Most of us know that our personal data is being collected, stored and analysed thanks to our relationship with our mobile phones, computers and the internet. But are we really aware of the full extent of the privacy invasions into our daily lives?
Let’s start at dawn. What is the first thing you do when you wake up? You probably check your phone.
By doing that, you are informing a whole host of busybodies – your smartphone manufacturer, app developers and your mobile company, as well as intelligence agencies (if they happen to be watching you) – what time you wake up, where you’ve been sleeping and who you share a bed with, providing they keep their phone with them too.
If you wear a smart watch it will have recorded your every movement in bed – including, of course, any sexual activity. Share a picture or record your thoughts on Facebook, or type a search into Google, and that information is tracked and stored.
Perhaps you’ve run out of sugar and you decide to ask your neighbour if she has some spare. Standing outside her door, you notice there’s a new smart doorbell, which records images of those who come near. It’s anybody’s guess where the footage is going to end up and what it will be used for.
You turn on your smart TV. It is probably identifying everything you watch and sending the data to the manufacturer, third parties, or both.
If you had time to read the privacy policies of the objects you buy, you would also have noticed that your TV picks up and records your spoken words and reserves the right to transmit them to other organisations.
Intelligence agencies such as MI5 and the CIA can make your TV look as though it is off while they record you. Your digital assistant Alexa may be listening too.
On and on it goes, as your day unfolds – the computerised surveillance that turns your everyday life into data.
It’s worth remembering that, as far back as 2010, Facebook founder Mark Zuckerberg (pictured) suggested that privacy was no longer ‘a social norm’, that we had ‘evolved’ beyond it because of the amount of information we freely shared online.
In today’s society, cars can log the locations you visit, the speed you drive at and your musical taste – even your weight is measured by your seat. There are emails that, once opened, allow third parties to track your geographical location.
Even your intimate medical data can be donated by the NHS to commercial organisations without your consent. And if you’ve ever done a DNA testing kit – for health reasons or to trace your ancestors perhaps – your genetic information is up for grabs to anyone who’s willing to pay for it.
We live in a surveillance age – and this is surveillance capitalism.
Governments know more about their citizens than ever before. Even the Stasi managed to have files on only about a third of the population of East Germany. Intelligence agencies today hold much more information – and on everyone. And it’s because we’re willingly – if unwittingly – giving this information away.
As a professor at the Institute for Ethics in Artificial Intelligence at the University of Oxford, I’ve researched this phenomenon with growing interest and concern over the past decade.
I’ve written widely about the importance of privacy in the digital age and what the tech giants – which is, of course, where all of this began – can learn from the far more regulated world of medical ethics.
It’s companies such as Facebook and Google which have done more than any other to build the ‘data economy’. And it has never been more apparent than during the coronavirus lockdown.
We’ve used social media to stay connected with friends and family, platforms such as Zoom for work and Google Classroom for school. The past year has shown us how impossible it is to opt out. Collectively and separately, these platforms are watching us. They know I’m writing these words. And, if you’re reading this on a screen, they know you are reading them.
It sounds sinister – almost into the realms of conspiracy theory. But if you think it doesn’t matter, then read on.
Intelligence agencies such as MI5 and the CIA can make your TV look as though it is off while they record you. Your digital assistant Alexa may be listening too
Facebook alone has violated our right to privacy so many times that a comprehensive account would merit a book in itself. Indeed, it’s worth remembering that, as far back as 2010, Facebook founder Mark Zuckerberg suggested that privacy was no longer ‘a social norm’, that we had ‘evolved’ beyond it because of the amount of information we freely shared online.
It is in his interests – and the interests of other tech giants – to believe this is so.
Everything you do while on Facebook gets tracked, from your mouse movements to the things you write and decide to delete before posting.
It may seem like a social network on the surface, but its real business is trading in influence through personal data. It wants to know who we are, what we think, where we hurt. It wants to predict and influence our behaviour. And armed with this, it can then sell advertisers access to your attention.
It’s not even possible to stay away from this data-hungry monster. Facebook keeps ‘shadow profiles’ on people who don’t even have accounts. It does this via its pervasive ‘like’ buttons, which appear alongside content such as news articles on websites across the internet.
Clicking on ‘like’ means your Facebook friends will see your activity, and Facebook itself gets an insight into your interests.
But what is little known is that Facebook can gather basic info about a visitor’s IP address (and therefore their location), and other websites they’ve accessed which also contain Facebook ‘like’ buttons, even if they don’t click on them and don’t have a Facebook account.
So what? Surely all this isn’t actively harmful.
But Facebook may connect you with people you’re actually trying to avoid. Its ‘People You May Know’ section recommends people to connect with. This tool has helped expand Facebook’s social network, which went from 100 million members when it was introduced in 2008 to more than two billion in 2018.
It can link the real identities of sex workers to their clients. Or scupper medical confidentiality by linking together a psychiatrist’s patients. These patients probably had the psychiatrist’s details in their phone’s contact book – and that alone was enough for Facebook’s algorithms to make the link.
The site has suggested a harasser connect with his (previously anonymous) victim, a husband to his wife’s lover, and a victim to the man who broke into her car.
For years, Facebook allowed Microsoft’s Bing search engine to see Facebook users’ friends without their consent, and it gave Netflix and Spotify the ability to read and even delete Facebook users’ ‘private’ messages.
Facebook has probably used facial recognition on your photos – without securing proper consent from you – to develop lucrative new technology. It has certainly filed patents that describe systems to recognise shoppers’ faces in stores and match them to their social networking profiles.
In 2019, hundreds of millions of Facebook users’ phone numbers were exposed in an open online database, because the server they were on was not password-protected.
