Online Data Present A Privacy Minefield
First in a four-part series
Is privacy still possible? For a lot of people, the answer is no, as companies collect personal data in ever-increasing volumes.
Take a site like NextMark.com.
It's a sort of "Google" for mailing lists, where more than 1,400 data vendors offer lists of names — hundreds of thousands of names at a time — all sliced and diced and searchable. If you're looking for a list of people with heart disease, you can find it here. Heart disease plus Hispanic plus over 50? Also available.
This type of data has been for sale for a long time; even some public radio stations sell lists of their donors through the site.
What's changed is the speed with which information flows into databases like these. It used to come from sources such as magazine subscriptions and warranty cards. Now it's flowing from online sources — thousands of them — everything from gambling Web sites to dating services.
Data As Commodities
NextMark CEO Joe Pych says this information comes from us.
"I guess pretty much anyplace you put your name, address, phone number, e-mail address — those are all potential sources of mailing lists," Pych says.
Even medical data. Federal law prohibits doctors and hospitals from selling health records, but if people voluntarily answer questions on an online health survey, that information is fair game.
The law doesn't restrict what kind of information companies may ask for, and the data industry says more regulations aren't necessary. Industry officials say reputable companies are careful with the information. Companies going through NextMark will "rent" their data through trusted third parties to prevent uncontrolled copying of their lists.
Pych says people should remember that there are advantages to letting companies know more about consumers.
"I think when it's done right, just as with a good friend, sharing personal information makes for a much more relevant, meaningful relationship," Pych says. "Without that, you're just a number."
A Constant Exchange
People exchange personal information for convenience, discounts and other benefits.
"Those exchanges happen daily. Constantly," says Alessandro Acquisti, an economist at Carnegie Mellon University. He says personal information is almost a kind of currency — something people spend.
But there's a problem, he says.
"We don't have infinite cognitive power, processing power, to consider all the options. And we take shortcuts," Acquisti says.
Acquisti studies privacy through the lens of behavioral economics. He's interested in how people "spend" their personal information when they don't really know where it's going. He wants to uncover the mental shortcuts people use to judge how and when to disclose their data.
One influence, he says, is Web page design.
"People admit more sensitive, embarrassing and even illegal behaviors to a Web site that's been designed to look kind of cheesy," Acquisti says. Together with his colleagues at CMU, Leslie John and George Loewenstein, he's done experiments in which subjects were more willing to disclose potentially embarrassing information — such as whether they'd cheated on a girlfriend — to Web sites that looked informal and "fun."
Formal Web sites had the opposite effect. Acquisti theorizes that when Web sites prominently display privacy policies and make other mentions of security measures, it may actually cause people to hesitate and consider whether the questions they're being asked are sensitive..
Still, there are also plenty of people who do more than just rely on their gut instincts. They read the privacy policies and the fine print, and try to control who gets their information.
But Chris Hoofnagle says that may be futile. As the head of the privacy programs at the University of California, Berkeley School of Law, he's been tracking the information economy for some time, and he says it's getting harder to make informed decisions.
"As there's been growing awareness of how commercial data brokers operate, they've become more secretive," Hoofnagle says. He says big data brokers are telling the public less about the provenance of their data — where they're getting their information — and he's been tracking this change by saving screenshots of those companies' Web sites.
Data Companies Go Private
As an example, Hoofnagle pulls up screenshots of a big database called Batch Trace, now owned by LexisNexis. As recently as 2002, he says, the site listed the kinds of business that supplied it with data, such as call centers and pizza delivery companies.
"As time goes on, this gets thinner and thinner," Hoofnagle says. "By 2006, the provenance is gone."
A representative for LexisNexis, Nick Ludlum, says the company changed its provenance information for marketing reasons.
Hoofnagle says another reason may be politics.
"If consumers knew the extent to which this data was being collected and repackaged, there would be riots in streets," Hoofnagle says.
That may be something of an overstatement, since privacy researchers and activists are the ones who mostly miss this kind of provenance information.
But it's also true that privacy laws in the U.S. tend to be driven by scandals.
