You probably have first-hand experience with the following scenario – Someone tells you about a product that they just bought for their home gym. They tell you how great it is, and you pull out your phone to check out the company website. Later that evening, you’re doing some internet browsing and notice ads for that very same product popping up on every page you visit. This is a brief, seemingly benign example of the greater privacy problem that every internet user faces.
As the last sentence implies, internet privacy is an expansive and complex topic that could fill an entire book with its contents (There are plenty to choose from if you’re interested). This blog post is only intended to touch on a few aspects of internet privacy.
Your Data
There’s a common misconception that I’ve heard before that goes a bit like this – “If I don’t have social media accounts, my information will be safe.” While social media companies are some of the biggest offenders regarding information gathered on you, they are not the only way for your information to get out for others to consume. Dating sites/apps, health apps, travel sites, and many others store information relating to you. Some of the information can be mundane, like your email address and age, while others can be more invasive like your home address, mobile number, interests, your contacts, etc.
Collection and subsequent use of this data by the sites and apps that you’re registered with largely depends upon the company, but a lot of them will use it for targeted advertising. The problem is that these sites and apps aren’t the only ones wanting your data. Enter Data Brokers (and there are a lot of them).
Data Brokers
Data Brokers are companies that acquire and sell your data to other brokers, companies, or even individuals. Since these data brokers have an indirect relationship with the person whose data is being sold; people are often completely unaware of their existence.
Data Brokers acquire your data through either public record (court records, marriage licenses, etc.), buying it from retailers, social media, or other data brokers. Have you ever done one of those quizzes on social media? That information likely went to a Data Broker.
Keep in Mind
Data Brokers are not the only “bad guys” that could be using your data without your knowledge or consent. If companies are collecting all kinds of data on you, are they taking appropriate security measures to keep that data safe? If a company storing your data gets breached by a threat actor and your data gets exfiltrated, would you be okay with that? I think the answer largely depends upon the type of data being stored. Clario put together some helpful infographics in a blog post to help visualize the personal data that companies are storing on users.
The collection of your data is one issue, but the question of how it’s used becomes a worrisome topic, especially when companies are buying your data. Take for example the FTC write-up that calls for transparency and accountability when it comes to Data Brokers. Within the document, it points out the potential issues that could arise from Data Brokers collecting information on consumers that search for terms related to diabetes. Some Data Brokers have categories like “Diabetes Interests” so that manufacturers of sugar-free products can target ads or discounts to potential diabetics. But if an insurance company where to buy this data, they could classify a consumer as higher risk. Some other categories used by Data Brokers include: Investment Habits, Cholesterol Focus, Buy Disability Insurance
Additionally, Data Brokers may infer that someone belongs in a category based on internet searches that they do, but they may not have a certain medication condition or be interested in a high-risk activity like rock climbing. If a Data Broker were to classify someone into one of these categories, and an insurance company were to purchase the data, the consumer could be mistakenly classified.
Protecting Your Data Privacy
An easy button does not yet exist for data privacy, but here are a few tips and tools available that can help.
The Electronic Frontier Foundation (EFF) is a nonprofit organization that takes privacy very seriously and releases a good bit of content relating to privacy. They just posted an easy-to- follow guide for disabling ad tracking in Android and iOS to their blog.
As mentioned previously, apps are not the only way for companies to get a hold of your information. Your choice of internet browser and search engine can also help. EFF also has a tool (https://www.eff.org/pages/cover-your-tracks) that can check how well your browser and add- ons protect you from online tracking. You can use this to check your current browser and if you’re not pleased with the results, check out one of browsers listed in the following link.
- https://www.pcmag.com/picks/stop-trackers-dead-the-best-private-browsers (Brave is my personal favorite in this list)
- https://nordvpn.com/blog/private-search-engines/
This one may seem obvious but set your social media accounts to private. Since Data Brokers sometimes use social media accounts to gather information; having a public profile will make it easier for them to access your data.
VENYU is Here
As always, if you have additional questions or would like someone to discuss security in more depth with you, please open a support case using the customer portal (https://portal.myvenyu.com) or schedule a consultation (https://www.venyu.com/consultation/).
Sources
- Data Broker List – https://privacyrights.org/data-brokers
- Clario Blog – Which Company Uses Most Data – https://clario.co/blog/which-company-uses-most-data/
- Data Brokers: A Call for Transparency and Accountability – https://www.ftc.gov/system/files/documents/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014/140527databrokerreport.pdf
- How Data Brokers Find and Sell Your Personal Info – https://us.norton.com/internetsecurity-privacy-how-data-brokers-find-and-sell-your-personal-info.html