What personal data do you have?
When you think of personal data, you probably think of your ID number, health records, bank records, and other most sensitive information. Today, however, personal data is much more meaningful and people are often unaware of personal data breaches and misuse.
Unlike a few years ago, personal data is everywhere in today’s digital age. Interactions with friends in social networking software, search history in shopping software, character images in games, and even routes of movement in navigation software. You could even say that everything you use, communicate with, and search for in digital applications constitutes your personal information in the digital age.
Nowadays, almost any digital application can be called a social media platform. The Major social media platforms have become so central to our lives, that the decisions they make have a very powerful impact (Suzor& Nicolas P, 2019).
After you use these digital platforms, personal information is retained in the digital platform’s database. In many cases, the digital platforms identify your age, gender, preferences, etc., and categorize your personal information into groups of people with the same attributes as you.
Why do digital platforms identify your personal information? And to categorize you?
Because of the maturity of big data and AI algorithms, we have offloaded much of the social work of shaping our cultural world onto automated systems, most of which are commercially controlled (Andrejevic, Mark, 2019).
Big data and algorithms will provide users with more suitable content based on what they are interested in, and the process will involve optimization of applications to improve efficiency for different people’s usage scenarios, thus further enhancing user viscosity.
At the same time, big data and algorithms will identify “what kind of people” you belong to, so as to recommend you the goods you may potentially buy, and to recommend you more “suitable” for your advertising.
Image courtesy Tuesday Tech Tip
Many platforms rely on these recommendations, and advertising to gain benefits, for the platform, there is no harm in automatic recommendations, only benefits.
These are the original purpose of the platform to collect and analyze users’ personal data. The platform profits and the user’s interests are not substantially harmed
But things don’t always go in the right direction
I’m sure you’ve had the same experience of countless inexplicable phone calls from people who know your basic personal information and accordingly recommend you insurance, financial products, or other goods. SMS and email are also common ways to sell similar content, for which SMS and email are even dedicated to the intelligent identification of spam sales messages. After browsing something of interest in the search engine, wait until you open the shopping software again, there will be very many recommendations for similar products.
Harassing phone calls, harassing text messages, or harassing emails are disrupting people’s normal lives to varying degrees. Many times, you don’t know which calls are nuisance calls, so you have to answer them. Salespeople are good at selling, and how to respond to salespeople can waste a lot of your time and energy if you don’t need these products.
You may wonder how these salespeople know your phone number and basic personal information? Why do different Internet platforms seem to be “sharing” your browsing history? There are two main scenarios here.
“legally” misuse your personal data.
Before using a new platform, there is a user agreement, which is often very lengthy in terms of laws. If you do not choose to agree, you will not be able to use the platform. And these agreements often hide the reason why the user’s personal data is being misused. Almost all contracts are very careful, make no promises, and reserve almost absolute discretion to the network owner (Suzor& Nicolas P, 2019)
Obviously, no one reads this agreement, they just want to use the application. By having to choose to agree to this user agreement, the user “tacitly” agrees that his or her information can be used for intelligent recommendations, customized advertising, or for so-called “user experience upgrades” in his or her contract.
In addition to the use of users’ personal data by the platform itself, users’ personal data may also be used by the platform in the form of “exchange”. Different platforms share their databases for the sake of cooperation and development. This allows users’ information to be unknowingly used in a wider range of scenarios. For example, a search engine and shopping platform are not the same company, but the shopping platform can get the information of users in the search engine through the cooperation between companies.
When Chinese e-commerce giant Alibaba Group entered the Korean e-commerce space, it chose to partner with Korea’s Naver, the country’s largest search engine and portal and the parent company of the famous social networking software LINE, which has operations in Korea, Japan, Taiwan, and Southeast Asia and possesses the world’s leading search engine technology. With the partnership, Korean consumers will be able to search for products on Alibaba’s platform directly through Naver shopping. The relevant search records and product preferences will also be used in Alibaba’s platform.
The giant-to-giant partnership has resulted in a wider use of users’ personal information. For example, personal information that should have only appeared in Naver will be partially applied to Alibaba with the cooperation between the two companies.
Users obviously will not agree to such a wide use of their information, but because they have previously clicked on consent, the user agreement seems to become a shield for the platform.
Illegal misuse of personal data
Inadequate supervision of platforms or loopholes in databases can lead to the leakage of personal data. For example, hackers and some organizations steal users’ personal information from different platforms and sell it. This data is usually obtained in massive amounts, sorted, and sold to data brokers.
Many data brokers are part of a “gray industry” that strays from the boundaries of the law, collecting data from a variety of sources and selling it to various businesses that need it.
For example, data about a user’s assets will be sold to insurance companies or fund companies. Driving information, do you have a driver’s license? This information will be sold to car sales or leasing companies, or even car insurance companies.
