It’s no secret that your internet activity is being tracked. From the sites that you visit, the apps that you use, as well as your location. Websites and tech companies have a lot of data about their users and people who visit their website. Some of the data users willingly provide and other data is captured through web technologies such as tracking scripts and cookies. A lot of websites show you a message somewhere on their site that says that they are using cookies to “Enhance your browsing experience”, but how does that tie in with capturing user data?

What is a Cookie?

According to the Merriam-Webster Online Dictionary, a cookie is “a small file or part of a file stored on a World Wide Web user’s computer, created and subsequently read by a website server, and containing personal information “[1]. The definition provided by Merriam-Webster is a good starting point. So far, we have established that a cookie is a file that is stored on a user’s computer but let’s also extend this definition to include devices which browse the internet such as a mobile phones and tablets.

Legislative Response to Cookies

In 2011, the EU issued a directive which gives individuals the right to refuse the use of cookies by a website apart from cookies which are:

  • Used for the sole purpose of carrying out the transmission of a communication.
  • Strictly necessary in order for the provider of an information society service explicitly required by the user to provide that service.

More information on the EU’s cookie directive may be found here [2]

Following that directive, websites are required to ask users for consent before storing cookies on their devices. For some websites that manifested as showing a somewhat cryptic message which does not really provide much useful information, just that the website is storing cookies and providing a link for more information on what the cookies are being used for. Some sites do allow users to modify their cookie settings but in any case, you are not blocked from browsing the site until you agree to the use of cookies. And by the time the notice is shown the damage is already done, a cookie has been stored on your device and your browsing activity has already been logged.

How are Cookies Used?

With that being said, let’s look a little deeper at what a cookie is and what it can be used for. When you browse to a site, chances are that it will create at least one cookie on your device. Cookies created by the site that you are currently on are called “First Party Cookies” but navigating to a website may also create “Third party cookies” or “Advertising cookies” which are not owned by the website you are currently on.

Cookies can only be read by sites from the same origin as the cookie (such as Twitter.com, Facebook.com and apis.Google.com). This means that a cookie created by IThappens.nu cannot be read by Twitter.com. However, third party and advertising cookies introduced a twist. Even though the cookies may not be created by the site that you are currently on, they can be used to track your browsing activity, effectively aggregating your browsing interests. When a site uses an advertising service to display ads, it is information collected by third party cookies with aggregated user data which is used to select the best ad to show to a user. Cookies like these may result in you seeing advertisements for restaurants in Greece after you’ve visited a few blogs about the best things to do while in Greece.

How User Data drives the Web

In a web 2.0 environment where digital advertising drives revenue for businesses, user data is an invaluable commodity. It helps target ads, personalize ads and experiment with what works and what doesn’t work in various demographics. Investopedia reported “The bulk of Google’s $75 billion revenue in 2015 came from its proprietary advertising service, Google AdWords. Of that revenue, over 77% – or just over $52 billion – came from Google’s own websites.” [3]. In addition to cookies which can track browsing activity, Google has the benefit of being fed user data through their search engine, Google Apps as well as Android.

Other Uses of User Data

Using user data to target ads is one part of a complicated equation and brings up questions such as whether or not users should be compensated for providing their data, which brings companies billions of dollars in revenue. But we also need to ask, how useful is user data in areas other than selling products to users. Facebook has a “People You May Know” feature which suggests new friends to their users. According to Facebook’s Help Center [4] these suggestions come from, using Facebook’s words, “things like”:

  • having friends in common or mutual friends. This is the most common reason for suggestions
  • being in the same Facebook group or being tagged in the same photo
  • your networks (example: your school, university or work)
  • contacts you’ve uploaded

The results of which can be very interesting. An article posted on Gizmodo by Kashmir Hill [5] reported that the feature connected a user with a part of her family that she had never met or interacted with. Even though the list of suggested friends by Facebook can be disturbing in how it makes connections with even passive acquaintances, looking through Facebook’s Data Policy [6] may be even more disturbing. The data policy shows an exhaustive list of the kinds of information that Facebook collects on users, how the data is used and who data may be shared with. Information collected ranges from; user information necessary to create a profile, to device information such as the location provided by your device when using a Facebook service. If you choose to download your Facebook data, 70 categories of information are “made available to you” [7], including facial recognition data. Which raises two questions, what other data isn’t available to me and what is this data being used for?

Conclusion

Further advances in how we use our devices with a shift towards voice driven interactions just adds another point for data collection. Consider that in order for your digital assistant to respond instantly whenever you say “OK Google” or a similar command, your device has to always be listening to and processing what you are saying.

The point of this article is not to bash Facebook’s data policies, but to highlight how much user data internet companies have. For instance, VK.com’s privacy policy is equally exhaustive to Facebook’s in the amount of data it collects but only states that the data is collected “in order to fulfill the Site Administration’s obligations to the Users regarding use of the Site and its services “[8].

In researching privacy policies for some of the tech companies which I interact with frequently I took a look at my Google Activity. It catalogued; websites I visited, apps I had opened, voice commands I had given my phone (audio as well as a transcript of my command), places I had visited, how long it took to get there and my mode of transport. In some ways, it felt like a violation of my privacy. But I had willingly provided this information by using my phone and browsing the internet. And in return, my phone feels like my phone. It makes useful suggestions, seems to be able to finish my sentences and information that I am interested in does not seem to be too far away.

At the end of the day, I’m left wondering:

  1. Is this a fair exchange of my user data?
  2. What exactly does Google, Facebook and other tech companies know about me?
  3. How do companies use my data?
  4. And most importantly, how much information am I willing to give up?

 

[1] (2017). In Merriam-Webster.com. Retrieved October 16, 2017, from https://www.merriam-webster.com/dictionary/cookie
[2] European Union. (n.d.). Cookies. Retrieved October 19, 2017, from http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm
[3] Rosenberg, E. (2016, August 5). The Business of Google (GOOG). Retrieved from http://www.investopedia.com/articles/investing/020515/business-google.asp#ixzz4vwodqGBr
[4] Facebook (2017). Finding Friends and People You May Know. Retrieved from https://www.facebook.com/help/www/336320879782850
[5] Hill, K. (2017, August 8) Facebook Figured Out My Family Secrets, And Won’t Tell Me How. Retrieved from https://gizmodo.com/facebook-figured-out-my-family-secrets-and-it-wont-tel-1797696163
[6] Facebook (2017). Data Policy. Date of Last Revision: September 29, 2016. Retrieved from https://www.facebook.com/full_data_use_policy
[7] (2017). Accessing Your Facebook Data. Retrieved from https://www.facebook.com/help/405183566203254
[8] VK (2017). VK.com Privacy Policy. Retrieved from https://vk.com/privacy

Artikel door Mumba Sambo