One big privacy issue is that there is no sane way to protect your contact details from being sold, regardless of what you do.
As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
And I buy this stuff. Every time I need customer service and I'm getting stonewalled I just go onto a marketplace, find an exec and buy their details for pennies and call them up on their cellphone. (this is usually successful, but can backfire badly -- CashApp terminated my account for this shenanigans)
<< find an exec and buy their details for pennies and call them up on their cellphone. (this is usually successful, but can backfire badly -- CashApp terminated my account for this shenanigans)
Honestly, kudos. The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.
<< As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
And people laughed at Red Reddington when he said he had no email.
There was a post from someone a long time ago who has an email address and name similar to Make Cuban but not quite. He got quite a few cold call emails meant for Cuban. A lot of them were quite sad (people asking for money for medical procedures and such).
> The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.
Unless your problem is with the company doing the privacy violations, this doesn’t make any sense.
Exactly this was tried by the likes of James Oliver and journalists/comedians of that caliber running ads and gathering data from politicians in Washington.
>One big privacy issue is that there is no sane way to protect your contact details from being sold, regardless of what you do.
>As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
Fortunately this is changing with iOS 18 with "limited contacts" sharing.
The interface also seems specifically designed to push people to allow only a subset of contacts, rather than blindly clicking "allow all".
The far bigger issue is the contact info you share with online retailers. Scraping contact info through apps is very visible, drawing flak from the media and consumers. Most of the time all you get is a name (could be a nickname), and maybe some combination of phone/email/address, depending on how diligent the person in filling out all the fields. On the other hand placing any sort of order online requires you to provide your full name, address, phone number, and email address. You can also be reasonably certain that they're all accurate, because they're plausibly required for delivery/billing purposes. Such data can also be surreptitiously fed to data brokers behind the scenes, without an obvious "tiktok would like access to your contacts" modal.
On android you can choose whether to grant access to contacts. And most apps work fine without.
GrapheneOS, which I use, also has contact scopes, so troublesome apps that refuse to work without access will think they have full access. You can allow them to see no contacts or a small subset.
There's also multiple user profiles, a "private space", and a work profile (shelter) that you can install an app into, which can be completely isolated from your main profile, so no contacts.
It surprises me how far behind iOS is with this stuff. Recently I wanted to install a second instance of an app on my wife's iPhone so she could use multiple logins simultaneously, there didn't really seem to be a way to do it.
I think it's not properly appreciated that Apple fully endorses all of this. For two reasons: (1) the provision of the output of billions of dollars of developer time to their users for no up front cost (made back via ads) is super valuable to their platform; and (2) they uniquely could stop this (at the price of devastating their app store), but choose not to.
In light of that, perhaps reevaluate their ATT efforts as far less about meaningful privacy and far more about stealing $10B a year or so from Facebook.
Useless without limiting the kind of data I want to share per contact. iOS asks for relationships for example. You can set up your spouse, your kids, have your address or any address associated with contacts. If I want to restrict app access to contacts, I also want to restrict app access to specific contact details.
> (this is usually successful, but can backfire badly -- CashApp terminated my account for this shenanigans)
When I was at a medium-sized consumer-facing company whose name you’d recognize if you’re in the tech space (intentionally vague) we had some customers try this. They’d find product managers or directors on LinkedIn then start trying to contact them with phone numbers found on the internet, personal email addresses, or even doing things like finding photos their family members posted and complaining the comments.
We had to start warning them not to do it again, then following up with more drastic actions on the second violation. I remember several cases where we had to get corporate counsel involved right away and there was talk of getting law enforcement involved because some people thought implied threats would get them what they wanted.
So I can see why companies are quick to lock out customers who try these games.
I wonder if it ever evoked an dive into exactly what happened to leave these customers with thinking this was the most likely avenue for success? Hopefully in at least some cases their calls with CSRs were reviewed and in the most optimistic of best cases additional training or policies were put into place to avoid the hopelessness that evokes such drastic actions.
> So I can see why companies are quick to lock out customers who try these games.
Most of the companies who customers try these "games" against are places like Google and Meta that literally do not provide a way for the average customer to reach a human. None.
Those have got it coming for them, the megacorps' stance on this is despicable and far worse than the customers directly reaching execs who could instantly change this but don't because it would cut into their $72 billion per year net profit.
This is a case where laws simply did not catch up to the digital era. In the brick and mortar era it was by definition possible to reach humans.
I get that your company was smaller and probably did allow for a way to reach a human but that's not generalizable.
I think the sort of desperate mailing works better when you reach out to execs and VPs, not PMs and managers. Some founders had well-known emails and it was common to hear stories about escalating (eg jeff@amazon). It’s a well documented technique that many people have had great success with.
I’m not an exec, but I work on a major product in a major company. A significant portion of Americans use my work. My corporation has a reputation for poor customer support ATM. If I started getting personal emails or phone calls, I’d contact corporate security or lawyers just out of fear and confusion. That said, I’d be peeved on behalf of my customers if that same treatment was applied to messages directed at our household-name-CEO.
Honestly not condoning people crossing the line of threats/abusive behavior, but it sounds like you worked at one of those companies that make it impossible to get ahold of someone, don’t respond to customers, or other poor customer service issues, and then are surprised people resort to this
What's funny is that the exec I got on the phone was super supportive and helpful and was genuinely amused to hear from me and hear what was happening. He put me in touch with their "Executive Support Team" and it was after this that I guess someone realized they didn't like the route I had taken.
I feel somewhat vindicated after this announcement (though it does nothing to bring my account back):
> Accessing any kind of customer service for Cash App was a challenge, too, according to the CFPB. Block included a customer service number on Cash App cards and in the app's Terms of Service, but calling it would it ultimately lead users to "a pre-recorded message directing consumers to contact customer support through the app."
As a result of sales drones getting hold of my number, I have to put my phone on silent and never pick up unless I recognize the number. Very unfortunate. What if there is an emergency with my kids?
If you're using iOS you can set certain contacts to bypass silent mode so that you still hear their notifications/calls. I know it doesn't help with unknown numbers, but just saying in case you're not aware. I'd be surprised if you can't do the same on Android.
> And I buy this stuff. Every time I need customer service and I'm getting stonewalled I just go onto a marketplace, find an exec and buy their details for pennies
The article author claims that you can't get this stuff for under $10k. Where do you find it for pennies?
As a test I downloaded it and got my wife’s full email and cell phone number easily from their free trial. And the full price would be on the order of pennies per contact.
The thing is...contact details aren't really private information, basically by definition.
The distinction is contact details privacy is based on the desire not be interrupted by people you didn't agree to be interrupted by - i.e. it's a spam problem - and realistically to solve this requires a total revamp of our communications systems (long overdue).
