Why do they think they have rights to your data

‘Your TV is watching you. And making money off you. And you don’t care?’

Today, every digital service you use (like application or mobile app) and every smart piece of hardware you buy (smart TV, your mobile phone or that fancy gym gadget…), is almost surely watching you. Software and hardware providers are collecting your data and they are analysing and selling that data to whoever is willing to flash some money out.

You might not believe (or even care) about all the legal or shady data collection practices, but here’s a post from a French hacker (Article 1, Article 2), showing how Huawei is tracking China P20 phones, purchased in China ( not entering Huawei — US war here; other phone producers aren’t any better).

The second article shows how P20 is sending the following data to a server (track.uc.cn):

- your country,

- your province,

- your city,

- phone locale,

- the website you requested,

- and of COURSE they know your IP (which can reveal so much about you or your home address).

Today, every smart device has similar capabilities for tracking you. Hardware producers can grab any kind of data, that is available on your device, or made by your actions and they can send it to whoknowswhere, without you having any control or even knowledge about it.

Of course we have some privacy laws (GDRP, PIPEDA, CCPA…) that should prevent such activities, but it’s obvious that companies find ways to overpass them.

Are such practices fair and justified?

Think about buying an apple. You buy it at the store, then you take it home and eat it. The transaction is clear. You get exactly what you buy, and its value is reflected by your willingness to do the transaction. There is no hidden value and no additional transactions after you pay are made.

But when you buy some piece of nice, smart metal, things are different. You visit the store, buy that cool gadget, you plug it in and the first thing you face is some Terms of Service (ToS). There they tell you all this legal stuff and, if they are pretty cool, what data they are collecting and what they are doing with it. If they are amazingly cool they might even offer you some opt-outs, but this doesn’t assure you anything.

So when you buy the smart device you are pretty much forced into the game from the start. You have no choice; it’s take it or don’t use it. You ever tried to decline? Well, your capable metal is turned in to a brick.

Even the Facebook, who is rightly being demonized for their data schawanigans, give you an options not to play the game (let’s exclude their shadow profiles here) and transaction is pretty much clear. They collect our data for the our right to have some fun.

The first problem here is, that even if business and personal data privacy policies are of huge importance, provides don’t make them as part of purchasing decision and information about them is not clearly visible or advertised.

When you go to the store to purchase precious metal, your decision is made upon specifications, usability, design, brand and whatnot. And this info is being widely advertised. But the infos about further transactions (data, privacy, rights) are not there.

Let’s looks at Huawei’s Mate 20 Pro web page.

They proudly tell you how amazing this product is and what you are getting, but not what they are also doing after the process.

If we dig deeper we can see this mambojumbo: Huawei’s EULA and Privacy Policy.

This might be some cool stuff for lawyers, but for us, simple fun loving consumers this is not really something we can easily understand and infos are vague. And it’s hard to get clue what they are doing with it.

If you go back to French hacker list, it’s pretty simple to figure out what they are collecting. But there’s a lack of transparency: they are simple not interested to tell more until they are forced to or they are risking their reputation.

Some of you (as some of my friends do) will say: ‘mmm, we don’t care’ and you have all the rights for it. But think about things you do with phone and even keywords you search or where you browse. Even without doing some shady things, your actions should be as private and personal as you like it at your home. You don’t give keys to your home just to anyone.

If we jump back; what company does with you data, should be part of purchasing decision and should be widely advertised.

However, the issue I want to emphasize is: Why do hardware companies think they have automatic rights to your data.

After you buy an apple, there is no addition in to it. After you buy a phone, whole new party starts.

After you buy that metal, companies automatically assume, that they have all the right for one-way transactions in terms of data. Why? Because obviously they can and they value of data currently is bigger than their reputation risks. And data has an amazing value for them.

They can understand you better and they can better shape the products and they can do some magic analytics, offer new products, perform AI. And they can also sell that data further.

But what’s in it for you? Lower phone price? Might be, but not likely, otherwise they’d advertise it. Better software or support? I am sure just a small part of it.

So what about solutions?. Well, there are at least few:

- we educate ourselves and demand more info about it,

- we start buying products from companies that are more transparent,

- we buy from companies that show us they are using some direct anonymization principles,

- we establish instruments to charge them for the data or have some other benefits (coupons, free services, lower prices…)

- we demand from policy makers they are more strict about the laws and do audits instead of French hackers.

The Fact is that the data business is getting huge. We already are data products and surveillance capitalism and googlenomics, together with emerging AI monopolies, will define the next decades new winners and losers.

On which side do you want to be?