is so easily glossed over all the time... yeah, absolutely you should be able to control your data and know how it's being used. You should be able to opt out of unnecessary data collection. But the idea that you're not getting compensated for your data just isn't true - you get some really amazing tools without paying a dime for them.
Exactly, there’s a dollar value to you that they’re not paying you. You’d need a “property right” over it. (You are your own “property” already anyway.)
I think the root problem is the indirect nature of that dollar value. It's not concrete / obvious enough for normal people to understand it. Seems to be a sales / marketing problem as much as a technical one.
there are ways to be paid, just don’t expect google/apple/fb to do that until they will be forced. eg see new eu laws coming forward, and some companies soon will disrupt this space. it will happen like gdpr, someone is already preparing for it, without making too much noise...
Explaining to people what they should do regarding matters that there are no ways to achieve the stated goals is the laziest, lowest value category of journalism. It's a plague.
Just because something is impractical or a solution is unknown doesn't make it valueless.
There are possible truths that exist in mainstream math formalisms[1]... for which the formalism says there may be no proof of. Just because the formalism can't explain everything doesn't mean we should throw it out!
I view communications like this as:
a. making ppl aware (who may not be technical)
b. doing the work that may not be worth $$$
c. avoiding future coordination failures of society
All of these in a hyper-optimized and hyper-educated societies may seem inefficient, but in a non-optimized and not highly educated world we live in they are the difference between chaos and not.
You can point out a problem without having a solution. Part of the reason why this issue feels unsolvable is that people don't really care enough to do anything. A piece of journalism that makes people care more is a step in the right direction.
There's a way to achieve the stated goals: have the government come down real hard both on the low-level data crime and the big players that are supposedly legit.
I sense this would have been in the Bill of Rights had the notion been around back then. They knew the government needed to protect property rights as a fundamental principle and that is written throughout the legal code and constitution. So endowing citizens with ownership of the date of where they are, what they’re doing, and how they use sites seem like extensions of the personal property right. In a sane universe, there might only need to be a Supreme Court judgement somehow establishing this from the current legalization, for that matter.
Easier said than done. What we're seeing is advertising as a business carried to its logical conclusion. If you "burn it all down", you have to end, in effect, all advertising. Advertisers try to target their budget as effectively as possible; the more they know about their target demographic, the better able they are to do that.
Good luck. All those so-called hearings with social media companies? Excuses to get those CEO's into the back rooms, where the REAL discussions -- and graft -- sorry, campaign donations -- happened. Our government is completely captured by the organizations that are most-hostile to our long-term well-being.
Here's another industry that relies on aggregating your data: Credit reports.
Go ahead. Figure out how to opt out of Experian, Transunion, or Equifax collecting everything they can about you, including pretty much every piece of data needed for identity theft, possibly confusing it with someone with a similar name, and then putting it in a badly-secured database.
No, really, if you can figure it out I'd love to know. Every now and then I am reminded they exist and that they are silently creating these vast troves of data without anyone's consent, and all I can do is hope that if my identity information is included in a data breach, I am both small enough and lucky enough to not be impacted.
You can't opt out of cities' car culture by not driving: the rest of the city is all there all the time. You can't opt out of a data economy by your individual isolated action: the rest of the economy is vacuuming up similar people's data all the time.
In theory. I've deleted my Facebook account. Few years later needed to create new one and used same e-mail address. Guess what welcomed me! My old account! Heck, even posts I had deleted and whole journal (or however its called) related to them, yes it was back again, waiting to be clicked "unhide".
Its heartbreaking that on HN, the one place that should be informed about this, you still see the ignorant commend "well you don't have to use facebook"
Even if you are homeless and living under a bridge, facebook will have photos of you, uploaded by others, they will know who you are and whwre you like will sell some data relating to you to someone
Which is what the article implies with statements like "we should not allow X." There are several specific rules it suggests, which clearly would have to be laws.
Anyone engaged in the collection and sale of data should be required to maintain a list of their customers. Upon the sale of data, the customer should be required to provide their list to the broker. At the point of collection/consent, the list should be made available to the consumer.
For example:
You want to vote in an online poll by company A. Company A collects data about you and sells it, so you must agree to their privacy policy. Company A's privacy policy discloses that they sell your data to Companies B, C and D. Companies B, C and D have provided a list of its customers to Company A, and Company A includes those lists as well. In addition, the customers of those companies provide lists (as all data brokers would be required to do).
If its seems like it could get overly complicated with huge lists of data brokers for a simple online poll, that's the idea. You shouldn't have to wonder how many entities you're giving access to your information when, for example, you want to vote for MLB All-stars. MLB wants your name, address, email, phone number, and they disclose they'll "share it with partners" but they don't say who those partners are, how many exist, and if they have their own "partners". Vote for your favorite player and you could be getting a phone call for life insurance 15 minutes later after your number has been passed through 5 different companies.
CCC has a longstanding policy demand called the "Datenbrief" ('data letter'). Under this proposal, every corporation that keeps personal information about a natural person would be obligated to, once a year, mail the subject a letter containing their information, with instructions how to exercise their existing statutory deletion/correction rights.
If you keep PII, you'd also need to keep some contact info for the subject, and use it to ensure they know about their rights / the data. The existence of the data-related right would imply an obligation to inform the subject about it.
I guess I'd prefer a web interface displaying all the data holders with little "delete" buttons, over getting a gazillion letters, but if this is implemented by a single organization that actually has all your data (even if only for the purpose of faciltating GDPR), it could be a central point of failure.
We need to go back to the TV model. I mean we sold things back in 1995 right?
You go to a website about babies, you get baby ads.
You go to a website about electrified fences, you get ads for trucks, tractors, backhoe rentals (even in your area because of your IP address - but that's it)
Does anybody know if targeted ads based on tracking even work? Are they worth all the extra cost and complexity compared to traditional ads? It doesn’t seem like it. Half the time I see a super-targeted ad, it’s for a product I already purchased.
Also, what ever happened to showing ads to people who aren’t already interested in your product to expand your brand and maybe bring in new customers? The current ad model feels overfitted to me.
