Battle of the behemoths: Facebook ad network takes on Google
What pays the freight on the Internet is advertising. Why web ads are so valuable is targeting. The more the advertisers know about you, the more precisely they can target you with their ads.
Google has made its fortune on data collected via cookies. People know how to block and delete cookies, although Google is adept at creating dossiers that retain the information the cookies collect -- not to mention the private data you give up when you use Gmail and other Google services.
Now Facebook is selling to advertisers select information from your profile to help the ad networks target you. Readwrite's Helen A.S. Popkin writes in a September 29, 2014, article that Facebook's Atlas ad network was acquired from Microsoft in 2013. The "basic" Facebook information Atlas will offer includes age range, gender, email addresses, and phone numbers associated with your Facebook account.
One big advantage of Facebook's ad network: it follows you from your desktop to your phone and other mobile devices. The cookies that Google's DoubleClick and other ad networks rely on don't travel from device to device. Also, Facebook's ad network is less likely to deliver malware via ads, at least in theory.
The tracking and targeting done by Facebook's ad network provides us with another reason to restrict the personal information in your Facebook profiles. In a September 23, 2013, article I describe how to secure your Facebook account in six easy steps.
By the way, Sir Iain Lubban, Britain's chief spy, says private data collectors are a greater privacy threat to citizens than government intelligence gatherers. Tom Whitehead and Charles Moore explain in an October 10, 2014, article on The Telegraph.
Shadow profiles: What services learn second-hand about non-users
You're tracked whether or not you use Facebook, Google, and other big web services. The companies can determine private facts about you based solely on what they know about their users who know you.
By analyzing what they know about your friends and family who use the services, the companies can extrapolate with pretty good accuracy facts about you, such as your age, occupation, relationship status, political affiliation, and sexual orientation. Wired's Robert McMillan explains in an October 6, 2014, article.
McMillan interviews a Swiss researcher named David Garcia who studied information the social network Friendster had collected about the contacts of its users. Garcia extrapolates from the Friendster research that a social network the size of Facebook or Google has a tremendous amount of information about the contacts of the services' users, even if the contacts don't use the services themselves.
Garcia states that there's no indication Facebook is maintaining profiles of non-users, but the service does store its users' contacts. Garcia believes, however, that because it is technically possible to create such shadow profiles, legislation is required to prevent companies from collecting their customers' contact lists. (As McMillan points out, many people don't like having their contact information in Facebook's possession, but there's nothing they can do to prevent their information from being uploaded to the service by their contacts.)
I guess Garcia's reasoning is that if it's technically possible, sooner or later, somebody's going to do it. It's difficult to argue against that, but at the same time, Facebook's customers are voluntarily uploading their contact lists. They apparently benefit from having access to their contact information in Facebook and other web services. Do the users appreciate the value of the information they are surrendering to the services? Do they understand the risks to their contacts of the dissemination of the contacts' personal information without their knowledge or consent?
Or did the contacts consent to the distribution tacitly when they volunteered the information in the first place? Then again, Outlook and other email, contact, and calendar programs automatically collect information about correspondents and create contact entries for them. Do you consent to the unfettered distribution of your contact information each time you send an email or text message, fill out a web form, or make a phone call? Apparently, the answer is "yes."
Anonymized personal information? No such thing
Bradley Cooper and Jessica Alba are lousy tippers. That is one conclusion that could be drawn from the un-anonymized information released by the New York City Taxi and Limousine Commission about fares in Manhattan in 2013. Stefan Kulk describes in a September 23, 2014, article on the Interdisciplinary Internet Institute site how researchers were able to determine the people associated with specific fares. The researchers were able to figure out the fares' destinations, some of whom were dropped off at what are euphemistically referred to as gentlemen's clubs.
Researcher Vijay Pandurangan determined the drivers associated with each ride, and Anthony Tockar found images of taxis in Manhattan in 2013 and tied taxi license numbers to celebrities and events. That was how Tockar learned that Cooper traveled to a restaurant in Greenwich Village and paid $10.50 for the fare, with no recorded tip. (I choose to believe the tip was off the record for tax purposes.)
More potentially damaging is the ability to trace the destination of people leaving adult-oriented establishments by taxi, which could reveal their home addresses. (Note that the commission did not release the information voluntarily, but only after being served with a Freedom of Information order.)
Personal data is almost impossible to anonymize, yet it's in the public interest to allow researchers to use aggregate research data. Where does that leave us? With mountains of personal data that could be a boon to researchers (and to us indirectly) but that is also a serious privacy threat.
One more privacy link: Geoff Huston gets pretty technical in describing his five privacy and security objectives in his October 11, 2014, article on the CircleID site, but he covers a lot of ground with relatively few well-chosen words. In the save-you-a-click spirit, Huston says 1) encrypt data everywhere 2) keep the Internet's domain name system trustworthy and reliable 3) protect packets as they're switched through routers 4) encrypt all network transactions 5) enforce security at the network edge (desktops, mobile devices), which is where the network functionality is.
And one more update on locking phones: Security guru Bruce Schneier calls the boos and hoos of government security officials about Apple letting iPhone users lock the data on their devices a bunch of booey and hooey. In an October 6, 2014, post on his Schneier on Security blog, he states, "You can't build a backdoor that only good guys can walk through."
Schneier cites research that found encryption deterred only nine criminal investigations in 2013 and only four investigations in 2012. In each case, the police were able to get the information they sought in another way. Schneier's post links to articles that describe the many alternative sources for collecting the phone's data, and it points out that the FBI recommends that people encrypt the data on their phones.