Beware! You Have Zero Privacy

In the future, everyone will be world famous for 15 minutes – Andy Warhol had predicted back in 1968. The gentleman was wrong, of course. The future is already here. And all of us are now famous. Some people are merely more famous than the rest of us. And none of us has any privacy any more. presents a special report on privacy, or rather, the lack of it. Find out how you are affected.

Who Am I?

Click on 'See your Info' in Rapleaf and see for yourself how marketers see you. For example, according to Rapleaf, yours truly is a female, aged between 25-34, staying in San Francisco, interested in blogging, news, current events and technology, has completed college, lives in a rented accommodation where she has been living for the last three years (estimated), is a likely smartphone user and has a influencer score of 91-100 (Read more about Influencer Scores here. The short version is something like the Klout score; it is a footnote on how active you are via social media and the rate at which you have been winning friends and can influence people.

What shows up on the screen is not the whole truth or the entire extent of available information that the company may have on you. Rapleaf warns that it may also combine all the data with other information they may have, from time to time. We just don't get to see the additional information on-screen because its partners have not given them the right to share it with us. Yes, we all get the irony. The company that sells our information does not have the 'rights' to share 'our' information with us. Ironic or not, it is all very legal and guess what, we have ourselves to blame for the information out there (but we will get to that in a minute and now that we have fixed the blame, it still does not fix the problematic lack of privacy).

But how does the company get so much information? Some of it comes from aggregating public information (both online and offline); part of it comes from its proprietary technology (which, like a search engine, looks for public information about people across social media sites). It also combs through information from public records, surveys and census data. But that's alright – Rapleaf is not a company that sells user data. It is a San Francisco-based start-up (with all the glitz and glamour of a Bay Area start-up) with a vision that seems altruistic, ambitious and very warm fuzzy. "We want every person to have a meaningful, personalized experience – whether online or offline," announces the company website. Of course, selling our data to companies is for our own good – so that we can have meaningful, personalized experiences.

In all fairness, Rapleaf does let the user opt out from its database. Besides, it is not the only company that sells audience data. There are others like LOTAME, Datonics, Bluekai, Magnetic and TARGUSinfo. There are also exchange services like Clearspring and Exelate that bring together advertisers, media companies and database sellers.

Who Is Tracking You?

Database vendors are not the only ones tracking us. It turns out that everybody is. According to a Wall Street Journal series on privacy, within a few seconds of visiting a site like eBay or Expedia, information about the surfer's activity is likely to be auctioned off. The report also mentions Merriam-Webster, the popular online dictionary, where tracking is extended to scanning the page a user is viewing and targeting ads based on that. It is also found that, Microsoft's consumer portal, planted a tracking file that had "a prediction of a surfer's age, ZIP Code and gender, plus a code containing estimates of income, marital status, presence of children and home ownership, according to the tracking company that created the file, Targus Information Corp."

Let us look at a typical Facebook application (FarmVille). We give it permission to access our basic information, which includes our name, profile picture, gender, networks, user ID, list of friends and any other information we may have shared with everyone. Some of the apps may also access our friends' data through us. And beware! We don't need to be online for them to track us. In fact, Facebook's privacy control is too complicated and it actually comes with a user manual.

It is elementary, Watson, that Google will be tracking us. It is precisely by doing that and doing that really, really well, that the company has raked in all its billions. Google has five privacy principles that describe how the company approaches privacy and user information across its products. What information does Google collect? Its privacy policy outlines the details and there are several of those.  The privacy policy of Google+, for example, is one of the 37 different privacy policies that Google has. In fact, Google and Facebook are just two instances where we give permission explicitly. Almost every time we sign up for anything or register for anything or buy anything online, we are also giving permission to the company and its partners to track us or send us marketing communications at the very least.

Discrete silos of information, scattered across the Web, may not make us personally identifiable. But if we look at the privacy policies of each one of the companies we have just talked about, we will find an alarming trend. Increasingly, the information is getting aggregated. And once we bring all the pieces together and throw in some smart quant and add in a bit of fuzzy logic, well, the data granularity will be extremely fine and fairly precise and accurate! In other words, advertisement and marketing communications can be customised at the singular entity or user level. They know it's you and what you do and what you may buy and how much you will pay for it.

While all this may not seem like a very big deal (who cares if advertisers know that you like Shah Rukh Khan movies or stick to a particular brand of green tea), in reality, this may have far-reaching consequences. Think about your insurance company offering you a different pricing because it knows you have been googling a disease that can be expensive to manage. What if the repository of data falls into the wrong hands? What if the information is used for policing and persecution of individuals by nations and governments or government agencies?

If you think we are getting into fairly surreal territory here, wait till we tell you about facial recognition.

Is That Your Picture?

It is possible to identify strangers and gain their personal information, perhaps even their social security numbers, by using face recognition software and social media profiles, according to a new study by Carnegie Mellon University's Alessandro Acquisti and his research team. That is exactly what Facebook does "the identifying the strangers bit, at least. It uses facial recognition technology to suggest tags for photos, in a bid to make photo tagging easier.

Google is also believed to be working on a similar technology. It has picked up a facial recognition outfit called PittPatt or Pittsburgh Pattern Recognition, which began as a Carnegie Mellon University Robotics Institute endeavour. "At Google, computer vision technology is already at the core of many existing products (such as Image Search, YouTube, Picasa, and Goggles); so it's a natural fit to join Google and bring the benefits of our research and technology to a wider audience. We will continue to tap the potential of computer vision in applications that range from simple photo organization to complex video and mobile applications", the company website states.

All Is Well?

It was Scott McNealy who had first uttered the words out loud. "You have zero privacy anyway," the then CEO of Sun Microsystems, had (in)famously told a media gathering way back in 1999. "Get over it," he added. Apparently, we have gotten over it, if Facebook's young CEO Mark Zuckerberg is to be believed. People no longer have an expectation of privacy, he says.

Now, let us all get back to our glasshouses and wait for those personalised ads to be thrown...