Yes, yes they do work. That's why it's a billion dollar industry. It allows industries to micro-target specific ads for communities and speak to them directly. It gives you more ability to expand your brand to new customers, not less, as it allows to you to specifically target niche groups who previously had no interest in you. It's important to get a sense of the extreme level of refinement that firms have access to through data-driven marketing. Want to design a marketing campaign for dog-owning, outdoorsy lesbians? Subaru launched an ad campaign in the 90s using subtle coding in their wide-net ads. Now companies can do that much more effectively by directly targeting those communities.
As for the common complaint that you always see ads for products you already purchased, that's actually a very good time to make an impression. What are the odds that you are thinking about buying a new dishwasher at any given moment? Probably next to 0. You probably would completely ignore any dishwasher ad you saw. Now imagine you just replaced your dishwasher with a new one. You probably noticed that dishwasher ad now. You might have even clicked on it to see if you got a good deal on it. You probably care more right now about dishwasher specs than you ever have in your life up to this point. Maybe there's a better deal out there. This is the perfect time to send you more dishwasher ads.
I don't know that straightforward data on this will ever be forthcoming. And we can produce theoretical arguments every which way, not entirely unlike how classical philosophers were able to prove, through reason alone, that objects in nature tended to only travel in perfect circles and straight lines, and never shapes like ellipses and parabolae, and probably produce about the same volume of useful epistemological output in the process.
I'd think that the more interesting thing would be to try and find some proxies we can use as an ersatz empirical test. For example, what about ad prices? If personalization based on tracking really does work better than other forms of ad targeting, then one would expect that that difference would yield a noteworthy difference in ad prices.
In short: If it really works so well, then you'd expect personally targeted ads to cost significantly more per impression than ads that use content-based targeting. And I'd assume that that information is reasonably public.
Absolutely. A vegetarian/vegan restaurant being able to advertise exclusively to those people is one great example. In that example you're a new customer, but you've shown interest in similar products so you're much more likely of a customer(and better spend of advertising) than advertising to somebody on a carnivore diet.
It helps with being able to measure whether you're advertising to the right people. Traditional mass media advertising made a lot of money off of showing ads to completely irrelevant people. Targeted advertising makes even more money off of showing ads to mostly irrelevant people.
I'm surprised that most people don't understand this. It's not about being more effective. It's all about have sales or conversion attribution to be able to do stuff like A/B testing.
Nowadays cable TV targets ads too. If your diabetic grandma connects to your cable provided wifi router, you will get ads for glucose monitors and insulin pumps. Targeted advertising should be illegal.
The direct mail advertising industry was thriving in 1995. You could buy datasets of people by income, car ownership, shopping habits, etc even easier than you can now.
Honestly, I'm kind of sick of how bad a rap advertising gets. Now sure, companies knowing a lot about your personal life is creepy on an intuitive level, but the fact of the matter is that cookie tracking data has NEVER been associated with any leak or data breach that resulted in personal harm. The thing people SHOULD be worried about is stuff like the Experian leak, where credit companies collect your non-anonymized personal data.
Also, fact is that matching consumers with products that they like doesn't just have enormous business value, but is actually socially positive! If you can more easily reach a niche audience, you can build better more targeted products. And the open data exchanges were a great moat against platform centralization like FB. The fight against open data exchanges make the comparative advantage FB has in advertising to you larger. That's actually pretty bad, because FB has some pretty bad incentives wrt to the attention economy and optimizing for engagement. A world where advertising on independent websites is effective is a much better one - it would let websites put out better content, it would decrease the power of social networks, it could fund better journalism (which is being decimated right now), etc.
> Also, fact is that matching consumers with products that they like doesn't just have enormous business value, but is actually socially positive!
Well, sometimes. But what people want is not always good for them or for society at large. Targeted advertising has a side effect of hiding what exactly is being advertised to society. There's obviously the extreme cases of "vices," but what about things like junk food? People love it. Targeted advertising can induce cravings that make people buy and eat things they know are not good for them. Or for another example, what about pesticides and gas guzzling trucks? I don't want all my neighbors' vanity being exploited in order to pollute my neighborhood. We can openly talk about what we all see on TV, in newspapers, or on billboards, but if I'm not seeing the same ads as my neighbors online, those conversations aren't going to happen.
Advertizing needs to be pull, not push. That is, when I have disposable income and am looking to spend it, there ought to be a place I can go to browse ads.
Otherwise, get the fuck off my attention span, stop bloating the web, and stop polluting public spaces with irrelevant information!
> Honestly, I'm kind of sick of how bad a rap advertising gets. Now sure, companies knowing a lot about your personal life is creepy on an intuitive level, but the fact of the matter is that cookie tracking data has NEVER been associated with any leak or data breach that resulted in personal harm. The thing people SHOULD be worried about is stuff like the Experian leak, where credit companies collect your non-anonymized personal data.
I mean, why not both? I simply cannot think of someone who dislikes tracking-as-advertisement and is pro central clearinghouses for more targeted personal information.
> Also, fact is that matching consumers with products that they like doesn't just have enormous business value, but is actually socially positive!
Only with the unstated premise that tracking _will_ happen and it's better if that tracking is done in a decentralized fashion. Sure, I can agree that there shouldn't be a monopoly at the focus on online tracking-as-advertising, but there's an additional argument that the space _should not exist in itself_. These arguments have been rehashed endlessly online and especially on HN so they probably don't bear repeating here, but the either or choice you represent is disingenuous.
The premise is slightly different. I'm mostly differentiating between cookie tracking and social networks (and some other large online platforms). The large online platforms don't need to track you - you give them your data willingly. Facebook knows a lot about you not because it's tracking you, but because you keep posting things to it. Cookie tracking is an alternative way to build up an effective advertising profile that is decentralized and anonymized, which I think has some value.
> Also, fact is that matching consumers with products that they like doesn't just have enormous business value, but is actually socially positive! If you can more easily reach a niche audience, you can build better more targeted products.
Maybe this works well for some products, like "I know i need to buy milk, what should i buy?" but it has often been used in a form that appears like an abusive relationship.