The basic level of this would be forcing businesses to positively identify themselves to contact people - i.e. we need TLS certificates on voice calls, tied to government issued business identifiers. That would have the highest immediate impact, because we could retrain people not to talk to anyone claiming to be a business if there phone doesn't show a certificate - we already teach this for email, so the skill is becoming more widespread.
A more advanced version of this might be to get rid of the notion of fixed phone numbers entirely: i.e. sharing contacts is now just a cryptographic key exchange where I sign their public certificate which the cellphone infrastructure validates to agree to route a call to my device from their device (with some provisioning for chain of trust so a corporate entity can sign legally recognized bodies, but not say, transfer details around).
This would solve a pile of problems, including just business decommissioning - i.e. once a company shuts down, even if you scraped their database you wouldn't be able to use any of the contact information unless you had the hardware call origination gear + the telecom company still recognized the key.
Add an escrow system on top of this so "phone numbers" can still work - i.e. you can get a random number to give to people that will do a "trust on first use" thing, or "trust till revoked" thing (i.e. no one needs to give a fake number anymore, convention would be they're all fake numbers, but blocking the number would also not actually block anyone you still want to talk to).
EDIT: I've sort of inverted the technical vs practical details here I realize - i.e. if I were implementing this, the public marketing campaign would be "you can have as many phone numbers as you want" but your friends don't have to update if you change it. The UI ideally would be "block this contact and revoke this number?" on a phone which would be nice and unambiguous - possibly with a "send a new number to your friends?" option (in fact this could be 150 new numbers, one per friend since under the hood it would all be public key cryptography). I think people would understand this.
What definition of contact details makes them not private?
Contact details (your phone number, email or address) are definitively private information, you should be the one that decides who gets them and who doesn't.
I think this could be one of the more legitimate uses of blockchain - distributed communications, contacts, and a refundable pay-per-call system to make spam calling uneconomical. Communication in general does desperately need an overhaul, phones are effectively useless as phones nowadays.
>> And I buy this stuff. Every time I need customer service and I'm getting stonewalled I just go onto a marketplace, find an exec and buy their details for pennies and call them up on their cellphone.
I find it funny how easy it is to find scammy websites which promise to remove your data (right...), but how hard it is to find the actual marketplaces where people trade this data. It also makes you think about what other systems have similar asymmetric interfaces for the public and the ones in the know (yes, I know there are plenty).
Assuming these marketplaces operate within the bounds of the law, would it break HN’s ToS to post them? I’d be interested in pursuing the same strategy.
And the combination of contacts are also unique enough to identify you. Even though they change over time. Some fuzzy matching, take in another few bits of fingerprint like device type and country and voila no advertiser ID required.
Ps smart idea to use it for that purpose. If I failed to get proper service I'd just review bomb the company everywhere and soon enough I'd get a call fixing my problem and asking to remove them :)
> there is no sane way to protect your contact details from being sold
I can think of one: make it illegal to buy, sell, or trade customer data. All transfer of data to another party must have a record of being initiated by the individual.
Yeah, I wonder if it might help to create a little newsletter for politicians and regulators. Send emails telling them exactly where they are, what apps they use, and so on. And send them the same information about their children.
I mostly connect through Signal. I do technically have a phone number that my close friends and family have, but its a random VoIP number that I usually change every year or so. Surprisingly no one has really cared, I send out a text that I got a new number and that's that.
How? Most of the services I use, from Walgreens to banks to retirement accounts, require a phone number either for 2FA or just to verify that you’re you when signing up. After changing my phone number this year and having to go through the rigamarole for each service, I decided never again.
Changing your number every year could mitigate as it would introduce entropy and stale data into the system. When done at scale, data lifetime would behave similar to the automatic deletion of messages on whatsapp. Somewhat mimicking an in person verbal conversation where only people's memories remember what was said and even their version gets changed every time memory recall takes place. Systems already exist in real life that protect privacy, it's just that we do a poor job of reproducing them with tech.
Changing your telephone number every year could be an artificial holiday like valentines day or halloween. It can be done if people deem it's important.
I already do this. It gives me an opportunity to trim the contact list to people I actually talk to regularly which I send the new number too. Also shows me my footprint online since I have to update the number. I only change it for places I actually use regularly or are important.
I just block all unscheduled calls and calls from unknown numbers. If there isn't a calendar event and it isn't coming from a known family member or close friend, the call doesn't go through.
I also have multiple cell and virtual numbers and give different ones out to businesses, banks, friends, and family. Businesses that don't need to ship me stuff also get a different address than ones that do.
I don't register to vote anymore because they leak my residential info. When they can agree to stop leaking it, I will participate again.
I have done this as well. I once got an travel insurance claim rejected by some outsourced handler and found out who the CEO of the insurance startup was. I emailed him and magically it got resolved
You are very lucky. In China, virtually all websites are required by law to use your phone number (verified by SMS) to register and/or to use. And all numbers must be linked to your ID.
Where are you buying this? Might be handy for a job search. Zoominfo basically doesn't have a b2c offering and I am not paying several thousand for an experiment in improving my career
I can relatively easily skip trace people but where are you buying specific peoples information? Do you mean youre skip tracing or buying directly from data brokers?
You may be committing some type of violation of privacy laws if you're contacting them via phone and they're on the do not call list. Because they work at a company does not mean that you and the employee have a business relationship.
I'm really happy to see this level of detail and research. So many privacy-related articles either wholly lack in technical skill, or hysterically cannot differentiate between different levels of privacy concerns and risks.
People commonly point to Mozilla's research regarding vehicle's privacy policies. (https://foundation.mozilla.org/en/blog/privacy-nightmare-on-...) But that research only states what the car company's lawyers felt they must include in their privacy policies. These policies imply (and I'm sure, correctly imply) that your conversations will be recorded when you're in the vehicle. But, they never drill down into the real technical details. For instance ..... are car companies recording you the whole time and streaming ALL of your audio from ALL of your driving? Are they just recording you at a random samples? Are they ONLY recording you when you're issuing voice commands, and the lawyers are simply hedging their bets regarding what sort of data _might_ come through accidentally during those instances? Once they record you, where is the data stored, and for how long? Is it sent to 3rd parties, etc? Which of these systems can be disabled, and via what means? Does disabling these systems disable any other functionality of the vehicle, or void its warranty? Lastly, does your insurance shoot up if you have a car without one of these systems? etc ...
The list of questions could go almost indefinitely, and presumably, would vary strongly across manufacturers. So much of the privacy news out there is nothing but scary and often not very substantiated worst case scenarios. Without the details and means to improve privacy, all these stories can do is spread cynicism. I'm really glad to see this level of discourse for the author.
Those aren't questions that have fixed answers. The data available is pretty far beyond what I'm personally comfortable with though.
