By Christopher Mims
Recent controversy over Facebook Inc.'s hunger for personal data
has surfaced the notion that the online advertising industry could
be hazardous to our privacy and well-being.
As justifiable as the focus on Facebook has been, though, it
isn't the full picture. If the concern is that companies may be
collecting some personal data without our knowledge or explicit
consent, Alphabet Inc.'s Google is a far bigger threat by many
measures: the volume of information it gathers, the reach of its
tracking and the time people spend on its sites and apps.
New regulations, particularly in Europe, are driving Google and
others to disclose more and seek more permissions from users. And
given the choice, many people might even be fine with the trade-off
of personal data for services. Still, to date few of us realize the
extent to which our data is being collected and used.
"There is a systemic problem and it's not limited to Facebook,"
says Arvind Narayanan, a computer scientist and assistant professor
at Princeton University. The larger problem, he argues, is that the
very business model of these companies is geared to privacy
violation. We need to understand Google's role in this.
How Google harvests data
Lawmakers and others have asked Facebook about " shadow
profiles" -- data the company gathers on people without Facebook
accounts. The company doesn't use the term but does track
non-users.
It's likely that Google has shadow profiles on as at least as
many people as Facebook does, says Chandler Givens, CEO of
TrackOff, which develops software to fight identity theft.
Google allows everyone, whether they have a Google account or
not, to opt out of its ad targeting, though, like Facebook, it
continues to gather your data.
Google Analytics is far and away the web's most dominant
analytics platform. Used on the sites of about half of the biggest
companies in the U.S., it has a total reach of 30 million to 50
million sites. Google Analytics tracks you whether or not you are
logged in.
Meanwhile, the billion-plus people who have Google accounts are
tracked in even more ways. In 2016, Google changed its terms of
service, allowing it to merge its massive trove of tracking and
advertising data with the personally identifiable information from
our Google accounts.
Google uses, among other things, our browsing and search
history, apps we've installed, demographics like age and gender
and, from its own analytics and other sources, where we've shopped
in the real world. Google says it doesn't use information from "
sensitive categories" such as race, religion, sexual orientation or
health. Because it relies on cross-device tracking, it can spot
logged-in users no matter which device they're on.
This is why Google and Facebook are dominant in online
advertising. By pouring huge amounts of our personal data into the
latest artificial-intelligence tech, they can determine who -- and
where -- we really are, whether or not we reveal ourselves
voluntarily.
Google fuels even more data harvesting through its dominant ad
marketplaces. There are up to 4,000 data brokers in the U.S., and
collectively they know everything about us we might otherwise
prefer they didn't -- whether we're pregnant, divorced or trying to
lose weight. Google works with some of these brokers directly but
the company says it vets them to prevent targeting based on
sensitive information.
While data brokers can sell this information to insurers,
employers and anyone else who might be interested, many of their
customers are marketers who need another component: Google's AI,
which delivers "look-alike" audiences -- people similar to the ones
found in the brokers' data.
How Android funnels data
Google also is the biggest enabler of data harvesting, through
the world's two billion active Android mobile devices.
Since Google's Android OS helps companies gather data on us,
then Google is also partly to blame when huge troves of that data
are later used improperly, says Woodrow Hartzog, a professor of law
and computer science at Northeastern University.
A good example of this is the way Facebook has continuously
harvested Android users' call and text history. Facebook never got
this level of access from Apple's iPhone, whose operating system is
designed to permit less under-the-hood data collection. Android OS
often allows apps to request rich data from users without
accompanying warnings about how the data might be used.
To be listed in Google's Android app store, developers must
agree to request only the information they need. But that doesn't
stop them from using "needed" data for additional purposes.
Designers call the ways marketers and developers cajole and
mislead us into giving up our data " dark patterns," tactics that
exploit flaws and limits in our cognition.
Google bans what it calls deceptive requests for user data, such
as obscuring opt-out buttons. At issue is whether Google goes far
enough. But Google itself uses what are arguably dark patterns to
get people to switch to its own apps for things like email and web
browsing.
Android users of the Gmail app will be asked to enable access to
the device's camera and microphone again and again until they say
yes. Similarly, on Android, Google Maps asks users to turn on
location services -- justifiable, sure, but this enables
geo-targeted ads.
All of this is ostensibly done with your permission. But it's
hard to understand how even an expert could give meaningful
informed consent to the average request for data, says Dr.
Narayanan.
New EU privacy rules are forcing companies to make
comprehensible to mere mortals what data they gather and how they
use it. But in many cases, Google is pushing responsibility for
obtaining data-gathering permissions to advertisers.
Will Google take responsibility?
It's not as if Google is unaware of the issues inherent in its
business model. The company opposes the California Consumer Privacy
Act, a November ballot measure, on the grounds that it is vague and
unworkable. It would grant consumers three basic protections: "the
right to tell a business not to share or sell your personal
information, the right to know where and to whom your data is being
sold or shared, and the right to know that your service providers
are protecting your information." Even Facebook dropped its
opposition to this act.
The solution may be simple: build better tools to give us a
clear understanding of what we're opting into. If given clear
choices, many people might be fine with their data being collected.
But it's just as likely they would refuse, in ways that could
affect Google's bottom line.
Write to Christopher Mims at christopher.mims@wsj.com
(END) Dow Jones Newswires
April 22, 2018 08:14 ET (12:14 GMT)
Copyright (c) 2018 Dow Jones & Company, Inc.
Meta Platforms (NASDAQ:META)
Historical Stock Chart
From Mar 2024 to Apr 2024
Meta Platforms (NASDAQ:META)
Historical Stock Chart
From Apr 2023 to Apr 2024