Think about all of the kid-targeted ads from 30 years ago which peddled sugars and psychological tricks to get kids frothing at the mouth over their food and toy products. These weren't merely advertisements, but targeted attacks to the brain. And of course things haven't changed, it's just iconic to talk about early TV's cereal commercials hah. As with many product advertisements, they're not just trying to make you aware of the product - they're trying to bypass your consciousness and hook straight into your brain.
That was 30 years ago, and we've had the misfortune of seeing this evolve. Now social media advertisements are hyper targeted with similar tactics but more nefarious goals. Misinformation at the hands of targeted advertisements has been the source many-a controversies of recent years.
My point is i'd agree with you if advertisements haven't been so blatantly manipulative over the last 50+ years. If they were simply "Hey, you like X, try Y?"; but they're not. That ship sailed before i was even born. And it's only gotten worse with time.
The only data that can't be leaked is the data people don't have. When the OPM could be hacked, everything can be hacked.
Based on this, the only solution is to make sure nobody has any information that may possible be leaked and, at the time or later, be connected to me.
In addition to that nobody targets ads with value, because valuable products are super rare and don't need advertising because those show up in magazines, on blogs etc created by people interested in the field, because sharing those products give value to their readers.
I tested it recently on youtube, both by my locked in account (15? year old google account with a ton of info) and in a firefox container. The first ad was for some casual mobile game/scam and the second was for something I can't remember anymore. I also don't remember the first ad I got on the account that wasn't logged in, but the second one was for a website that sold used iPhones, something that I am very much interested in.
So, despite knowing a ton of me, Google couldn't show me a related ad that was better than the ad it showed when it had no data.
For a very long time the ads in gmail were all about getting loans no matter how poor my credit was, when my issue was that I need a good place to invest my money, not take on expensive loans.
Currently they were trying to sell me extra chargers for electric cars, of which I don't own any.
Facebook showed me a generic ad for cancer awareness aimed at somebody 15 years older than me (they know my real date of birth).
Previous to that they showed me a ton of ads for extra comfy travel trousers.
Twitter got the closest by showing me ads for places to buy crypto (yes I am interested in that space, no I won't by stuff from ads that scream scam to me).
I don't know what will replace ads, and it is possible that ads might bring some value in specific cases but in general they are a waste of money. I suspect Google etc knows this, but can't say it for obvious reasons.
Brand awareness ads might make sense, but it doesn't really make sense to target those much.
> cookie tracking data has NEVER been associated with any leak or data breach that resulted in personal harm.
This is a very specific statement. It may be true. But, even if we accept for the sake of argument that it is, it's not quite the same statement as, "Mass personal data collection has never resulted in personal harm," which, while seeming quite similar, also happens to be false.
But "[m]ass personal data collection" is a huge superset of "cookie tracking data"; the former encompasses all credit card information database breaches (such as Sony's), along with all government and healthcare database 'leaks'.
I'm trying to differentiate between data that is anonymized (cookies), and data that is not. I'm unaware of any data leak of anonymized data that resulted in any harm, but if I'm wrong I'd love to hear about it.
> Also, fact is that matching consumers with products that they like doesn't just have enormous business value, but is actually socially positive!
What is the math here? How do you account for society-wide lost productivity from spending time consuming advertising? Or for people making sub-optimal purchasing decisions when products that are worse for their needs happen to have bigger advertising budgets?
>Honestly, I'm kind of sick of how bad a rap advertising gets.
Work in advertising by any chance?
If you read the article, it's not primarily about advertising. It's about privacy and the negative impact to society on losing it.
The ad tech firms were certainly pivotal in creating the dystopian surveillance world we live in. They deserve every single bit of bad rap they get for that and, personally speaking, I really hope there's a lot more bad rap heading their way.
>the fact of the matter is that cookie tracking data has NEVER been associated with any leak or data breach that resulted in personal harm
I don't know if you're deliberately positioning that duplicitously or not. I'll give you the benefit of the doubt.
Whether there are cookie-based breaches or not is, in practical terms, irrelevant. Read the article. With cookies, and without breaches, the Facebooks and Googles of the world allow advertisers to promote smoking to children or payday loans to those with financial troubles.
Advertising is a wide spectrum. At one end it's relatively benign: billboards and the like. Some feel even that is unacceptable. At the other is the FB/G hyper-targeted end. In and of itself it is extremely creepy. But the article is about much more than just the weird experience of wondering how they knew to target you for erectile dysfunction treatment. Or divorce lawyers.
Ad tech has bootstrapped a global panopticon. That's the problem here.
Oh, and next time your insurance premium goes up mysteriously, have a think about your browsing history.
>If you can more easily reach a niche audience, you can build better more targeted products.
in practice, these two concepts are incompatible. everyone has buttons that can be pushed with the help of detailed psychological profiles made by advertisers.
if you push those buttons enough times, it's typically unhealthy for the person and financially beneficial for the pusher all the while.
I see a couple some framing issues your comment. For example, the comment links (A) cookie tracking data with (B) people giving advertising a bad wrap. But, I think that people give advertising a bad rap for many reasons beyond simply cookie tracking. Given that, I worry that the idea "cookie tracking never led to harm" distracts me from the larger issue of generalized corporate and governmental data surveillance, especially considering that it seems like personal data breaches usually deal subtle harm to people.
Is not advertising, it's sales: the seller establishes a personal relationship with the buyer, finds out what the buyer's needs and wants are, and proposes a product or service to them that satisfies those needs and wants. Advertising is nothing like that.
Not to mention that most things that get advertised for, nobody sells the way I just described above. The only products most people buy that get sold that way are houses and cars, and those aren't the kinds of things advertisers are trying to sell using harvested personal data. Most products that people buy that are advertised that way, they choose themselves, they don't have a personal sales person helping them.
Data can still be anonymized and dangerous. In extreme cases de-anonymization is available and for all the rest it still results in the targeted individual being exposed to manipulations and attempts at influence. And the amount of influence that advertisers wield absolutely needs to be curbed to an absolute minimum or, even better, non existence. People need to be making decisions on their own rational self-interest and not emotional overtures amplified by an intimate understanding of someone's fears and sensitivities.
