Graffiti: The Writing’s On The Wall

Here’s the latest personal data news:

ALL MAJOR US CARRIERS GIVE YOUR LOCATION INFORMATION TO THIRD PARTIES IN REAL-TIME.

Why?

Same reason why drug cartels flood the US with heroin and cocaine: because they can, and it makes money. The only difference here is that drug smuggling is illegal and, surprisingly, selling your location data is not.

Here’s the skinny:

Carriers have been selling your location data for a decade. One example: if websites paid the appropriate fee, Verizon would append data such as full name, billing zip code plus other data and current location (deduced from cell tower data) to your http request.

Eventually, there were complaints to the FCC, so they stopped it, right?

No, wrong. They just required the carriers to get positive consent before implementing any such service.

So now there are data brokers for such data. A California company called LocationSmart is one. It gets fed your location data in real-time and can sell it on to other companies, but it requires those companies to seek positive consent. (Btw, point of interest, it takes LocationSmart 15 seconds to detect your location.)

Loophole!!

All of this squeezes through a loophole in the Electronics Communications Privacy Act. Amusingly, the act prevents carriers from providing user location to the United States government, but not to anyone else. So, even in that provision, the act is as leaky as a sieve. If the US government desperately wants your real-time location it, it will no doubt, buy it from a data broker.

However, you may have to opt-in.

But, here’s a question.

I’m speaking to you, Americans. How many times have you opted in to share your personal data with some organization or other?

You don’t know, do you?

How many of those website licenses or software licenses did you ever read? And even ones you tried to read, did you ever get past paragraph 4? If somewhere in small print in clause 22 it states “and your soul is now forfeit to the devil, and thus you acknowledge that you may go to hell and suffer torment (waterboarding or worse), in perpetuity and without any possibility of legal recourse.

It Really Is Time To Take Back Your Data

Or should I say, it is almost time, because it is almost time for GDPR.

May 25th is GDPR day!!!!!

If you’ve not read the news from across the pond, you may think that GDPR stands for Global Defense Posture Realignment — and sadly in America, it does. It was an initiative created around 2003 by the US DoD.

But for no-one outside the DoD do those four initials conjure up anything to do with defense — unless we’re talking about defending your data from exploitation. In which case GDPR stands for General Data Protection Regulation, an initiative spawned by the EU that is giving the likes of Facebook and Google bad dreams.

If you want to learn how it applies to you Mr. US Businessman (because it damn-well does) and what these laws are, read these articles (Is Goddam(n) Privacy Regulations What GDPR Really Stands For? and Got A Data Protection Officer? and What Are Those Data Rights?) but if you don’t have time, just think:

GDPR MEANS “I OWN MY DATA.”

And it also means people cannot trade my location.

So please, if you have time, do a couple of things for me:

Write to your congressman and demand that GDPR is also enacted in the US so that we Americans have equal-or-even-better-rights to those Europeans.

Write to the EU and demand that GDPR be changed to stand for GLOBAL Data Protection Regulation

And while we’re at it, let’s declare May 25th to be Data Independence day, not just in America but across the world. And let’s have fireworks. I like fireworks.

And Now It’s Time for a Civics Lesson

The Fourth Amendment reads as follows:

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.”

OK, the founding fathers never anticipated the computer, but they did include the very consequential word “papers” in this very fundamental amendment to the Constitution.

It might just be me, but I construe the word “papers” to mean “data records.” All data records at the time of the framing of the constitution were papers.

to mean “data records.” All data records at the time of the framing of the constitution were papers. Consequently, I interpret “searches” to include intrusive mathematical algorithms that can and often do sift through your data

and

to include intrusive mathematical algorithms that can and often do sift through your data and I interpret “seizures” to mean what happened to the data of 87 million people that Facebook gleefully exposed to Cambridge Analytica. It was seized.

Robin Bloor Ph D. is the Technology Evangelist for Permission.io, author of The “Common Sense” of Crypto Currency, cofounder of The Bloor Group and webmaster of TheDataRightsofMan.com.