One OEM I'm familiar with had such a policy. My org determined that we needed a statistical reference to compare against within a certain area. Some calls were made to the right people and shortly after we had a (mildly) anonymized map of high precision tracks for every vehicle of that brand within the area over some period.
I'll answer the, "Does disabling it void your warranty?" question. The answer is almost always "no". Unless the modification you make to something actually directly or indirectly caused damage to it, companies in the US cannot "void the warranty".
> Lastly, does your insurance shoot up if you have a car without one of these systems?
This question I can answer with a reasonable degree of certainty; no, it does not.
Insurance companies increase rates for automobile coverage for many reasons, real or illusionary. But "does your insurance shoot up" strictly for not having a recording device in a vehicle is not one of them.
Do some insurance companies charge less when provided access to policy owner driving patterns which the companies infer reduce their risk? Sure.
> Do some insurance companies charge less when provided access to policy owner driving patterns which the companies infer reduce their risk? Sure.
> But that is a different question.
In what way? A discount for allowing surveillance is identical to an extra charge for disallowing it. They're identical, unless the "base" rate is set externally somehow.
$5 for lemonade, $3 off if you skip the lemon == $2 for sugar water, $3 extra to add lemon.
Is there any documentation on this to read further? I.e. what the different levels contain and how much on average is the cost reduction for the merchant.
That just sounds like a standard cross-merchant loyalty program? I don't think there are many examples in the US, but once you realize it's a loyalty program you really shouldn't be surprised that they're tracking your purchase history. That's basically the entire premise.
I believe that's opt-in. At least it seemed to be when my landlord switched to Bilt.
There's a section of your Bilt profile that shows your other credit cards and whether you want them linked. It's pretty freaky to see them listed in the first place.
I definitely keep them off.
Bilt is ultimately a big points/reward program though, so you might get points for having them connected.
I still haven't figured out exactly what Bilt's business plan is, but the main part seems to be trying to get as much financial data on people as possible, and partnering with landlords to do so, and since it's how to pay your rent you can't unenroll completely. (Unless you maybe mail your landlord a paper check?)
It was initially opt in for me, then they made it mandatory.
(Sure, I could pay by check but consumer banking technology/US in the US already feels like is is lagging a decade behind other countries without voluntarily going further back. Paying by check every month would be quite inconvenient.)
I'd already decided to avoid bilt as much as possible, but reading this thread prompted me to try going a little further.
> Request to Know... The specific pieces of Personal Information we collected about you.
> You have the right to opt-out from having your Personal Information and Sensitive Personal Information sold to third parties. You also have the right to opt-out from having your Personal Information and Sensitive Personal Information shared with third parties for purposes of cross-contextual advertising
I’ve had to deal with Bilt [0]. In case you’re not aware, they have a “feature” called Instant Link that automatically pulls ALL of your personal and sensitive financial data from financial institutions, including your credit card accounts, balances, etc. They apparently do this via a partnership with a company called Method Financial [1].
It’s frankly the most intrusive thing I’ve ever encountered in any software I’ve ever used—I’m not sure how it’s even legal, but this is America where we have no real privacy rights.
Instead of giving you the option to opt in for them to get this level of access, they automatically enroll you into it when your account is created, pull your data, and then allow you to “opt out” afterward, which enables them to have access to your personal and sensitive financial data anyway. And since you literally must have an account with them if your building uses their services for rent payments, they’ve effectively rigged the system to force millions of folks to unknowingly give them access to their personal and sensitive financial data.
Anyway, in your Bilt privacy settings, there are some options you can disable (including Instant Link), and I recommend that you disable ALL of them, although given the dark practices of this company, I don’t even trust that those settings are actually honored.
Side note: Did you know about a company called Method Financial that somehow has real-time access to ALL of your personal and sensitive financial data? Did you know that this company you never heard of that has said access then sells that access to the highest bidder? Do you remember agreeing to any of that anywhere? Yeah, me neither (on all counts)…
Thanks for the heads up. Luckily I can go back to analog with certified funds to pay rent. I suspect, without evidence, this is due to the relatively strong tenant protections in Chicago.
You might want to discover about sophistication and pervasive facial recognition technology used by major retailers. Paid by cash? It can still be tracked to you. For "fraud prevention", of course.
>Paid by cash? It can still be tracked to you. For "fraud prevention", of course.
They can already track you through your phone and/or credit cards. Why bother setting up a massive facial recognition system for people paying with cash when they only account for 10% (or whatever) of overall shoppers, and have less disposable income than average?
Facial recognition on a small corpus of known faces (what everyone experiences on Facebook, their phones, etc) is an easy problem.
Walmart picking up a face walking into a store and matching it against 30 million possibilities is going to return so many false positive matches it’s going to be completely useless.
Facial recognition is illegal where I live, both for gov't and commercial uses. Several major cities in the US have banned it (e.g., San Francisco, Boston, etc.).
I'm assuming you're using your Bilt card when this happens.
Your Bilt agreement stipulates how itemized transaction data (level 3 in payment terms, with level 2 being "enriched" with subtotals/tax and merchant information- which is what you typically see with your normal bank)
Card networks (Mastercard, VISA) have different fee structures that incentivize more detailed information like level 3 for lower processing fees for merchants - here's more details on levels https://na-gateway.mastercard.com/api/documentation/integrat...
What's most interesting to me about that is that they are willing to disclose that data to your email provider. Amazon, for example, is pretty cagey about what you've bought when sending emails, probably because they don't want Google to be able to use that information to target ads to you. (Not because they are Good and care about your privacy, but because they think they're going to beat Google at advertising. How's that going?)
So yeah, I don't get why they would do this. It gives their advertising competitors valuable data for free, and it pisses off customers by telling them that they're being tracked when they shop at Walgreens. Strange stuff.
Oh, here I thought it was because every time I want to remember info about an order, it forces me back to their platform, rather than simply searching my email like I do for every other item I've ever purchased.
Loyalty cards are one avenue for data brokers to get your purchase history. Credit cards can also sell your purchase data. Currently the only safe-ish way to be anonymous is with cash. That may disappear with pervasive face recognition and cell phone tracking.
What’s most strange to me is why this Bilt company would pay for that data feed and somehow think it provides some value to you. It’s obviously just creepy way of saying we know too much about you
Unfortunately the GDPR is largely toothless if a company without an EU presence chooses to ignore it.
I live in Ireland and my data is in the databases of several US data brokers. Thise conpanies can't be forced to to comply with the GDPR because they simply do not have an EU presence. You don't have to search far to find stories from people people who made complaints to their local Data Protection office about such issues only to be told there's nothing that can be done.
HN rants about it because it’s not a good solution. It identified a problem but caused an idiotic fallout (cookie banners) and failed to actually put in a framework to enforce that companies aren’t just lying.
