Recently, I went to a local jeweler to get a ring repaired. The sales associate used her tablet device to complete a work order for me. When she requested my address and phone number, I didn’t give it a second thought. Then she asked for my birth date. When I questioned why she needed to know, she shrugged and mumbled something about sending me a birthday card. I decided not to provide that information. Next she asked for my wedding anniversary date, glanced up at me and said, “Oh, I guess you won’t want to tell me that either.” I smiled and shook my head. Not a huge deal, but it did get me thinking about all the times we give people personal information without asking why it’s needed or how it might end up being used.
We live in a society where the boundaries of privacy are pushed every day. Educators are increasingly aware of the need to safeguard student data privacy, but what about protecting our own? Given that Congress recently repealed the online privacy rules designed to limit the ability of Internet service providers (ISPs) to share or sell various kinds of customer data as well as the requirement that ISPs notify customers when a data breach takes place, responsibility for protecting personal data now appears to lie squarely with individual consumers. What can we do to protect our own private information?
Passive vs. Active Data Collection
There are two general methods used to glean data from individuals. The first is called passive data collection. Passive data collection may involve use of slick online tools that collect and record data without an individual’s knowledge, but it can also be as simple as a customer service representative or data entry clerk entering information gathered during a phone call or office visit into some type of customer data base. As a result, it’s the rare person who has no online presence these days.
Here are a couple of examples of passive data collection. Do you make online purchases? Virtual shoppers seldom realize that they are leaving a trail of data in their wake as they browse for a new dining room set or an article of clothing. Using cookies or other sophisticated programming strategies enables merchants to compile a wealth of information about individual shoppers based on which items are reviewed, how much time is spent looking at each item, how the site is navigated, etc. In turn, this information is shared with other online platforms people frequently visit. This is what makes it possible to go from virtual window shopping to Facebook only to discover a personal newsfeed is now filled with ads featuring the very same items reviewed elsewhere just a few minutes earlier. Even individuals who don’t own Internet-connected devices don’t get off scot-free because personal information about them is being stored online by someone else—medical records, school records, and virtually all public records for example. Hopefully medical and school records aren’t publicly available, but if they are online, they are vulnerable. In addition, online aggregators pull public records from a myriad of resources to create readily accessible individual profiles that include very personal information. Check out Intelius for a taste of what I’m referring to.
Active data collection requires a little more cooperation on the part of an individual. This type of data collection happens when someone completes a registration form to download a white paper or responds to a survey from an airline or hotel about a recent trip. Unfortunately, most people don’t realize that by filling out a product review or questionnaire they are providing valuable marketing data to whoever requested the information and whoever they may opt to sell the information to. For example, have you ever logged into a site like Amazon.com or Netflix and seen recommendations for products or movies you might enjoy based on previous searches and purchases or rentals? These data are used to build a personal profile for you and may be shared across platforms to aggregate information you’ve provided in various locations. Much of these data are easily manipulated by changing the information in the Preferences area of an account. Try it! And speaking of profiles, every social media platform and most online stores ask users to complete lengthy profiles under the guise of making it easier for other like-minded users to find you. That may be the case, but it’s also true that the more complete the profile, the more marketable your information becomes.
What Can You Do?
There are various steps you can take to help protect your privacy. For instance, avoid leaving an easy-to-follow online data trail by using private browser windows or learn how to block cookies and location data. Natasha Stokes offers tips on how to browse anonymously. Her suggestions range from employing a web browser’s incognito feature (easy to do and most browsers offer this capability in Privacy) to using something called a VPN or virtual private network which is more complicated and usually requires a subscription fee.
Another way you can protect personal data is to visit one or more data aggregators to read what’s been recorded there about you. These website collect public information about individuals, pulling it all together to create personal profiles. Some are quite extensive and invasive, but there are nearly always ways to have the information removed. Visit pipl, intelius, and spokeo as a start. Some of these sites will remove your data on request. Others direct you to do to the data source. For instance, I was surprised to see that my LinkedIn profile is a source of a great deal of the data showing up in these aggregated summaries.
Think about the data requested when any type of purchase is made. Ask why a company needs your zip code or birth date before providing that information. The day after I gave the jeweler my phone number for the work order, I received a sales call from them, but also learned they failed to call about another repair that will need to be made soon and which could have been done at the same time, had I been notified! Decide if a warranty registration or chance to win a raffle merits handing over personal data. Pass on responding to surveys or requests for product reviews, no matter how persistent the merchant may be. Maximize privacy settings on social media accounts.
The Circle, a 2013 book written by Dave Eggers and now a movie starring Tom Hanks and Emma Watson, is a dystopian tale about technology, transparency, and privacy in a society where “secrets are lies” and “privacy is theft.” In this narrative, the fight between good and evil boils down to whether or not there is a need for privacy in the digital age. I’m not suggesting that readers should back away from using the Internet, but it’s time for everyone to think about what data are being collected, how, and why. Only then will individuals be in a position to start taking back control of their personal information.