Their claim is logically dubious anyway. It’s not the cookies themselves but all the associated data that cookiesnlet big tech associate to profiles. This claim they are making about cookies are not associated with a breach is highly suspicious and not a good faith argument IMO. Even if they are not directly linked, cookies and tracking tools exist in a system and don’t exist in a vacuum. They are the tip of the spear. Sure the tip isn’t what kills you, but having the whole spear rammed through you sure does.
Well, it's hard to prove the absence of a negative - I think that it's on the people claiming harm to provide some examples. However, I'm not even sure what a cookie data leak would look like. The large advertising brokers are handling petabytes of cookie tracking data per day. To gain any insight out of it you need to run jobs on giant clusters. The volume of the data makes it basically impossible to exfiltrate. So yeah, I'm pretty confident in this statement.
Exactly. It's not the tracking that is the problem, it's the lack of control/transparency. I want a personal data bank where I can decide who knows what about me.
"Marketing is manipulation and deceit. It tries to turn people into something they aren’t — individuals focused solely on themselves, maximising their consumption of goods that they don’t need"
What these kinds of articles (that basically just say how much of our data is being collected, and assert that it's bad) miss is the whole "attention economy" side of the equation, which I believe is more detrimental.
Data is concretely used to maximize engagement, outrage, polarization, etc. in order to get more attention, which is at a root of a lot of the public discourse challenges we have these days. It would be much more benign if tracking was really just about trying to see what I am most likely to buy and target that to me.
This is the point I feel most as well. I think this trend of burning attention is both destructive in ways and depth we don't completely understand yet - possibly making unrecoverable damage to our society on ridiculously large scale - and a blunt exploitation of the bias to consider attention as an infinite resource / not a real cost.
Personally I dislike also the "tracking to show me what I'm most likely to buy" but this itself (assuming such thing could exist in a vacuum, which seems unrealistic to me) has an inherently limited impact.
I think a big part of the problem here is that our computers, and the associated data they collect, are part of our extended brains. They're not record players, hotel registers, or any other metaphor society or our legal system has used in the past. It's virtually as if you could take part of your brain out and hand it to somebody, perhaps to whistle a tune you remember from school or recount that chat you had with your previous SO.
It's not okay to take a person and hold them against their will, even if they've signed some sort of agreement. Indentured servitude and slavery are considered non-viable business arrangements. No matter what I promise you or what our trade-off is, these contracts cannot exist.
I think the only way this reasonably ends is when the rest of society catches up to that conclusion. It might be a while, though. I honestly don't think most people _want_ to know what's going on, since it's quite frightening and there's nothing they can do about it. This is going to have to get more and more stressful to the average citizen until most folks realize what kind of world we've crept into.
Readit News
> who you sleep with because both you and the person you share your bed with keep your phones nearby
> whether you sleep soundly at night or whether your troubles are keeping you up
> whether you pick up your phone in the middle of the night and search for things like "loan repayment"
> your IQ based on the pages you "like" on Facebook and the friends you have
> your restaurant visits and shopping habits
> how fast you drive, even if you don't have a smart car, because your phone contains an accelerometer
> your life expectancy based on how fast you walk, as measured by your phone
> whether you suffer from depression by how you slide your finger across your phone’s screen
> if your spouse is considering leaving you because she's been searching online for a divorce lawyer
No one sane is OK with corporations, governments, and other third parties being able to obtain and save this information either -- especially if their only hurdle is to get you to click "OK" to agree to some legal agreement almost no one has the time to read or expertise to understand in its full implications.
We need a New Declaration of Human Rights for the 21st century that takes into account rapidly advancing technologies for collecting and acting on data at mass scale.
I just now set up a small site for it at https://whynottrack.com/! It's open source -- GitHub link in the footer -- so anyone can PR changes / reasons / etc.
I suppose calls for better regulation, purpose oriented data collection and stricter enforcement and penalties but by no means does simply don't track/collect data is an answer where there are actual practical applications.
Interestingly, this attitude used to be default even here on Hacker News ~5 years ago. I am so glad to see it's changing. Why I'm finding this interesting? Because this audience always knew what's going on even without layman articles like this, but did not care for some reason. This shows how just knowing isn't enough sometimes. Public sentiment matters.
Dead Comment
I'm sure that's happened.
> to some legal agreement almost no one has the time to read or expertise to understand in its full implications... New Declaration of Human Rights
In the same breath: complain about long documents that no one reads, propose authoring an unenforceable, even longer document that no one will read.
People close to you probably know all these things already. Even if you don't.
>No one sane is OK with corporations, governments, and other third parties being able to obtain and save this information either //
This is a popular view here. I don't think it's true of the population as whole.
I think you're right. They can get to the point where they care, but my intuition is that it'd take a real crisis, and even then there's plenty of incentive with this topic to move on as fast as possible. We (the public) are pretty fickle, and it's psychologically threatening to admit we've had a voyeur living in our bedroom for a decade.
Or, in lieu of that, walk me through how that would be done with Facebook's, Google's, or Apple's data via your first-hand knowledge of those data and where and how they are stored and accessed?
These fear mongering comments about data collection have never demonstrated real world harms, AFAIK. It reminds me of the genetically engineered foods bogeyman that, in spite of a complete lack of empirical evidence, continues to be trotted out as a huge danger.
At the very least, at a bare minimum, I think we need legislation that covers how this kind of data processing happens by third-party companies and we need to provide a way for citizens to at least see what data has been collected about them and what 'insights' it has generated.
If the information is stored on servers in China, then the Chinese government has it as well. Maybe you aren't a Chinese citizen so you don't care, but it's at least worth considering.
The politicians we elect to craft and enact legislation that affects the big data companies are always at risk of being essentially blackmailed by those companies with the incredibly detailed and personal information that those companies have on politicians.