For instance, Americans' video rental records enjoy unusually strict federal privacy protection because of the controversy that erupted in the late 1980s, when a journalist published the video rental records of Supreme Court nominee Robert Bork.
U.S. data companies are relatively unregulated, especially in comparison with their counterparts in Europe.
So now, as they extend their reach to new sources of information, such as social networks and even blogs, it makes sense to keep those new sources of data out of public view.
9(MDAyNzUwMDI2MDEyNTA3MTU5NzcyNTQyNA004))
ROBERT SIEGEL, host:
This is ALL THINGS CONSIDERED from NPR News. I'm Robert Siegel.
MELISSA BLOCK, host:
And I'm Melissa Block.
Today, we're starting a series of stories about privacy, or as we're calling the series, The End of Privacy.
NPR's Martin Kaste is here with us at NPR West. Martin, that title is your idea. You're calling it The End of Privacy. So, the message there: Forget about privacy, it's over.
MARTIN KASTE: Well, it's not necessarily what I'm saying, but what struck me over the last couple of years as I've done stories about privacy is how many people say this to me. They say they've given up. The technologies have become too fast, they're too good at collecting data. And in some ways I'm hearing a lot of people say that they've sort of succumbed to what I'm calling privacy fatalism.
BLOCK: Privacy fatalism sounds like a pretty gloomy future to me.
KASTE: Well, it's what we're going to try to look at in this series to see if that fatalism is justified. And I think a good place for us to start today is just looking at what kind of information is really out there. So, for instance, you've got a computer in front of you here in the studio.
BLOCK: Yeah.
KASTE: Take a look at this Web site, type in Nextmark.com.
(Soundbite of typing)
BLOCK: Nextmark.com.
KASTE: And when you look there, you'll see that it's a searchable site. It's sort of the Google of mailing lists. Put in a search term. Let's say something medical, because that's what people care about - bladder perhaps.
BLOCK: Bladder, okay.
KASTE: That might lead to...
BLOCK: Searching all mailing lists for bladder, coming up with bladder leakage database, bladder sufferers, all kinds of...
KASTE: Now, these are not just statistics. These are lists of people's names, their addresses, their phone number sometimes tied in with their medical conditions. Sometimes medical conditions that I would assume they would not want necessarily for sale, yet here they are for sale. This has always happened in the past, of course. There's always been ways for marketers to get information about, say, our medical conditions from warranty cards for things we fill out or magazine subscriptions. But all of that is accelerating and what we have now is sort of a switch from dial up speeds to broadband speeds for the flow of this information into this vast data pool.
BLOCK: We should say, I don't see the names popping up here. I would have to pay money to have that...
KASTE: You'd have to pay money. You can pay - you can buy per thousand and so forth. It's definitely a commodity.
BLOCK: Are there regulations, Martin, on how much information these companies can collect, what kind of information they can gather?
KASTE: Not really. This kind of data is pretty much unregulated in the United States. It's not legal for your doctor or your hospital to sell your medical data, of course. That is prohibited by federal law, but if you voluntarily give up your information, all the law cares about is where the information came from. Now, the industry, of course, is very adamant that it's careful that the reputable firms aren't selling this information to just anybody. Yes, you can look at the Web site and see that it's for sale, but they still want to know more about you before they sell it to you.
I actually called the founder and CEO of Nextmark, the site you were looking at there. His name is Joe Pych. And he said that consumers should also keep in mind that there are some benefits to companies knowing more about us.
Mr. JOE PYCH (CEO, Nextmark): I think when it's done right, just as with a good friend, sharing personal information makes for a much relevant, meaningful relationship and without that, you're really just a number.
KASTE: And this is really the crux of the issue because people do use their personal information to get stuff, to get good relationships with companies, to get coupons, bonuses, that sort of thing. They trade their personal information and they do it to the point where it's actually becoming a subject for economists.
Professor ALESSANDRO ACQUISTI (Economist, Carnegie Mellon University): Those exchanges happen daily, constantly.
