If you use a smartphone and download apps, as half the UK population does now, you’ve probably used an app which pops up a dialog box asking “Find your friends?” and offering to search some new social network — or one of the more familiar ones — for people you already know.
It’s easy and quick to click on the “OK” button, but do you know what’s happening once you do? This is where you suddenly discover that what you thought you knew about your online privacy is wrong — or at best, incomplete.
In mid-February, an Indian researcher, Arun Thampi, figured out what was happening when Path, a would-be social network app for Apple’s iPhone for “sharing your life,” asked that question. It was uploading the entire contents of your address book — names, e-mails, phone numbers — to Path’s servers.
The outcry over this data grab was rapid and widespread — at least among the Silicon Valley digerati and those who watch them. Path’s chief executive wrote a mea culpa blogpost, the company updated its app so it wouldn’t upload all the data, and everything seemed calm.
Then Dustin Curtis, a user interface designer, pointed out that loads of apps do this. On his blog, he noted: “I did a quick survey of 15 developers of popular iOS apps, and 13 of them told me they have a contacts database with millons of records. One company’s database has Mark Zuckerberg’s cellphone number, Larry Ellison’s home phone number and Bill Gates’ cellphone number.”
However, he added: “This data is not meant to be public, and people have an expectation of privacy with respect to their contacts.”
More digging showed that Facebook, Instagram, Yelp and location service Gowalla did it too. It seemed like it would be easier to list the apps that didn’t do it.
For those feeling suddenly itchy about their privacy, there was more to come. A few days after Curtis’ blog, Twitter admitted that it too grabbed address book data (though only, it said, your friends’ e-mail addresses and phone numbers); the purpose being just to find people you already know who might already be, or will be, members of the service.
Jon Leibowitz, the chairman of the US’ powerful Federal Trade Commission, summed it up in a sentence: “Right now, it is almost impossible to figure out which apps collect data and what they do with it.”
Apple chewed this over silently for a week and then announced that a forthcoming update of the iPhone and iPad software would prevent this.
However, just as another privacy storm seemed to have come and gone, another arrived: Jonathan Mayer, who researches online privacy at Stanford University, discovered that Google had hacked past the default privacy settings of Apple’s browsers on the iPhone, iPad and desktop so it could track people’s use of the Web, whether or not they were signed into its services. That also meant that its advertising arm DoubleClick could follow them too. Adding to the appearance of culpability, as soon as the Wall Street Journal, following up Mayer’s discovery, contacted Google, it stopped doing it. In recent weeks, only Facebook has emerged without immediate criticism.
Still, the damage has been done.
“Between the Path debacle and Google’s Safari cookies, [Silicon] Valley’s moral bankruptcy on privacy was made obvious,” James Grimmelmann, an associate professor at New York Law School, said on Twitter.
However, it’s not just in the narrow space of Web browsing or apps that we’re identifiable. A chilling story in the New York Times described how the giant Target store is now so good at tracking what items people buy that it can spot if someone is pregnant — especially in the second trimester, when they begin buying things such as vitamins and maternity clothes; catch them there and “we could capture them for years,” as a statistician explained. The 25-item prediction system works so well that Target knew that a teenage girl was pregnant (and began sending appropriate shopping coupons to her home) before her father did.
On Target’s part, it was nothing personal, but it wasn’t private either: Somewhere in its machine, there was a link between the girl and her pregnancy.
Essentially, the edifices of privacy that we once thought we understood are melting like ice in a heatwave. Once upon a time, before mobile phones, it was really hard, without direct surveillance, for anyone else to know where you were. Now add in smartphones and apps such as Path, Twitter and Foursquare, as well as Web-based companies such as Facebook and Google which rely on serving ads, and data-crunching like that done by Target (and all the big supermarkets) and the idea of “privacy” is being eroded from inside and outside. Your address book is somewhere in the “cloud.” You’re telling anyone who has access to your Facebook profile where you are. Foursquare users can track your whereabouts, if you “check in.” The supermarket where you shop is sending you coupons for diapers.
A graphical representation of how much public data Facebook used to show in 2005 compared with 2010 looks just like scary forecasts of polar ice-cap melt. Except it’s already happening. In fact, online privacy looks altogether like global warming: We tut about it and mutter “something must be done,” and then do the equivalent of clambering into 4x4s — tagging photos on Facebook of friends getting drunk, tweeting pictures of our lovely trip and family on Instagram.