This happened to me with square (block). I bought furniture, and they used square and required my email address for delivery. And then after that, anywhere I used square to pay for something using the same card, they would email me a receipt. I complained and they played dumb and never did anything.
This literally just happened to me last week. I emailed them to ask them how to stop this:
> I understand you want to opt out of all points and rewards and not be tracked.
>
> We're constantly working to make Bilt as rewarding as possible. Currently, we don't have an option to opt out of points or rewards. To prevent your transactions from being tracked, the most effective step is to unlink your card from your Bilt account.
>
> To unlink the card:
>
> Go to the Wallet tab > Scroll down to the Your Linked Cards section.
> Look for the card you would like to unlink and tap View all benefits.
> Click the ellipsis [:] on the top right, then tap Edit > Unlink.
Gah, I hate this service and will avoid renting on buildings that use it in the future.
Hopefully exclude? By whom? At some point, somebody has to decide it was sensitive, by what standards? Does Bilt decide to not use it after they were already sold the data? Does the aggregator after already been sold it by the harvesting seller? Does the harvesting app reduce the appeal of their data by deliberately excluding the data? Does the harvesting app care to spend the money on doing that?
That's what I do, but I assume some stores like Target also track you by Bluetooth, facial recognition, etc, and can correlate any past or future cash purchases if you use your credit card once for maybe a large innocuous purchase.
What if landlords could reach their grubby hands into the data firehose their tenants spew out? I can save 5% on some useless shit at X store, you say? Sign me up!
Bilt as a concept is the biggest pile of late stage enshittification horse shit I’ve ever seen.
It would be amazing if you could build and send fake profiles of this information to create fake browser fingerprints and help track the trackers. Similarly, creating a lot of random noise here may help hide the true signal, or at least make their job a lot harder.
Unfortunately fingerprinting prevention/resistance tactics become a readily identifiable signal unto themselves. I.e., the 'random noise' becomes fingerprintable if not widely utilized.
Everyone would need to be generating the same 'random noise' for any such tactics to be truly effective.
Technically, information are the bits you DON'T know. Once you know the bits, it isn't "information" in the Shannon sense, in that it takes no energy to reset a message if you know all the bits, but takes N-units of energy for N unknown bits of information. (See; Feynman's lectures on computation)
It's also useful for making ads more effective & manipulation overall. As long as you can connect the data you track & buy, you can use Thompson sampling. In fact, why would we think knowing the name of a person is anything but bad business?
I'm in this industry, and I have knowledge about this.
It's important to point out that it takes a long time for uptake of new versions of ad SDKs. The general assumption is that it takes about 6 months after release of a new version for 50% of ad traffic to come from that version or newer. Also, for every version you release, approximately 1% of traffic will never upgrade past that version.
In that kind of world, over-collecting data makes sense, especially if you think nobody will ever find out. Like total / and free disk space. There's no good reason to need those, right? But let's say an advertiser comes to you and says "we want to spend $1M / day to advertise our 10GB game, but only to devices that could install it." All of a sudden it's useful to know that a device only has 8GB of disk space, or only 100MB of free space.
So OK, if we didn't collect disk space, now it makes sense to collect disk space. Let's add it to the SDK. It takes a month or two to release a new version of the SDK. 3 months to get any meaningful traffic from it, and another 3 months to get up to 50% of your traffic. Assuming the ramps are linear, 4 months of 0%, and then 3 months of ramping to 50%, 30 days per month, you'll make $22.5M in the first 7 months. But if you had the logic in there to begin with, you'd have made $210M during the same time period. That makes it an easy choice for the business folks.
There are answers to this, but they all have drawbacks. You could limit data that ad agencies can collect. This reduces the value of ads. And agencies have learned that some data (like location) is low-value and high-risk, so they're removing the ability to supply it. I think it'd be better to support a model where ad code can be updated independently of the app. This way we could push out bug fixes faster, and could remove our just-in-case collection, but Apple has no signs that this is coming soon, and Google's answer has been such a shit-show that we aren't considering it viable over the next 4 years.
Edit: To address screen brightness specifically, it's a very rough proxy for age of the user.
> But let's say an advertiser comes to you and says "we want to spend $1M / day to advertise our 10GB game, but only to devices that could install it."
I don't want to call you a liar, but having seen ads that are presumably targeted at me, it feels like a total fiction to say that anyone is actually capable or interested in doing this.
I get advertisements for just absolute nonsense garbage that has no bearing on my life, and no bearing on anything that could have possibly been collected from my device.
The closest thing is that when I was in Mexico for a week, some of my podcast pre-roll ads were in Spanish. (Which, I should note, I do not speak fluently enough to even understand.) Even now, the occasional ad I'm served on a podcast is in Spanish.
And that's it. They saw that my IP came from Quintana Roo, and (somewhat reasonably) decided that I need to hear Spanish-language content. Even when I physically moved back to the United States.
I believe some apps actually have to automatically brighten up your screen when displaying a QR code for scanning, and then reduce back the brightness of its previous setting when moving out of the QR code.
I believe the Whole Foods app does this for its first screen.
Everything listed changes way too often to be useful for tracking. My guess is that it's for anti-fraud purposes. Someone setting up fake devices and/or device farms is likely to get similar values, which means they can be detected via ML or whatever.
> screen brightness, memory amount, current volume and if I'm wearing headphones
None of those are likely to change when you navigate from one website to another, with tracking/ads disabled, which is what they want to be able to track. Otherwise they'd just use their cookies.
One device visits a site where you sell ads. A minute later, an unknown device with identical battery, volume, headphone, brightness, model number, browser version, and boot time to the second arrives on another site you run ads on. There's a pretty good chance they're related, because the odds of all those being the same plus those two sites and recent timings involved is rather low: https://coveryourtracks.eff.org/
Plus it doesn't have to be perfect. It just has to be good enough in bulk to sell.
Combine this with IP, timestamp, and some behavioral patterns, and you’ve got an extremely robust tracking mechanism that operates outside of explicit consent mechanisms.
>If it was LTE, I bet the lat/lon would be much more precise.
False. Apps don't have access to cellid information unless they also have location permissions, in which case they can just request your location directly.
>the free apps you install and use collect your precise location with timestamp [...]
This is alarmist and contradictory given that the author admits a few paragraphs up that the "location shared was not very precise". It might be possible for the app to request precise location via location services, but the app doesn't request such permissions (at least on android, you can't check for requested permissions on iOS without installing the app and running it), so such apps are most definitely limited to "not very precise" locations.
>At the same time, there is so much data in the requests that I'd expect ad exchanges to find some loophole ID that would allow cross-app tracking without the need for IDFA.
At least in theory they're not supposed to do that, but it'd be hard to enforce.
"If a user resets the Advertising Identifier, then You agree not to combine, correlate, link or otherwise associate, either directly or indirectly, the prior Advertising Identifier and any derived information with the reset Advertising Identifier. "
Cell carriers will gladly sell that information to apps. You can make calls to them over the cellular network (even if Wi-Fi is active!) and they will hand it back to you. No location services is required to do this.