KASTE: That's Alessandro Acquisti. He's an Italian economist who specializes in privacy. And the way he sees things, personal information is almost a kind of currency. It's something we spend. But there's a problem.
Prof. ACQUISTI: We don't have infinite cognitive power and processing power to consider all the different options, and we take shortcuts.
KASTE: Acquisti studies these shortcuts that we take. He studies how people make gut decisions about which information to disclose about themselves - for example, online. It turns out that, according to his experiments, we're influenced by Web site design.
Prof. ACQUISTI: People admit more sensitive, even embarrassing or illegal behaviors to a Web site which has been designed to look kind of cheesy.
KASTE: In his experiments he's found that subjects are more likely to admit to, say, cheating on their girlfriend or something, when the questions are on this cheesy, fun-looking Web site. But a more formal-looking Web site asking the same questions gets a lot more caution and a lot more self-censorship.
BLOCK: So, Martin, you're saying that people sometimes will decide whether they want to share their information based on a gut instinct, but you could also be pretty rational about this, I suppose. You could read a company privacy policy and make an informed decision about what you're disclosing.
KASTE: That's very true. And some people make that effort. They read the fine print. But even the experts, the people who are privacy gurus, say that's becoming harder to do because you may see a privacy policy there, but it's pretty much impossible in most situations to know where your data is going if they are sending it anywhere. It's hard to follow it through the system. Chris Hoofnagle is the head of privacy programs at Berkeley Law and he explained some of this to me.
Mr. CHRIS HOOFNAGLE (Privacy Programs, University of California, Berkeley School of Law): As there's been growing awareness of how commercial data brokers operate, they become more secretive.
KASTE: We were talking at a park in San Francisco a few weeks ago. And when we met, Chris immediately opened up his laptop because he wanted to show me something.
Mr. HOOFNAGLE: This is an archive�
KASTE: He's been saving screenshots of the Web sites of the big data companies over time. He's been saving screenshots of what they say about where their data is coming from. The formal term for this is data provenance. As recently as 2002 in his screenshots, there you can see that this particular data company still disclosed some details about the commercial sources of the data. It listed things like call centers or pizza delivery companies that sold information to them. But lately that's changed.
Mr. HOOFNAGLE: As time goes on, this gets thinner and thinner. So, pizza companies falls off the list. And then by 2006, the provenance is gone.
KASTE: Nothing listed for provenance?
Mr. HOOFNAGLE: They basically say things like the process includes proprietary files. That essentially means it's sources that they've gathered, but they won't tell you what the sources are.
KASTE: Now, it should be noted that data brokers have good business reasons to keep their sources secret. They may be trade secrets or something the other guy hasn't discovered. But Hoofnagle also believes that there is some political motivation behind this.
Mr. HOOFNAGLE: If consumers knew the extent to which this information was being collected and repackaged, there would be riots in the streets.
BLOCK: Riots in the street, Martin.
KASTE: Yeah, it's a bit of an overstatement and, you know, he cares deeply about these things. But there is some truth to the fact that American privacy laws have traditionally been driven by scandals. That's why, for example, we have federal protections for our video rental records just because there was a dus-up in the '80s because someone published the lineup for Judge Robert Bork's personal movie nights.
BLOCK: Oh, right.
KASTE: So, that's why we have that protection. It's always about a scandal. And now as data companies are beginning to extend their reach into interesting new areas, like social networks, it's probably a smart thing to keep some of those new sources below the radar.
BLOCK: You're talking about social networks like Facebook, for example. How valuable would that kind of data be?
KASTE: Well, you remember how Alessandro Acquisti was talking about the cheese factor?
BLOCK: Yeah.
KASTE: Well, the fact is that people are less inhibited about themselves on informal Web sites and that's true on social sites especially. And data companies now know that. They want that information that you're sharing so freely about yourself on social sites. And that's what tomorrow's story is all about.
BLOCK: Okay, NPR's Martin Kaste, thanks so much.
KASTE: My pleasure. Transcript provided by NPR, Copyright National Public Radio.