Notable examples:
* Strava revealed the position of US military bases
* Muslim prayer apps sharing location data with US military
In my own experience, I work for a call center. We have many important American companies as clients. They give us access to their systems so that we can service their clients. I am overseas dealing with their customers and I can access their personal information. I can see their face linked to their Facebook profile. I admit I've been tempted to misuse the information any time a customer makes me angry.
I personally think that if I give this data to a company, and they keep it "safe" and only to support features that are beneficial to me, that's totally OK, but I wouldn't like companies reselling my mobility data to health insurers (without aggregation or cohorting) to give me a 100% customized insurance rate, regardless of how beneficial that would be.
Data that's used to distill people down to a number and value them precisely seems to have a potential to enforce systematic inequalities and further improve the lives of "haves" at the cost of "have nots".
https://www.opendemocracy.net/en/largest-personal-data-leaka...
https://www.ftc.gov/system/files/documents/public_comments/2...
Venture capitalist Peter Sims wrote about being tracked in a blog post this September. Back in 2011, he wrote, he was in an Uber car in Manhattan when he started receiving text messages from someone he barely knew telling him exactly where he was. That person later told him that she was at an Uber launch party in Chicago, where Sims' movements were being tracked via God View on a large public screen.
https://www.buzzfeednews.com/article/johanabhuiyan/uber-is-i...
https://www.theverge.com/2016/1/6/10726004/uber-god-mode-set...
https://www.vice.com/en/article/ypw5n7/ubers-god-view-was-on...
Use a list like this as a starting point.
https://www.oag.ca.gov/data-brokers
Commuter data is good, so is foot traffic. Data sets centered around health and income or quality of life can be beneficial as well. The game is to use publicly available information about your person to tie them conclusively to set of entries in an 'anonymized' data set.
If you aren't at least investigative journalist tier or the resources you need cost too much/require a corporate presence, then hire someone to do it for you who already has the pipeline set up. PI's have been available to Joe Q. for years and they still are. This all just makes them even more efficient.
I'd argue that it doesn't need to be "Joe Q. Public", because companies are made up of Joe Q. Publics.
Deleted Comment
I'd happily share basically all of that information with that specific group of people - except maybe my neighbor that keeps reporting me to the city, they don't need to know my life, but if in turn I could know who was googling city ordinances in the middle of the night it might make up for it.
At worst I get a funny look for something I googled in the middle of the night?
To your point, it's 100% the government I'm worried about. They've got legal and lethal authority to do far worse than a weird look.
Society scares me more. The government has the authority, but society has the power and the inclination to weaponise it. The government would never bother reacting to anything that RMS said but people did.
I think we should all be looking at this as either they're getting -all- of your data and sharing it with -everyone- (because that means more $$$) or they're NOT getting your data and they CANT share it cuz they don't have it.
We cannot trust companies to respect our privacy because it goes against their core value of turning a profit.
Minor nitpick: you can't measure speed with an accelerometer, at least not with a cheap one like the one in your phone. I mean, in theory you can numerically integrate the acceleration to get the speed, but in practice the noise will be so big as to render the result useless after a few seconds. It's much better to have a GPS and derive the speed from the position.
Signed: someone who spent too long programming an IMU and fighting with stupid bosses full of misconceptions.
Other than that, I totally agree with your comment.
That's got to be extremely noisy, does anyone have any links about this?
https://www.pnas.org/content/110/15/5802?sid=98dc0a8b-4443-4...
IQ:
https://www.pnas.org/content/pnas/suppl/2013/03/07/121877211...
So what is it? Exploding email addresses? Making friends with someone with DMV database access? Temporary credit-card numbers? Tinted windows? Never carrying a wallet? Having an entourage take care of all of this for you? All of the above? Anyway, it would be nice if the zillionaires who have put a lot of resources into personal safety told us what they've learned. Heck, if adopted wide enough their practices might put the crunch on data criminals (though probably also data businesses, which would maybe be a reason they'd resist it.)
https://www.nytimes.com/2019/03/12/technology/how-to-disappe...
Shit I would love to know this for myself! Is there a service or app that can crunch the numbers and tell me?
https://www.scientificamerican.com/article/walking-speed-sur...
https://jamanetwork.com/journals/jama/fullarticle/644554
Edit: I'd add that you likely don't need any tracker to get a rough estimate.
If you walk faster than people around you who are roughly the same age, then you'll likely outlive them.
That may be a reason to take it slow and smell the roses, since you have more time :)
It's not incredibly accurate but Vo2Max is regarded as an important indicator of your cardiovascular health.
The things you mentioned are kind of how it was before the advent modern civilization. Before Facebook tracking it was old biddy tracking. Through gossip everyone knew pretty much everyone's business.
That said, there's not an immediately obvious connection between surveillance and our neighbors knowing things. I have 0 information about who my neighborhors are sleeping with based on their cell phone tracking.
As already noted the difference in scale, but obviously if you didn't like what the old biddies tracked about you in your small town you could move to a new one and start over - you can't with the global surveillance system.
finally it should be obvious that not everyone lived in a small enough town that the old biddy network was actually useful for tracking you.
The computer on the other hand, is an eternal record and can be dumped into the open by any hacker or wannabe-hacker for ill intent or just for fun.
I guess, there's no appropriate reputation scale for what we see on the internet (it's either perfectly trustworthy or a total sham), there's no forgetfulness in terms of minor misdeeds, and there's no way to argue with the public consensus once they've made up their hivemind...
"No really, I've changed in the 10 years since I wrote that post!"
https://www.amazon.com/Privacy-Power-Should-Take-Control/dp/...
Actually no, not a wink, it’s terrifying :D D:
Deleted Comment
This is why "Big Tech" is a joke. Spying, like legally selling opiates, is not a legitimate business. It does not matter how much money can be made doing it.
Perfect. Except it is insulting to vultures, who at least put carrion back in the food chain.
This is straight-up theft of our data and privacy, for profit, and it needs to be both outlawed and shamed.
Seriously, but these slime should be more despised than common burglars (tho maybe a notch above mobsters). Seriously, these people are not respectable, and should not be respected or tolerated in polite society. So, don't.
Sir Tim Berners Lee already came up with "The Contract for The Web": https://contractfortheweb.org/
Spread it around.