"Precise" has a specific meaning for iOS Location Services and this ain't it. Presumably it's just doing IP geolocation which could be the same post code, or it could be the wrong city entirely. I'd expect it to be much worse on LTE than WiFi.
>Eh. Zip code level location + timestamp is still pretty invasive, even if, pedantically, that’s not very precise.
That's basically sent to multiple parties (ISPs, transit providers, CDNs, analytics/advertising/diagnostics/security vendors) everytime you visit a website. If this counts as "invasive" to you, you shouldn't be connected to the internet at all, much less buying a tracking device (a smartphone) and installing random ad-supported apps on it.
> Advertising Tracking ID was actually set to 000000-0000... because I "Asked app not to track".
> I checked this by manually disabling and enabling tracking option for the Stack app and comparing requests in both cases.
> And that's the only difference between allowing and disallowing tracking
This is revealing! I'd wondered about Apple's curious wording "Ask App not to track" leaves suspicious wriggle room - apps may not track by an id, but could easily 'fingerprint' users (given how much other data is sent), so even without a unique ID, enough data would be provided for them to know who you are 99% of the time.
Amended Dead Privacy Theory:
The Dead Internet Theory says most activity on the internet is by bots [0]. The Dead Privacy Theory says approximately all private data is not private; but rather is accessible on whim by any data scientist, SWE, analyst, or db admin with access to the database, and third parties.
Apple sets Advertising Tracking ID to 00000-0000 because it's the only technical control they have. However, apps are also supposed to respect the signal with regards to other methods of cross-site/app tracking and disable fingerprinting mechanisms.
It's not the only technical control they have - every single datapoint an app can gather is ultimately provided from the OS. They could let you disable access to metrics that have proven to be useful for fingerprinting.
They could also attempt block known tracking code - all games with IronSource ads will run the same tracker binary, byte for byte. There's a lot of things they could do, but don't, since in the mainstream they have a pretty good reputation when it comes to privacy.
They have other controls. For example, a game does not need to know your precise battery level (respect the low power mode setting), or precise screen brightness (respect the dark mode setting), or precise storage or volume (appropriate is sufficient). They really don't need to know if you're using wired or bluetooth headphones, and can request a specific entitlement if they have a valid use for that information.
99% of games do not need precise location (some exceptions are pokemon go, etc). They can request and receive an entitlement.
> There's no "personal information" here, but honestly this amount of data shared with an arbitrary list of 3rd parties is scary.
Why do they need to know my screen brightness, memory amount, current volume and if I'm wearing headphones?
Screen brightness, boot time, memory, and network operator could probably fingerprint any device all by itself.
Automatic brightness probably helps honestly. It could help confirm whether someone is in fact in an area that has high levels of lighting around them (e.g., in a store, at a beach on a sunny day, etc.)
Everything little piece of data that is gathered and used can help even if it isn't immediately apparent.
Now I could be wrong on this, but I feel like advertisers don't need to know something is true about a user, they just need to be confident something is true about a user and that's where data points like screen brightness can be of help to them.
Kind of a joke, but it could be useful for determining if they should serve light-mode or dark-mode ads. But I suppose they could just detect if dark/light mode are enabled.
I find it fascinating reading hacker news, full of IT folk who simultaneously build software that enables and profits from the advertising and personal information selling & tracking industry - are also the same people who complain the loudest about it. Unbelievable.
Probably because people like us have more visibility on the huge scope and consequences of this kind of privacy invasion. Most people don't actually see this with their own eyes. They probably know it's happening in the back of their heads but it's not 'real' to them. It's very real when you know you could technically run a report of all your users that also have grindr installed.
I'm sure most of us would prefer not to work somewhere that does it but we need to eat too.. And we have no input in this.
For example recently I was given a presentation on a new IoT product at work. Immediately I asked why we're not supporting open standards stuff like matter as a protocol. And I was told that'll never fly with marketing because they want to have all the customers to have eyes on their app for their 'metrics' and upselling. I told them fine but I'm definitely not using this crap myself. But it was shrugged off. We are too few for them to care about. And it makes us very unpopular in the company too. So it's a risky thing to do that doesn't help anyway. The "don't fight them but join them and change from within" idea is a fallacy.
Yes, because everyone on Hackernews is identical and working on the exact same stuff. It's not like it's a few companies enabling this and each marketing department going like oooooh i want that.
There’s no code of conduct or rule book that anyone should follow so ethics is determined at the individual level. That quickly turns to, either I build it for them or the next guy will. Resistance is futile type thing.
Most other types of engineering have published rules and standards and industry credentialing including ethics tied into it and loss of credentials for an ethics violation would be career ending in many cases.
(I can only think of straw-man examples. Does the private prison industry have problems getting architects, civil engineers, electrical engineers? Does the pharma industry have problems getting chemical engineers for manufacturing addictive painkillers?)
We might not be the same. Every time someone asks for tracking anything I complain and question a lot. People hate me, but if there is no real use case for storing all information we can get I will veto as much as I can.
The IT folks working in the advertising industry are much more the "who cares, everyone has all our data already anyway".
So you think individuals have control over how the industry works? The insight it gives devs is why some are so outspoken about it. This is a good thing.
Readit News
As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
And I buy this stuff. Every time I need customer service and I'm getting stonewalled I just go onto a marketplace, find an exec and buy their details for pennies and call them up on their cellphone. (this is usually successful, but can backfire badly -- CashApp terminated my account for this shenanigans)
Honestly, kudos. The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.
<< As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
And people laughed at Red Reddington when he said he had no email.
Unless your problem is with the company doing the privacy violations, this doesn’t make any sense.
It was some years ago and resulted in nothing
>As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
Fortunately this is changing with iOS 18 with "limited contacts" sharing.
https://mobiledevmemo.com/wp-content/uploads/2024/09/image.p...
The interface also seems specifically designed to push people to allow only a subset of contacts, rather than blindly clicking "allow all".
The far bigger issue is the contact info you share with online retailers. Scraping contact info through apps is very visible, drawing flak from the media and consumers. Most of the time all you get is a name (could be a nickname), and maybe some combination of phone/email/address, depending on how diligent the person in filling out all the fields. On the other hand placing any sort of order online requires you to provide your full name, address, phone number, and email address. You can also be reasonably certain that they're all accurate, because they're plausibly required for delivery/billing purposes. Such data can also be surreptitiously fed to data brokers behind the scenes, without an obvious "tiktok would like access to your contacts" modal.
GrapheneOS, which I use, also has contact scopes, so troublesome apps that refuse to work without access will think they have full access. You can allow them to see no contacts or a small subset.