By checking your phone in the morning, you are informing a whole host of busybodies – your smartphone manufacturer, app developers and your mobile company, as well as intelligence agencies (if they happen to be watching you) – what time you wake up, where you’ve been sleeping and who you share a bed with, providing they keep their phone with them too
These are just some of the latest disasters. Everything seems to indicate that Facebook’s violations of our right to privacy are not about to stop. It’s no wonder that a British parliamentary report has suggested that Facebook has behaved like a ‘digital gangster’ in the past few years.
It’s not alone. Google has also been a major protagonist in this story. In 1996, founders Larry Page and Sergey Brin developed the core of Google, an algorithm that counts the number and quality of links to a web page to assess how authoritative that website is, and ranks search results accordingly.
It was a brilliant idea. Unfortunately for us all, Page and Brin wanted to turn Google Search from an amazing tool into a money-making company. By 2004 it had revenues of £2.3 billion.
How did they do it? By using the personal data of their users to sell ads: little sponsored links in and around their search rankings.
As users searched for what they desired, feared or were curious about, Google collected oceans of data on them.
Since then, Google has created product after product to help it gather even more data from even more sources. Chrome, Maps, Pixel, Nest and many others were designed as ways to collect even more data from you.
Why would a company offer an extra service like Maps, something that is so expensive to create and maintain, for nothing in return? It wouldn’t. Google wanted to mine your location data.
Many other organisations – not always the obvious ones – are similarly making free with our data. If you go to the doctor, be aware that your medical data is often for sale.
Data brokers – traders in personal information – can acquire anonymised medical data from pharmacies, hospitals, doctors’ offices, health apps, and internet searches, among other sources. Your medical details could end up in the hands of researchers, insurance companies or prospective employers.
The latest controversial data grab is scheduled for later this year when patient information from GP practices is centralised in an NHS database.
Hospital patient data is already held centrally. It can prove hugely helpful for research purposes, which is to everyone’s benefit.
But there are concerns the NHS may decide to donate your records, without your consent, to a company such as DeepMind, the artificial intelligence firm owned by Google’s parent company, Alphabet.
This may not be to your benefit at all. DeepMind could link your data to your Google account, thereby further eroding your privacy.
Yet the most intimate information of all concerns your genetic data – the blueprint for who you are.
Let’s imagine a friend gives you a home DNA kit as a gift. Such kits, which can tell you about your genetic ancestry, help find distant relatives and even tell you your risk of disease, are being sold for about £100.
By mailing your saliva sample, you are allowing companies such as Ancestry to analyse, sell and communicate your genetic information as they wish.
And what about your family? There is no way of knowing what the law will be like in 30 years, or what we might be able to infer from genetic information by then.
Perhaps you’ve run out of sugar and you decide to ask your neighbour if she has some spare. Standing outside her door, you notice there’s a new smart doorbell, which records images of those who come near. It’s anybody’s guess where the footage is going to end up and what it will be used for
Your grandchildren may be denied opportunities in the future on account of your genetic test floating out there in the public domain, should it indicate a susceptibility to life-limiting disease or a negative personality trait.
Your right to lawfully protest might also be at risk from new tactics that further violate privacy. Police are thought to be using ‘stingray’ technology – fake mobile phone towers that grab your location and can eavesdrop on phone conversations, text messages and web browsing.
Perhaps unsurprisingly, there is secrecy over their use in the UK. A tribunal last year permitted police forces to ‘neither confirm nor deny’ that they are in use.
Some people argue that invading our privacy might well be necessary for our safety – to fight terrorism or during a pandemic, for example. Contrary to what authorities would have you believe, however, it is much more often the case that privacy invasions bring about unsafe conditions.
With that in mind, consider carefully what you share online, particularly if it concerns your children. Make sure your privacy settings on social media sites are as high as they can be.
Never click on the ‘accept cookies’ button on a website, choose devices that don’t connect to the internet if you can, and use strong passwords.
To those who question whether online privacy matters, I ask them for their password to their email account. Or, better yet, next time they’re in a public loo, greet them from the adjoining cubicle as you take a peek over the divider.
There is also the question of what kind of society we would like to live in. Two possibilities lie ahead.
The first is an extreme version of the surveillance society we live in today. One in which your every step, word and purchase is tracked by the authorities.
Drones and satellites watch you from above and facial recognition technology identifies you wherever you go.
Authorities track what you read, when you protest. Police, public health authorities, intelligence agencies and surveillance companies receive this information.
Your data is used mainly to quell pandemics and prevent terrorist attacks, the authorities assure you. But you know it is also used for much more than that.
This is a world in which machines manage you. They order food when your fridge is running low. They time your efficiency at work, including your breaks. They tell you to meditate when your stress levels increase.
You wonder whether your children’s future might be compromised when they play games online, as you know their scores are being sold to data brokers who calculate cognitive capacities. You worry about how obedient they have to be to stand a chance in this new world.
This is a society primed for an authoritarian takeover.
But there is a second, far better option. A world where your data is yours alone, not for anyone else to share or sell. We just need the right rules in place.
For we are currently witnessing a civilising process similar to the ones that improved our offline lives. In the way that regulation made sure that food being sold was edible and that cars had safety belts, so regulation can tame the Wild West of the internet.
The ground rules that we set now will determine the privacy landscape of the next few decades.
It is critical that we get things right. We owe it to ourselves and to our children.
© Carissa Veliz, 2021
- Privacy Is Power, by Carissa Veliz, is published by Corgi on Thursday, priced £8.99. To order a copy for £7.64 visit mailshop.co.uk /books or call 020 3308 9193 before July 11. Free UK delivery on orders over £20.