It should be no surprise to find out this week that Facebook didn't do a great job protecting user data ... again. But what was more interesting is the piece in the New York Times about our "secret scores."
The author, Kashmir Hill, got her hands on her profile from a company called Sift. In that profile was a trove of personal information that one would not expect to be available to an unknown third-party: Every message she'd sent to Airbnb hosts, years of Yelp delivery orders – all with IP addresses attached.
It's relatively shocking to see, but perhaps not that surprising. While we're clicking on headlines with the big tech companies in the title, we're not talking about all the third-party companies that have even more data about us on file. Sift's profile is likely not the only one of you on the internet, and maybe not even the most detailed.
Antonio Garcia Martinez, former early Facebook employee and author of Chaos Monkeys, said it best in a recent interview:
It's odd that companies like Facebook and Google get so much scrutiny, when in many cases they’re the most aboveboard when it comes to that, because they have the most to lose. Also they have a direct relationship with the user.
In my opinion, this sketchiest people in the ad tech world are companies you've never heard of ... companies like Axiom, companies like Experian that can’t to go six months without a data leak. Companies that sell your geo data from your phone that gets recycled and sold and resold without your knowing it. Carriers like Comcast that sell a lot of your browsing history and your geo data. That's what I find the sketchiest stuff.
- Antonio Garcia Martinez, author of Chaos Monkeys, speaking on the Software Engineering Daily podcast
Facebook and Google have already shifted more into the privacy realm than many of us thought they ever would. Which, granted, is still not much. But in the meantime, many companies just went searching for darker corners and found new ways to avoid detection.
So ... These Shady Companies Are the Enemy, Right?
There is a vast enforcement and regulation story that is yet to play out regarding these types of companies, perhaps on the scale of the 2008 mortgage scandal. And like the aftermath of that scandal, when we do crack down on amoral data brokers, we could very well have not addressed the underlying causes of the corruption.
The idea that this treatment of our data is anomalous, and that we just need to find and punish the bad actors, is a wasteful distraction. Facebook, Google, Microsoft, and even Sift, are all acting rationally within the system in which they operate.
From the perspective of our laws and economy, it would actually be more "evil" of them to sacrifice profits and shareholder value for some ill-defined moral principles. By the rules of the game, they should not be able to be shamed into shifting business practices.
Thinking in terms of enemies, vilifying corporate entities, mustering outrage over every data leak – it's counterproductive. All our efforts should be put towards making it profitable to align with people's values. More profitable than manipulating them to the whims of some other agenda.
Building a Better Machine
The leverage of the internet is that we can build new products and businesses quickly and cheaply. While laws and public relations slowly steer the current market towards something slightly better, we can build a new market alongside it that's built for the future.
A future where people voluntarily share their data with companies that compensate them for it, and for causes they believe in. Where an individual doesn't need a Computer Science degree to retain control of their data. We don't need blockchain or a GDPR for the US to do it, we can just build and pay for services that profit when we do.
I myself am still finding the best actions to take on this front. I use a paid VPN whose business is based on keeping customers happy and protecting their privacy. This keeps some browsing history out of Comcast's hands so they can't sell it.
I self-host a private chat server where I pay for hosting, instead of using a free chat service that needs to monetize my use of it in some other way. I self-host this blog instead of giving free value to sites like Wordpress.com or Medium. It's a start.
Stop using tools because they are free and easy. Put some effort and money into sourcing your software like you would your food, and the system will get better. If you'd like some help on this front, email me at my first name at this domain.