The information collected by data brokers may be inaccurate or outdated. However, it is still incredibly valuable to businesses, marketers, investors and individuals.
Staff within the platform are sometimes driven by profit to break the law. Alipay is part of the Alibaba Group, China’s largest online payment platform, and with its massive payment records, Alipay has access to most of China’s online Alipay has data on most of the online merchandise transactions in China. This data includes product categories, quantities, prices, and sales by region. These data are extremely important to e-commerce companies, and by analyzing them, e-commerce companies can accurately analyze the competitive advantages of their products and can optimize their sales strategies accordingly to gain higher profits.
According to the suspects, in this case, Alipay does not offer the service of selling user data, although this can bring high revenue. Similar data is sold by professional data research companies, but their data is not comprehensive, and e-commerce companies are often unable to analyze valuable information from the data purchased from these companies, and the price is very expensive. Criminals then find ways to collude with Alipay insiders to buy more comprehensive and valuable data for less money. Such methods obviously broke the law, and when the police arrested them, they regretted it.
Similarly stolen personal information is often sold twice as a way to share the cost of the purchase. This allows some of the personal data to be collected by many strange merchants, leading to more serious problems.
Misuse of some personal data can lead to serious consequences
When personal information is compromised, people are usually not particularly concerned. However, there is some information that can be used by unscrupulous people, and only then do people feel serious concern, such as their bank card PIN.
Similar news reports are abundant, and people often like to set their own or their loved ones’ birthdays as their bank card PINs. However, when personal information is leaked, patient miscreants will use the leaked data to guess the correct password and thus steal the user’s money. A similar example is commonly used for cell phones and computers. Important documents and secrets stored in them can also be stolen.
Digital platforms should ensure the security of users’ personal data
Digital platforms should have better internal oversight and protection mechanisms to protect user data from hackers and even internal employees. Improving the “one-way mirror” relationship with users may help to protect their privacy. Users should no longer be unaware of the use of their privacy but instead should have transparent, even paid, access to their personal information.
For personal privacy, users deserve to receive compensation if they are used by the platform. The rise of the personal data economy will improve the “one-way mirror” of such an unequal relationship. Platforms and companies will pay more money for this in exchange for more valuable personal data. Platforms will also put a lot of effort into protecting user data as a result. Users will really benefit from this, instead of being used for nothing. The relationship between the platform and the users established in this way is benign and can be sustainable
Image courtesy Knowledge at Wharton
Improve legislation to clear the gray areas
Gray industries like data brokers should be banned, and personal data should not be sold to individuals or companies at will. This does not mean a total ban on the trading of personal data, but a stricter law to regulate similar trading practices. Data privacy laws should focus more on protecting the rights of platform users and improving the previous “one-way mirror” situation. Users have the right to know what their data is being used for and to be paid for it, while their own data should be kept secure and free from misuse.
A long way to go
People’s privacy and big data, AI algorithm-led digital platform trends seem to be contradictory. If you want to protect the privacy of users, it looks like the development of AI and big data will be hindered. How to balance the rights of users and digital platforms to develop big data and algorithms will be a question for everyone, every big company, and every government should consider in the future.
Users should not be “in the dark”, personal data as part of their natural belonging, should be given enough respect and attention. Imbalances relations like the “one-way mirror” should be changed, and users’ personal information should be secured with more stringent and detailed laws and regulations.
This process may take a long time, but positive voices are being heard in the crowd, and I believe the future will be better.
Reference
Alipay internal employees selling user information: the content of the information exceeds 20G
http://www.linkshop.com/news/2014276714.shtml
Andrejevic, M. (2019). Automated Media. Routledge. 25-43.
Alibaba and Naver enter into a partnership to join forces to capture the Korean market
https://baijiahao.baidu.com/s?id=1641827773250279880&wfr=spider&for=pc
David, B. (2017). Click to agree with what? No one reads terms of services, studies confirm.
https://www.theguardian.com/technology/2017/mar/03/terms-of-service-online-contracts-fine-print
Knowledge at Wharton Staff. (2019). Your data is shared and sold, What’s being done with it?
Your Data Is Shared and Sold… What’s Being Done About It?
Michal Haupt. (2016). Introducing Personal Data Exchanges & the Personal. Data Economy
https://medium.com/project-2030/what-is-a-personal-data-exchange- 256bcd5bf447
Suzor & Nicolas, p. (2019). Lawless: The Secret Rulers That Govern Our Digital Lives. Cambridge University Press. 10-24.
Set birthday as bank card password was stolen more than 50,000
https://baijiahao.baidu.com/s?id=1623611572786036473&wfr=spider&for=pc
The WIRED Guide to Your Personal Data (and Who Is Using It)
https://www.wired.com/story/wired-guide-personal-data-collection/