There's also multiple user profiles, a "private space", and a work profile (shelter) that you can install an app into, which can be completely isolated from your main profile, so no contacts.
It surprises me how far behind iOS is with this stuff. Recently I wanted to install a second instance of an app on my wife's iPhone so she could use multiple logins simultaneously, there didn't really seem to be a way to do it.
In light of that, perhaps reevaluate their ATT efforts as far less about meaningful privacy and far more about stealing $10B a year or so from Facebook.
Its not. Apple still owns your stuff. There is no difference between Apple and other 3p retailers. Apple just wants more of your money.
So in case Apple allowed for “share all” it means that they did it by design and are changing it now only because of backlash.
When I was at a medium-sized consumer-facing company whose name you’d recognize if you’re in the tech space (intentionally vague) we had some customers try this. They’d find product managers or directors on LinkedIn then start trying to contact them with phone numbers found on the internet, personal email addresses, or even doing things like finding photos their family members posted and complaining the comments.
We had to start warning them not to do it again, then following up with more drastic actions on the second violation. I remember several cases where we had to get corporate counsel involved right away and there was talk of getting law enforcement involved because some people thought implied threats would get them what they wanted.
So I can see why companies are quick to lock out customers who try these games.
I wonder if it ever evoked an dive into exactly what happened to leave these customers with thinking this was the most likely avenue for success? Hopefully in at least some cases their calls with CSRs were reviewed and in the most optimistic of best cases additional training or policies were put into place to avoid the hopelessness that evokes such drastic actions.
Most of the companies who customers try these "games" against are places like Google and Meta that literally do not provide a way for the average customer to reach a human. None.
Those have got it coming for them, the megacorps' stance on this is despicable and far worse than the customers directly reaching execs who could instantly change this but don't because it would cut into their $72 billion per year net profit.
This is a case where laws simply did not catch up to the digital era. In the brick and mortar era it was by definition possible to reach humans.
I get that your company was smaller and probably did allow for a way to reach a human but that's not generalizable.
I’m not an exec, but I work on a major product in a major company. A significant portion of Americans use my work. My corporation has a reputation for poor customer support ATM. If I started getting personal emails or phone calls, I’d contact corporate security or lawyers just out of fear and confusion. That said, I’d be peeved on behalf of my customers if that same treatment was applied to messages directed at our household-name-CEO.
Dead Comment
Did you call to complain about the termination?
I feel somewhat vindicated after this announcement (though it does nothing to bring my account back):
https://www.engadget.com/cybersecurity/cfpb-fines-block-175m...
> Accessing any kind of customer service for Cash App was a challenge, too, according to the CFPB. Block included a customer service number on Cash App cards and in the app's Terms of Service, but calling it would it ultimately lead users to "a pre-recorded message directing consumers to contact customer support through the app."
Hopefully rather than just stupidly giving up, they'll send an accompanying text message.
The article author claims that you can't get this stuff for under $10k. Where do you find it for pennies?
As a test I downloaded it and got my wife’s full email and cell phone number easily from their free trial. And the full price would be on the order of pennies per contact.
The distinction is contact details privacy is based on the desire not be interrupted by people you didn't agree to be interrupted by - i.e. it's a spam problem - and realistically to solve this requires a total revamp of our communications systems (long overdue).
The basic level of this would be forcing businesses to positively identify themselves to contact people - i.e. we need TLS certificates on voice calls, tied to government issued business identifiers. That would have the highest immediate impact, because we could retrain people not to talk to anyone claiming to be a business if there phone doesn't show a certificate - we already teach this for email, so the skill is becoming more widespread.
A more advanced version of this might be to get rid of the notion of fixed phone numbers entirely: i.e. sharing contacts is now just a cryptographic key exchange where I sign their public certificate which the cellphone infrastructure validates to agree to route a call to my device from their device (with some provisioning for chain of trust so a corporate entity can sign legally recognized bodies, but not say, transfer details around).
This would solve a pile of problems, including just business decommissioning - i.e. once a company shuts down, even if you scraped their database you wouldn't be able to use any of the contact information unless you had the hardware call origination gear + the telecom company still recognized the key.
Add an escrow system on top of this so "phone numbers" can still work - i.e. you can get a random number to give to people that will do a "trust on first use" thing, or "trust till revoked" thing (i.e. no one needs to give a fake number anymore, convention would be they're all fake numbers, but blocking the number would also not actually block anyone you still want to talk to).
EDIT: I've sort of inverted the technical vs practical details here I realize - i.e. if I were implementing this, the public marketing campaign would be "you can have as many phone numbers as you want" but your friends don't have to update if you change it. The UI ideally would be "block this contact and revoke this number?" on a phone which would be nice and unambiguous - possibly with a "send a new number to your friends?" option (in fact this could be 150 new numbers, one per friend since under the hood it would all be public key cryptography). I think people would understand this.
Contact details (your phone number, email or address) are definitively private information, you should be the one that decides who gets them and who doesn't.
There is a vendor for this very thing in relation to business and government position called “zoominfo”
I find it funny how easy it is to find scammy websites which promise to remove your data (right...), but how hard it is to find the actual marketplaces where people trade this data. It also makes you think about what other systems have similar asymmetric interfaces for the public and the ones in the know (yes, I know there are plenty).
Ps smart idea to use it for that purpose. If I failed to get proper service I'd just review bomb the company everywhere and soon enough I'd get a call fixing my problem and asking to remove them :)
I can think of one: make it illegal to buy, sell, or trade customer data. All transfer of data to another party must have a record of being initiated by the individual.
I mostly connect through Signal. I do technically have a phone number that my close friends and family have, but its a random VoIP number that I usually change every year or so. Surprisingly no one has really cared, I send out a text that I got a new number and that's that.
Changing your telephone number every year could be an artificial holiday like valentines day or halloween. It can be done if people deem it's important.
I also have multiple cell and virtual numbers and give different ones out to businesses, banks, friends, and family. Businesses that don't need to ship me stuff also get a different address than ones that do.
I don't register to vote anymore because they leak my residential info. When they can agree to stop leaking it, I will participate again.
The audacity of these people. They probably do far worse things to their customers on a daily basis.
Deleted Comment
Phone is wifi only.
In particular, I do not use the contacts functionality built into the phone.
(This is /e/OS, which helps, but I'll be moving to Mobian as soon as it is viable.)
Any chance of a tutorial or some materials on doing exactly this sort of thing?