As opposed to most companies that are tracking me to try to take advantage of me.
When people ask how I'm doing, I tell them and that includes whether my problems are impacting my daily routines and needs. (Not lately)
I've shared the results of my IQ tests and had plenty of discussions about the validity and lack thereof of those results (145-160+ depending on test). Facebook likes are the least good mechanism to work that out by.
I think one of the helpful things I do is share really good places to eat and find things I want. (Nirmal's is my favorite in Seattle)
I hope driving monitoring helps us shift from a penalize infrequent rule breaking instances to helping manage attention and grow skill. I speed when conditions let that be safe.
I suffer depression and have my whole life as everyone I know is aware and now is more public on the internet.
You'll have to ask her but I'm not looking to leave. I'm very honest and want that in my closest relationships so if we were going that direction she'd be among the first people I spoke with. If she feels she needs to leave I'll try and help us both find happier lives but I hope it never comes to that.
I respect that you have a different level of openness. I think a good criticism of my post is that I have a ton of privilege to feel safe sharing these things. I've chosen to live a life I feel entirely comfortable sharing. Clearly I'm not handing out credentials but... I prefer a world that is more honest and intimate and that simply requires I be open, honest, and self-reflective.
> I've shared the results of my IQ tests (145-160+)
I wonder if the part of the population with <100 IQs are similarly open with their results.
> I speed when conditions let that be safe.
Admitting to breaking the law is an excuse for higher insurance premiums and for the police to hassle you.
> I suffer depression
This is one of the few relatively "safe" mental health conditions to announce. Who's lining up to hire someone who's openly struggling with addiction or has psychopathy?
> I'm very honest and want that in my closest relationships
Let's say your partner gets served ads about how your single, attractive co-worker has been googling you late at night, how your location histories have significant overlap, and by clicking the ad they can find out more. Not everyone will get suspicious, but some people definitely will click.
~~~
It would be great if we could all be open like you say you are, but society isn't even close to ready for that. Any rapid transition (like wide-scale encryption breaks) would be traumatic on so many levels.
If you want privacy, quit Facebook and Gmail. News flash: they're NOT gonna stop spying on you. You need to stop using them.
It’s not exactly a problem for most people. Even I who’s privacy conscious don’t particularly care I block ads with ad blockers anyway.
Them knowing is not the problem. Them using it to harm me is the problem. These are different thing, latter is a problem, former is not.
Let pick this one example :
'your restaurant visits and shopping habits'
Just them knowing is not problem, in fact them knowing can also benefit me: e.g when they want to give me gift.
Any car 2010 and later "smart/stupid": https://www.businessinsider.com/ford-exec-gps-2014-1, so even if you leave your phone at home, don't assume that you aren't tracked.
Being watched by sky wizard and judged at all times is their expectation. It is their agency.
Write down whatever you want, how does one resolve the reality? We have documents in place to cover all these things.
Yet here we are still.
You’re doing what the people you aren’t ok with do; expect everyone to undertake creating and importing some wholly new perspective.
We know how to regain our agency: take control of it away from the aristocracy.
The species has done this again and again. It’s not new.
Also I happen to think we'd be a better society if we all knew everything about each other. Instead of discouraging companies from analyzing us, encourage them to publish everything all the time. Let governments join in on the fun. Everyone should be tracking an analyzing everyone else.
Solves the issue with companies manipulating us to sell our data, because if they publish it they can't sell it. Solves the ransomware problem as well. Publish everything, no privacy for anyone. You can't blackmail someone for data everyone has.
I wanna know what you think right now. I'm not asking you to tell me, I'll scan your brain instead. And I'll know what your dream last night was. And you'll know the same for me as well.
That's the future, prove me wrong.
You say that you think this would lead to a better society. That aside, how would you personally feel if this vision was to become reality?
For me, I’m certain my mind being totally exposed like that would lead to debilitating mental illness and possibly even the loss of the will to live. I can’t imagine human beings, either as individuals or a collective, being fundamentally equipped to deal with such a thing.
I don't think that means we don't need privacy. It absolutely has value.
The problem is when privacy is only available to the rich and powerful, while the details about the rest of us are hoarded and used by the very same powerful people who pay such a premium for their privacy.
If we allow the collection of information, that information should absolutely be public, but that doesn't mean we should allow everything to be collected.
You should set the example. Go ahead and post your e-mail address and password for us.
Anyone who thinks such transparency is a good idea should read Arthur C. Clarke and Stephen Baxter's Light of Other Days: https://en.wikipedia.org/wiki/The_Light_of_Other_Days
The problem that need to be solves is not how to hide information but how to fix the issue that arise when the information are public.
Lets talk about one example :
Right now it is a problem if my credit card number become public because it can be used for unauthorized purchase.
Simply having my credit card number become public is not an issue perse but for it to be used for unauthorized purchase is the problem.
But what if I can have my credit card number public while nobody can use it for unauthorized purchase ? then I won't have issue for it being public.
Care to specify which list entries you have trouble believing?
1. Why should they profit off of my data without my consent? (Hint: they shouldn't.)
2. Why is it so hard for me to get value out of it? Shit, if it's gonna be collected, aggregated, and analyzed anyway, I should just do it my damn self and actually get something out of it. It's like we need an open source community for personal data collection, aggregation, and analysis.
Maybe I am old school or too naive, but I don't see how I would make a personal margin with my own data.
If you are already looking through a bunch of ads for the sole purpose of trying to buy something, then your personal data is valuable to you because it saves you time. But that's definitely not the situation with most big tech products.
Pay no attention to the fact that you’re not getting versions of these things that maximize your benefit either...
“Advertising funded search engines will be inherently biased towards the advertisers and away from the needs of consumers” -Larry and Sergey in 1998
2. They are giving you value (via free services)
Sure there are a few companies you pay that also collect your data and I wish they didn't but even then they'd raise the price (maybe willing to pay more) if they didn't subside the service via your info
As a developer I have a hard time imagining building an application that doesn't use data to provide a higher level of experience in some way. Of course there is a very long rabbit hole on how data collected to create a novel experience then gets used in other ways to provide revenue.