Simon Davies, director-general of Privacy International, the pressure group that has been warning about the ease of such invasions for years, thinks it’s an apt metaphor — but equally that, like the environmental movement, awareness is growing that it’s not right, and that we can’t go on this way.
“We have had developers tell us that they don’t want their platform screwed up by too much privacy management,” he says. “There’s all sorts of hoodwinking and linguistic devices that they use to persuade you to hand over your data.”
Such practices are pervasive, he says, but there’s growing awareness among a number of people on social networks that there’s value in keeping information about yourself, your whereabouts and life private. Not just to protect yourself from identity theft; also just because it’s nice to have some part of you that isn’t subjected to the panopticon of the Web.
“It is like the environmental movement, in that there are evangelists working to keep the brakes on excess use,” Davies says. “I think Microsoft and Google are starting to see a change there.”
The trouble for Google is that 97 percent of its revenue comes from serving ads. Its profits improve if people click on ads, so it likes to show “relevant” ads — and the best way to work out which ads to offer is to watch which Web pages people visit.
Google is painfully aware that government agencies take a dim view of any corporate infringement of people’s privacy — and also that if it loses users’ trust, the slope from top dog in search to also-ran could be slippery. (For that reason, Microsoft has been hammering away at the privacy topic in its PR efforts: When news broke that Google had worked around Internet Explorer’s protections, rather than follow its frankly arcane privacy system, Frank Shaw, Microsoft’s combative head of PR, tweeted in faux disbelief: “Google can work on a self-driving car but can’t figure out how to implement a standard?”)
The culmination was the announcement last week by US President Barack Obama’s administration that it would push for all browsers to have a “Do Not Track” button as part of a “consumer privacy bill of rights,” while the Californian attorney general said that apps would have to include privacy policies to tell users what data they would access.
But where does it all end?
“It’s a systemic problem,” Davies says. “The situation will only change when it’s not fashionable to give away your data, when it becomes sad to do so in front of your peers.”
Is there any chance of that happening? Mayer says there are “bright spots” in privacy; he is working on the “Do Not Track” system, but others in the industry point to the differences between the US and Europe — the strong data protection legislation in the latter, and its almost total absence in the former — and suggest the gulf can’t be bridged; our data will always flow downhill toward the area that lets companies make as much (profitable) use of it that they can.
The columnist Helen Popkin commented despairingly: “Facebook is the slowly warming pot of water and we, my friends, are the frog. By the time we noticed our peeling skin, another hunk of our privacy is long gone.”
That was in March last year. Since then more and more chefs have continued to gather around the pot. Do you want to find friends already using this service? Is it getting warm in here?
Could Asia be on the verge of a new wave of nuclear proliferation? A look back at the early history of the North Atlantic Treaty Organization (NATO), which recently celebrated its 75th anniversary, illuminates some reasons for concern in the Indo-Pacific today. US Secretary of Defense Lloyd Austin recently described NATO as “the most powerful and successful alliance in history,” but the organization’s early years were not without challenges. At its inception, the signing of the North Atlantic Treaty marked a sea change in American strategic thinking. The United States had been intent on withdrawing from Europe in the years following
My wife and I spent the week in the interior of Taiwan where Shuyuan spent her childhood. In that town there is a street that functions as an open farmer’s market. Walk along that street, as Shuyuan did yesterday, and it is next to impossible to come home empty-handed. Some mangoes that looked vaguely like others we had seen around here ended up on our table. Shuyuan told how she had bought them from a little old farmer woman from the countryside who said the mangoes were from a very old tree she had on her property. The big surprise
The issue of China’s overcapacity has drawn greater global attention recently, with US Secretary of the Treasury Janet Yellen urging Beijing to address its excess production in key industries during her visit to China last week. Meanwhile in Brussels, European Commission President Ursula von der Leyen last week said that Europe must have a tough talk with China on its perceived overcapacity and unfair trade practices. The remarks by Yellen and Von der Leyen come as China’s economy is undergoing a painful transition. Beijing is trying to steer the world’s second-largest economy out of a COVID-19 slump, the property crisis and
Ursula K. le Guin in The Ones Who Walked Away from Omelas proposed a thought experiment of a utopian city whose existence depended on one child held captive in a dungeon. When taken to extremes, Le Guin suggests, utilitarian logic violates some of our deepest moral intuitions. Even the greatest social goods — peace, harmony and prosperity — are not worth the sacrifice of an innocent person. Former president Chen Shui-bian (陳水扁), since leaving office, has lived an odyssey that has brought him to lows like Le Guin’s dungeon. From late 2008 to 2015 he was imprisoned, much of this