Dead Comment
Dead Comment
People commonly point to Mozilla's research regarding vehicle's privacy policies. (https://foundation.mozilla.org/en/blog/privacy-nightmare-on-...) But that research only states what the car company's lawyers felt they must include in their privacy policies. These policies imply (and I'm sure, correctly imply) that your conversations will be recorded when you're in the vehicle. But, they never drill down into the real technical details. For instance ..... are car companies recording you the whole time and streaming ALL of your audio from ALL of your driving? Are they just recording you at a random samples? Are they ONLY recording you when you're issuing voice commands, and the lawyers are simply hedging their bets regarding what sort of data _might_ come through accidentally during those instances? Once they record you, where is the data stored, and for how long? Is it sent to 3rd parties, etc? Which of these systems can be disabled, and via what means? Does disabling these systems disable any other functionality of the vehicle, or void its warranty? Lastly, does your insurance shoot up if you have a car without one of these systems? etc ...
The list of questions could go almost indefinitely, and presumably, would vary strongly across manufacturers. So much of the privacy news out there is nothing but scary and often not very substantiated worst case scenarios. Without the details and means to improve privacy, all these stories can do is spread cynicism. I'm really glad to see this level of discourse for the author.
One OEM I'm familiar with had such a policy. My org determined that we needed a statistical reference to compare against within a certain area. Some calls were made to the right people and shortly after we had a (mildly) anonymized map of high precision tracks for every vehicle of that brand within the area over some period.
IIRC, this is under the Magnuson-Moss act but I didn't find it when skimming wikipedia.
https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty...
The warranty is intact, but the device is bricked, because it can't bypass any of the authentication that is required to do... Pretty much everything.
This question I can answer with a reasonable degree of certainty; no, it does not.
Insurance companies increase rates for automobile coverage for many reasons, real or illusionary. But "does your insurance shoot up" strictly for not having a recording device in a vehicle is not one of them.
Do some insurance companies charge less when provided access to policy owner driving patterns which the companies infer reduce their risk? Sure.
But that is a different question.
> But that is a different question.
In what way? A discount for allowing surveillance is identical to an extra charge for disallowing it. They're identical, unless the "base" rate is set externally somehow.
$5 for lemonade, $3 off if you skip the lemon == $2 for sugar water, $3 extra to add lemon.
My rent is paid through a company called Bilt.
I discovered that when I shop at Walgreens now, Bilt sends me an email containing the full receipt of what I bought like so:
Ostensibly (hopefully) it would exclude sensitive items, plan B, condoms, etc...I'm curious how this data flows from Walgreens to my rent company, but maybe I'd rather not know and just use cash/certified check from now on.
Here's a small comment thread from a few months back: https://news.ycombinator.com/item?id=41213632
> choose to provide it for a reduction in the transaction fees they pay.
That would explain why I can use my credit card for rent without a transaction fee! No free lunch!
https://support.biltrewards.com/hc/en-us/articles/2901187842...
There's that FSA/HSA benefit section at the bottom which explicitly states that Bilt receives item-level data:
https://www.biltrewards.com/terms/walgreens
There's a section of your Bilt profile that shows your other credit cards and whether you want them linked. It's pretty freaky to see them listed in the first place.
I definitely keep them off.
Bilt is ultimately a big points/reward program though, so you might get points for having them connected.
I still haven't figured out exactly what Bilt's business plan is, but the main part seems to be trying to get as much financial data on people as possible, and partnering with landlords to do so, and since it's how to pay your rent you can't unenroll completely. (Unless you maybe mail your landlord a paper check?)
The landlord of course makes it _seem_ like you have no other modes of paying rent. The cashier’s check option is buried in the fine print.
Dark patterns all around IMO.
(Sure, I could pay by check but consumer banking technology/US in the US already feels like is is lagging a decade behind other countries without voluntarily going further back. Paying by check every month would be quite inconvenient.)
I'd already decided to avoid bilt as much as possible, but reading this thread prompted me to try going a little further.
Looking through their privacy policy it talks about what California residents can do under CCPA: https://legal.biltrewards.com/policies
> Request to Know... The specific pieces of Personal Information we collected about you.
> You have the right to opt-out from having your Personal Information and Sensitive Personal Information sold to third parties. You also have the right to opt-out from having your Personal Information and Sensitive Personal Information shared with third parties for purposes of cross-contextual advertising
Might as well give this a go.
It’s frankly the most intrusive thing I’ve ever encountered in any software I’ve ever used—I’m not sure how it’s even legal, but this is America where we have no real privacy rights.
Instead of giving you the option to opt in for them to get this level of access, they automatically enroll you into it when your account is created, pull your data, and then allow you to “opt out” afterward, which enables them to have access to your personal and sensitive financial data anyway. And since you literally must have an account with them if your building uses their services for rent payments, they’ve effectively rigged the system to force millions of folks to unknowingly give them access to their personal and sensitive financial data.
Anyway, in your Bilt privacy settings, there are some options you can disable (including Instant Link), and I recommend that you disable ALL of them, although given the dark practices of this company, I don’t even trust that those settings are actually honored.
Side note: Did you know about a company called Method Financial that somehow has real-time access to ALL of your personal and sensitive financial data? Did you know that this company you never heard of that has said access then sells that access to the highest bidder? Do you remember agreeing to any of that anywhere? Yeah, me neither (on all counts)…
[0]: https://www.biltrewards.com
[1]: https://methodfi.com
You might want to discover about sophistication and pervasive facial recognition technology used by major retailers. Paid by cash? It can still be tracked to you. For "fraud prevention", of course.
I'm not aware of any big retailers using facial data for targeting vouchers or anything similar.
Simple things like "did walk through the door with a child" would be pretty valuable data, yet as far as I know, nobody uses it.
They can already track you through your phone and/or credit cards. Why bother setting up a massive facial recognition system for people paying with cash when they only account for 10% (or whatever) of overall shoppers, and have less disposable income than average?
Facial recognition on a small corpus of known faces (what everyone experiences on Facebook, their phones, etc) is an easy problem.
Walmart picking up a face walking into a store and matching it against 30 million possibilities is going to return so many false positive matches it’s going to be completely useless.
Card networks (Mastercard, VISA) have different fee structures that incentivize more detailed information like level 3 for lower processing fees for merchants - here's more details on levels https://na-gateway.mastercard.com/api/documentation/integrat...
https://support.biltrewards.com/hc/en-us/articles/5536526023...
Perhaps more interesting in your case is that if you had your card issues in or before 2022, it's likely with Evolve bank which was breached - https://medium.com/@HackLaddy/when-your-bank-doxxes-you-9152...
So yeah, I don't get why they would do this. It gives their advertising competitors valuable data for free, and it pisses off customers by telling them that they're being tracked when they shop at Walgreens. Strange stuff.
(And no, I don't use gmail.)
I think another big problem is pharmacies. The amount of data shared with health insurance companies must be huge.
I live in Ireland and my data is in the databases of several US data brokers. Thise conpanies can't be forced to to comply with the GDPR because they simply do not have an EU presence. You don't have to search far to find stories from people people who made complaints to their local Data Protection office about such issues only to be told there's nothing that can be done.