We just live in a world where applications are able to hide almost everything that is happening behind the scenes from the user, and advertising drives the majority of free applications, and this opens a gateway to major abuse...
There are possible truths that exist in mainstream math formalisms[1]... for which the formalism says there may be no proof of. Just because the formalism can't explain everything doesn't mean we should throw it out!
I view communications like this as: a. making ppl aware (who may not be technical) b. doing the work that may not be worth $$$ c. avoiding future coordination failures of society
All of these in a hyper-optimized and hyper-educated societies may seem inefficient, but in a non-optimized and not highly educated world we live in they are the difference between chaos and not.
[1] https://en.wikipedia.org/wiki/G%C3%B6del%27s_incompleteness_...
Burn it all down.
Easier said than done. What we're seeing is advertising as a business carried to its logical conclusion. If you "burn it all down", you have to end, in effect, all advertising. Advertisers try to target their budget as effectively as possible; the more they know about their target demographic, the better able they are to do that.
Deleted Comment
Go ahead. Figure out how to opt out of Experian, Transunion, or Equifax collecting everything they can about you, including pretty much every piece of data needed for identity theft, possibly confusing it with someone with a similar name, and then putting it in a badly-secured database.
No, really, if you can figure it out I'd love to know. Every now and then I am reminded they exist and that they are silently creating these vast troves of data without anyone's consent, and all I can do is hope that if my identity information is included in a data breach, I am both small enough and lucky enough to not be impacted.
Think about all the other websites out there using Google Analytics, FaceBook "Like" buttons, Twitter excerpts, etc.
You're ever getting away.
Even if you are homeless and living under a bridge, facebook will have photos of you, uploaded by others, they will know who you are and whwre you like will sell some data relating to you to someone
For example: You want to vote in an online poll by company A. Company A collects data about you and sells it, so you must agree to their privacy policy. Company A's privacy policy discloses that they sell your data to Companies B, C and D. Companies B, C and D have provided a list of its customers to Company A, and Company A includes those lists as well. In addition, the customers of those companies provide lists (as all data brokers would be required to do).
If its seems like it could get overly complicated with huge lists of data brokers for a simple online poll, that's the idea. You shouldn't have to wonder how many entities you're giving access to your information when, for example, you want to vote for MLB All-stars. MLB wants your name, address, email, phone number, and they disclose they'll "share it with partners" but they don't say who those partners are, how many exist, and if they have their own "partners". Vote for your favorite player and you could be getting a phone call for life insurance 15 minutes later after your number has been passed through 5 different companies.
If you keep PII, you'd also need to keep some contact info for the subject, and use it to ensure they know about their rights / the data. The existence of the data-related right would imply an obligation to inform the subject about it.
I guess I'd prefer a web interface displaying all the data holders with little "delete" buttons, over getting a gazillion letters, but if this is implemented by a single organization that actually has all your data (even if only for the purpose of faciltating GDPR), it could be a central point of failure.
[1] https://www.ccc.de/en/datenbrief
You go to a website about babies, you get baby ads.
You go to a website about electrified fences, you get ads for trucks, tractors, backhoe rentals (even in your area because of your IP address - but that's it)
It's damn near equivalent to local / cable TV.
Also, what ever happened to showing ads to people who aren’t already interested in your product to expand your brand and maybe bring in new customers? The current ad model feels overfitted to me.
As for the common complaint that you always see ads for products you already purchased, that's actually a very good time to make an impression. What are the odds that you are thinking about buying a new dishwasher at any given moment? Probably next to 0. You probably would completely ignore any dishwasher ad you saw. Now imagine you just replaced your dishwasher with a new one. You probably noticed that dishwasher ad now. You might have even clicked on it to see if you got a good deal on it. You probably care more right now about dishwasher specs than you ever have in your life up to this point. Maybe there's a better deal out there. This is the perfect time to send you more dishwasher ads.
I'd think that the more interesting thing would be to try and find some proxies we can use as an ersatz empirical test. For example, what about ad prices? If personalization based on tracking really does work better than other forms of ad targeting, then one would expect that that difference would yield a noteworthy difference in ad prices.
In short: If it really works so well, then you'd expect personally targeted ads to cost significantly more per impression than ads that use content-based targeting. And I'd assume that that information is reasonably public.
Also, fact is that matching consumers with products that they like doesn't just have enormous business value, but is actually socially positive! If you can more easily reach a niche audience, you can build better more targeted products. And the open data exchanges were a great moat against platform centralization like FB. The fight against open data exchanges make the comparative advantage FB has in advertising to you larger. That's actually pretty bad, because FB has some pretty bad incentives wrt to the attention economy and optimizing for engagement. A world where advertising on independent websites is effective is a much better one - it would let websites put out better content, it would decrease the power of social networks, it could fund better journalism (which is being decimated right now), etc.
Well, sometimes. But what people want is not always good for them or for society at large. Targeted advertising has a side effect of hiding what exactly is being advertised to society. There's obviously the extreme cases of "vices," but what about things like junk food? People love it. Targeted advertising can induce cravings that make people buy and eat things they know are not good for them. Or for another example, what about pesticides and gas guzzling trucks? I don't want all my neighbors' vanity being exploited in order to pollute my neighborhood. We can openly talk about what we all see on TV, in newspapers, or on billboards, but if I'm not seeing the same ads as my neighbors online, those conversations aren't going to happen.
Couldn't have happened to a worse industry
Otherwise, get the fuck off my attention span, stop bloating the web, and stop polluting public spaces with irrelevant information!
I mean, why not both? I simply cannot think of someone who dislikes tracking-as-advertisement and is pro central clearinghouses for more targeted personal information.
> Also, fact is that matching consumers with products that they like doesn't just have enormous business value, but is actually socially positive!
Only with the unstated premise that tracking _will_ happen and it's better if that tracking is done in a decentralized fashion. Sure, I can agree that there shouldn't be a monopoly at the focus on online tracking-as-advertising, but there's an additional argument that the space _should not exist in itself_. These arguments have been rehashed endlessly online and especially on HN so they probably don't bear repeating here, but the either or choice you represent is disingenuous.
