They Know You're Reading This

I was recently complaining to a teller at my bank that another bank down the street had given my 3-year-old daughter a stuffed horse for nothing more than walking past the front door. I jokingly asked her what gifts my own bank would be willing to offer to compete for the affections of my daughter. Then I said, "Oh, you probably don't like it when I mention the competition when I'm in here, eh?"

She surprised me with her answer. She said she had her checking and savings accounts at that competing bank and that she has always found their service to be great. I was surprised. Why would a teller at one bank do her own personal banking at another bank down the street?

She told me that most of the tellers she works with have their accounts elsewhere because they don't want friends and colleagues at their own bank to have access to their private information.

The exchange was a clear reminder that privacy issues are everywhere. Anytime you share any information with anyone or any institution, you should expect it to be shared in ways you never expected.

This week, the top story in the Internet world was that the mobile social network Path had been uploading users' email contact lists to its servers. The purpose of the upload was to make it more likely that users would find friends and colleagues who were also on Path. The problem was that Path was uploading the email data to its servers without users knowing it. A firestorm of criticism erupted. And within a day or so, Path responded by putting a stop to the offending practice and deleting every email address they had collected.

Path deserves credit for the swift and appropriate response to the criticism it faced. But the whole incident was one more reminder that almost everything you do on the Internet puts a dent in your personal privacy, whether you're aware of it or not.

When I first heard about Path's plan to delete all the email addresses it had collected, I wondered if Facebook would respond by agreeing to delete those embarrassing photos from 2006 that you already manually deleted six times in the past. As it is now, the photos you delete from Facebook never really get deleted. They're still accessible via direct link (and, of course, by anyone at Facebook who has access to the data). Once you put something on the Internet, you should assume it will be somewhere out there forever.

Maybe that's no big deal when were talking about a few collegiate keg stand photos that you'd rather forget. But it is a big deal when you consider that almost everything you do or share on the Internet is being tracked by someone.

The Path story got big because it's exceptional in two ways. First, thanks to one guy who wrote a blog post, we all were made aware that Path had a policy of borrowing your email contacts without your consent (and that iPhone apps easily allow for such a transgression). And second, when confronted with valid complaints, Path acted swiftly to change its policy and right its former wrongs.

There's nothing all that exceptional about the notion that your data is being collected and saved, and that just about every click you make and every piece of data you share is being tracked by Internet companies and the marketers who pay their bills. Companies like Facebook are so valuable precisely because of the effectiveness with which they transgress your privacy and piece together a portrait of you that can be sold to advertisers.

Pennsylvania professor Joseph Turow explains how you're tracked in the modern world:

"Websites, advertisers and a panoply of other companies are continuously assessing the activities, intentions and backgrounds of virtually everyone online; even our social relationships and comments are being carefully and continuously analyzed. In broader and broader ways, computer-generated conclusions about who we are affect the media content — the streams of commercial messages, discount offers, information, news and entertainment — each of us confronts. Over the next few decades the business logic that drives these tailored activities will transform the ways we see ourselves, those around us and the world at large. Governments too may be able to use marketers' technology and data to influence what we see and hear."

They are watching. And they know you're reading this right now.

And it's not like you can just go offline and avoid the tracking. If you get a postcard advertising a lung cancer screening from your local hospital, it's not by coincidence. Everything about the offline you is being shared across corporations as well. In the age of data mining, it just takes a few clicks to piece together enough information about your age, address, income and insurance status to figure out if you're a likely smoker and therefore a good target for a lung screening pitch.

I have a friend who used to fill out nearly every online and offline form with a different title (Mr., Mrs., Dr., prince, king ...). Then, over time, he tracked the mailings that came to him with those various titles attached. Over time, he could easily track who sold what information to whom.

Today, it wouldn't even make sense to try to keep up. We share our data with everyone, and everyone is sharing our data with everyone else.

It's worth putting this Path story into this broader perspective and reminding ourselves that we are only at the tip of the personal data mining iceberg. By the time my 3-year-old daughter is my age, she might walk into her bank and have the teller ask: "Hey, didn't we give you a stuffed horse back in 2012?"

Dave Pell writes the NextDraft newsletter, a quick, entertaining look at the day's most fascinating news. This commentary originally appeared on his blog Tweetage Wasteland.