I just stopped using that card with square.
Deleted Comment
Clearly you can decide not to use Bilt, but maybe you get caught out some other way (bank, ...) - too difficult to track the trackers.
Bilt as a concept is the biggest pile of late stage enshittification horse shit I’ve ever seen.
This is clearly adding entropy to de-anonymize users between apps, rather than to add specificity to ad bids.
Everyone would need to be generating the same 'random noise' for any such tactics to be truly effective.
_removing_ entropy, by adding more information bits
It's important to point out that it takes a long time for uptake of new versions of ad SDKs. The general assumption is that it takes about 6 months after release of a new version for 50% of ad traffic to come from that version or newer. Also, for every version you release, approximately 1% of traffic will never upgrade past that version.
In that kind of world, over-collecting data makes sense, especially if you think nobody will ever find out. Like total / and free disk space. There's no good reason to need those, right? But let's say an advertiser comes to you and says "we want to spend $1M / day to advertise our 10GB game, but only to devices that could install it." All of a sudden it's useful to know that a device only has 8GB of disk space, or only 100MB of free space.
So OK, if we didn't collect disk space, now it makes sense to collect disk space. Let's add it to the SDK. It takes a month or two to release a new version of the SDK. 3 months to get any meaningful traffic from it, and another 3 months to get up to 50% of your traffic. Assuming the ramps are linear, 4 months of 0%, and then 3 months of ramping to 50%, 30 days per month, you'll make $22.5M in the first 7 months. But if you had the logic in there to begin with, you'd have made $210M during the same time period. That makes it an easy choice for the business folks.
There are answers to this, but they all have drawbacks. You could limit data that ad agencies can collect. This reduces the value of ads. And agencies have learned that some data (like location) is low-value and high-risk, so they're removing the ability to supply it. I think it'd be better to support a model where ad code can be updated independently of the app. This way we could push out bug fixes faster, and could remove our just-in-case collection, but Apple has no signs that this is coming soon, and Google's answer has been such a shit-show that we aren't considering it viable over the next 4 years.
Edit: To address screen brightness specifically, it's a very rough proxy for age of the user.
I don't want to call you a liar, but having seen ads that are presumably targeted at me, it feels like a total fiction to say that anyone is actually capable or interested in doing this.
I get advertisements for just absolute nonsense garbage that has no bearing on my life, and no bearing on anything that could have possibly been collected from my device.
The closest thing is that when I was in Mexico for a week, some of my podcast pre-roll ads were in Spanish. (Which, I should note, I do not speak fluently enough to even understand.) Even now, the occasional ad I'm served on a podcast is in Spanish.
And that's it. They saw that my IP came from Quintana Roo, and (somewhat reasonably) decided that I need to hear Spanish-language content. Even when I physically moved back to the United States.
None of those are likely to change when you navigate from one website to another, with tracking/ads disabled, which is what they want to be able to track. Otherwise they'd just use their cookies.
One device visits a site where you sell ads. A minute later, an unknown device with identical battery, volume, headphone, brightness, model number, browser version, and boot time to the second arrives on another site you run ads on. There's a pretty good chance they're related, because the odds of all those being the same plus those two sites and recent timings involved is rather low: https://coveryourtracks.eff.org/
Plus it doesn't have to be perfect. It just has to be good enough in bulk to sell.
False. Apps don't have access to cellid information unless they also have location permissions, in which case they can just request your location directly.
>the free apps you install and use collect your precise location with timestamp [...]
This is alarmist and contradictory given that the author admits a few paragraphs up that the "location shared was not very precise". It might be possible for the app to request precise location via location services, but the app doesn't request such permissions (at least on android, you can't check for requested permissions on iOS without installing the app and running it), so such apps are most definitely limited to "not very precise" locations.
>At the same time, there is so much data in the requests that I'd expect ad exchanges to find some loophole ID that would allow cross-app tracking without the need for IDFA.
At least in theory they're not supposed to do that, but it'd be hard to enforce.
"If a user resets the Advertising Identifier, then You agree not to combine, correlate, link or otherwise associate, either directly or indirectly, the prior Advertising Identifier and any derived information with the reset Advertising Identifier. "
https://developer.apple.com/support/terms/apple-developer-pr...
We should compare if there a differences in the data sent in countries with better data privacy laws.
That's basically sent to multiple parties (ISPs, transit providers, CDNs, analytics/advertising/diagnostics/security vendors) everytime you visit a website. If this counts as "invasive" to you, you shouldn't be connected to the internet at all, much less buying a tracking device (a smartphone) and installing random ad-supported apps on it.
> I checked this by manually disabling and enabling tracking option for the Stack app and comparing requests in both cases.
> And that's the only difference between allowing and disallowing tracking
This is revealing! I'd wondered about Apple's curious wording "Ask App not to track" leaves suspicious wriggle room - apps may not track by an id, but could easily 'fingerprint' users (given how much other data is sent), so even without a unique ID, enough data would be provided for them to know who you are 99% of the time.
Amended Dead Privacy Theory:
The Dead Internet Theory says most activity on the internet is by bots [0]. The Dead Privacy Theory says approximately all private data is not private; but rather is accessible on whim by any data scientist, SWE, analyst, or db admin with access to the database, and third parties.
[0] https://en.wikipedia.org/wiki/Dead_Internet_theory
See https://developer.apple.com/app-store/user-privacy-and-data-... for details
99% of games do not need precise location (some exceptions are pokemon go, etc). They can request and receive an entitlement.
Screen brightness, boot time, memory, and network operator could probably fingerprint any device all by itself.
Everything little piece of data that is gathered and used can help even if it isn't immediately apparent.
Now I could be wrong on this, but I feel like advertisers don't need to know something is true about a user, they just need to be confident something is true about a user and that's where data points like screen brightness can be of help to them.
I'm sure most of us would prefer not to work somewhere that does it but we need to eat too.. And we have no input in this.
For example recently I was given a presentation on a new IoT product at work. Immediately I asked why we're not supporting open standards stuff like matter as a protocol. And I was told that'll never fly with marketing because they want to have all the customers to have eyes on their app for their 'metrics' and upselling. I told them fine but I'm definitely not using this crap myself. But it was shrugged off. We are too few for them to care about. And it makes us very unpopular in the company too. So it's a risky thing to do that doesn't help anyway. The "don't fight them but join them and change from within" idea is a fallacy.
Most other types of engineering have published rules and standards and industry credentialing including ethics tied into it and loss of credentials for an ethics violation would be career ending in many cases.
(I can only think of straw-man examples. Does the private prison industry have problems getting architects, civil engineers, electrical engineers? Does the pharma industry have problems getting chemical engineers for manufacturing addictive painkillers?)
The IT folks working in the advertising industry are much more the "who cares, everyone has all our data already anyway".
Deleted Comment