EDIT: fixed a typo
Maybe this works well for some products, like "I know i need to buy milk, what should i buy?" but it has often been used in a form that appears like an abusive relationship.
Think about all of the kid-targeted ads from 30 years ago which peddled sugars and psychological tricks to get kids frothing at the mouth over their food and toy products. These weren't merely advertisements, but targeted attacks to the brain. And of course things haven't changed, it's just iconic to talk about early TV's cereal commercials hah. As with many product advertisements, they're not just trying to make you aware of the product - they're trying to bypass your consciousness and hook straight into your brain.
That was 30 years ago, and we've had the misfortune of seeing this evolve. Now social media advertisements are hyper targeted with similar tactics but more nefarious goals. Misinformation at the hands of targeted advertisements has been the source many-a controversies of recent years.
My point is i'd agree with you if advertisements haven't been so blatantly manipulative over the last 50+ years. If they were simply "Hey, you like X, try Y?"; but they're not. That ship sailed before i was even born. And it's only gotten worse with time.
Based on this, the only solution is to make sure nobody has any information that may possible be leaked and, at the time or later, be connected to me.
In addition to that nobody targets ads with value, because valuable products are super rare and don't need advertising because those show up in magazines, on blogs etc created by people interested in the field, because sharing those products give value to their readers.
I tested it recently on youtube, both by my locked in account (15? year old google account with a ton of info) and in a firefox container. The first ad was for some casual mobile game/scam and the second was for something I can't remember anymore. I also don't remember the first ad I got on the account that wasn't logged in, but the second one was for a website that sold used iPhones, something that I am very much interested in.
So, despite knowing a ton of me, Google couldn't show me a related ad that was better than the ad it showed when it had no data.
For a very long time the ads in gmail were all about getting loans no matter how poor my credit was, when my issue was that I need a good place to invest my money, not take on expensive loans.
Currently they were trying to sell me extra chargers for electric cars, of which I don't own any.
Facebook showed me a generic ad for cancer awareness aimed at somebody 15 years older than me (they know my real date of birth).
Previous to that they showed me a ton of ads for extra comfy travel trousers.
Twitter got the closest by showing me ads for places to buy crypto (yes I am interested in that space, no I won't by stuff from ads that scream scam to me).
I don't know what will replace ads, and it is possible that ads might bring some value in specific cases but in general they are a waste of money. I suspect Google etc knows this, but can't say it for obvious reasons.
Brand awareness ads might make sense, but it doesn't really make sense to target those much.
This is a very specific statement. It may be true. But, even if we accept for the sake of argument that it is, it's not quite the same statement as, "Mass personal data collection has never resulted in personal harm," which, while seeming quite similar, also happens to be false.
What is the math here? How do you account for society-wide lost productivity from spending time consuming advertising? Or for people making sub-optimal purchasing decisions when products that are worse for their needs happen to have bigger advertising budgets?
Work in advertising by any chance?
If you read the article, it's not primarily about advertising. It's about privacy and the negative impact to society on losing it.
The ad tech firms were certainly pivotal in creating the dystopian surveillance world we live in. They deserve every single bit of bad rap they get for that and, personally speaking, I really hope there's a lot more bad rap heading their way.
>the fact of the matter is that cookie tracking data has NEVER been associated with any leak or data breach that resulted in personal harm
I don't know if you're deliberately positioning that duplicitously or not. I'll give you the benefit of the doubt.
Whether there are cookie-based breaches or not is, in practical terms, irrelevant. Read the article. With cookies, and without breaches, the Facebooks and Googles of the world allow advertisers to promote smoking to children or payday loans to those with financial troubles.
Advertising is a wide spectrum. At one end it's relatively benign: billboards and the like. Some feel even that is unacceptable. At the other is the FB/G hyper-targeted end. In and of itself it is extremely creepy. But the article is about much more than just the weird experience of wondering how they knew to target you for erectile dysfunction treatment. Or divorce lawyers.
Ad tech has bootstrapped a global panopticon. That's the problem here.
Oh, and next time your insurance premium goes up mysteriously, have a think about your browsing history.
>If you can more easily reach a niche audience, you can build better more targeted products.
in practice, these two concepts are incompatible. everyone has buttons that can be pushed with the help of detailed psychological profiles made by advertisers.
if you push those buttons enough times, it's typically unhealthy for the person and financially beneficial for the pusher all the while.
How could you possibly make this claim in good faith, let alone believe it?
EDIT: typo
Is not advertising, it's sales: the seller establishes a personal relationship with the buyer, finds out what the buyer's needs and wants are, and proposes a product or service to them that satisfies those needs and wants. Advertising is nothing like that.
Not to mention that most things that get advertised for, nobody sells the way I just described above. The only products most people buy that get sold that way are houses and cars, and those aren't the kinds of things advertisers are trying to sell using harvested personal data. Most products that people buy that are advertised that way, they choose themselves, they don't have a personal sales person helping them.
Do you have a link for this?
Now if I had the same degree of control over all of my personal data we wouldn't be having this discussion.
Disclaimer: I worked in advertising.
Data is concretely used to maximize engagement, outrage, polarization, etc. in order to get more attention, which is at a root of a lot of the public discourse challenges we have these days. It would be much more benign if tracking was really just about trying to see what I am most likely to buy and target that to me.
Personally I dislike also the "tracking to show me what I'm most likely to buy" but this itself (assuming such thing could exist in a vacuum, which seems unrealistic to me) has an inherently limited impact.
It's not okay to take a person and hold them against their will, even if they've signed some sort of agreement. Indentured servitude and slavery are considered non-viable business arrangements. No matter what I promise you or what our trade-off is, these contracts cannot exist.
I think the only way this reasonably ends is when the rest of society catches up to that conclusion. It might be a while, though. I honestly don't think most people _want_ to know what's going on, since it's quite frightening and there's nothing they can do about it. This is going to have to get more and more stressful to the average citizen until most folks realize what kind of world we've crept into.