Announcing The 2016 Security Trifecta Winners
Health App Developer Settles With FTC For Deceptive Marketing Claims

Big Data Brokers: Failing With Privacy

You may not know that hedge funds, in both the United Kingdom and in the United States, buy and sell a variety of information from data brokers: mobile app purchases, credit card purchases, posts at social networking sites, and lots more. You can bet that a lot of that mobile information includes geo-location data. The problem: consumers' privacy isn't protected consistently.

The industry claims the information sold is anonymous (e.g., doesn't identify specific persons), but researchers have it easy to de-anonymize the information. The Financial Times reported:

"The “alternative data” industry, which sells information such as app downloads and credit card purchases to investment groups, is failing to adequately erase personal details before sharing the material... big data is seen as an increasingly attractive source of information for asset managers seeking a vital investment edge, with data providers selling everything from social media chatter and emailed receipts to federal lobbying data and even satellite images from space..."

One part of the privacy problem:

“The vendors claim to strip out all the personal information, but we occasionally find phone numbers, zip codes and so on,” said Matthew Granade, chief market intelligence officer at Steven Cohen’s Point72. “It’s a big enough deal that we have a couple of full-time tech people wash the data ourselves.” The head of another major hedge fund said that even when personal information had been scrubbed from a data set, it was far too easy to restore..."

A second part of the privacy problem:

“... there is no overarching US privacy law to protect consumers, with standards set individually by different states, industries and even companies, according to Albert Gidari, director of privacy at the Stanford Center for Internet and Society..."

The third part of the privacy problem: consumers are too willing to trade personal information for convenience.


Feed You can follow this conversation by subscribing to the comment feed for this post.

Chanson de Roland

As the Editor points out, supra, our personal information identifies us personally because the data brokers fail--I believe intentionally fail--to expunge all personally identifying information. But even when all personally identifying information is expunged, researchers at Carnegie Mellon University, MIT, et al. have discovered and shown that, with a large enough sample of data across websites and from our devices, those with sufficient and readily available skills in stats and psychology and marketing can practically identify us and do so. And everyone, in the industry of collecting and trading on our personal information, from data brokers to Google and Facebook and their ilk, know it. So the claims in privacy policies that so-and-so will anonymize our personal information so that we can’t be identified is fraud, and whoever or whatever so-and-so makes that claim is lying.

The only way to truly keep our personal information private is to use a statistical technique known as Differential Privacy. See Engadget: Apple's use of 'differential privacy' is necessary but not new at Differential Privacy, when properly implemented, prevents any personal identification of a person from his personal data. Differential Privacy isn't new, and, as mathematical technique, it can't be patented and, thus, is available for anyone to use. Google, Facebook, data brokers, anyone can use it, but only Apple is implementing it in its operating systems and other services.

Why is that? The reason is that Google, Facebook, data brokers, and their ilk want and intend for our personal information to be personally identifiable, because that is what makes our personal information most valuable. It is one thing and of value to know that MBA's from the Booth School of Business will be in the market for a million dollar home ten years after graduation, but it tremendously more valuable to know that Fred Smith, an MBA from Booth, is in the market for a million dollar home now. And so it is for everything and everyone, which is why no one, other than Apple, is implementing Differential Privacy so that personal information is truly anonymized, so that it can't be used to personally identify us. It is that simple: It is greed triumphing over any respect for customers/users' privacy. Of the group of damn scoundrels, consisting of Facebook, Google, data brokers, and their ilk, only Apple has the morality to say that respect for our customers' privacy place a limit on how far we may go to maximize our profit.

So the lie about anonymizing our personal information is all about greed, the sickness of rapacity. That only Apple is implementing Differential Privacy proves that point beyond peradventure.

The comments to this entry are closed.