Earn Your M.S. in Cybersecurity
At the University of San Diego, we are preparing cybersecurity experts to enter or progress within the field. Whether you are a hands-on engineer or an operations and leadership professional, we will meet you where you’re at and take you to the next level. Apply by Dec 1 to Start Jan 11. Request More Info Today!
When it comes to an appetite for data, social media outfits are the most voracious, according to a recent study released this month by cybersecurity company Clario Tech.
The analysis of nearly 50 of the world’s biggest brands found that Facebook collects more than 70 percent of all the data it can collect legally about someone using its service.
Other social media brands also collected a lot of data about their users. Instagram, which is owned by Facebook, collects almost 59 percent of data available to it, while Tinder sucks up nearly 56 percent and Grindr nearly 53 percent.
“Ads are how Facebook makes the most of their money — around [US]$16.6 billion to be precise, based on their 2018 reports — so the more they know about you, the more they can sell on,” explained Clario Content Manager Mary Atamaniuk, in a company blog.”
“As well as the usual, such as your name, location, email address and date of birth, they also collect a whole load of things you might not be aware you gave away,” she added.
In fact, of the 32 items of personal information identified as collectible by Clario, only seven aren’t grabbed by Facebook — height, weight, mother’s maiden name, bank account details, salary, country of birth, allergies/intolerances and health and lifestyle information.
From its start, Facebook has differentiated itself from Google by offering people-based marketing — highly detailed profiles on people and audience segments that can be targeted, explained Greg Sterling, vice president of market insights at Uberall, a maker of location marketing solutions based in Berlin, Germany.
“That has gotten them in a lot of trouble with privacy advocates because of the way the platform has been abused by third-parties,” he told TechNewsWorld.
One reason social media platforms collect so much data is that consumers allow a lot of their data to be collected, observed Liz Miller, vice president and a principal analyst at Constellation Research.
“Everything from where they are, what they are doing, what they like, what they dislike, sentiment and mood at a moment, device details — it’s all data consumers are leaving behind on the network,” she told TechNewsWorld.
“Social media organizations have done a great job of finding all that data, synthesizing and categorizing it in a way that, not only can be used by themselves, but can be sold as a service to advertisers or internal teams to expand their business.”
Not all social media are greedy for data. The Clario analysis showed two popular platforms, TikTok (14.71 percent) and WhatsApp (11.76 percent), at the bottom of the data grabber’s list. Ironically, TikTok’s U.S. presence has been threatened by the Trump Administration for the Chinese-based company’s collecting data on Americans.
Privacy by Design
The report also noted the retail sector, in general, collected less data about its customers than other sectors.
“Despite being the biggest online retailer in the world, (and spending around $11 billion on advertising in 2019,) Amazon only collects a fraction of data compared to other businesses, 23.53%,” Atamaniuk wrote.
“Beyond the obvious things, like your name, email address, home address and bank details, it collects little else other than what it needs to run its business,” she noted.
“What Amazon has intentionally set out to do is identify the quality data that directly leads to the kind of interaction that moves their business needle, compared to others who collect peta bytes of quantity data that some day might be meaningful,” Miller added.
Amazon’s approach to data collection appears to be in line with emerging attitudes toward information.
“One of the basic principles of modern data privacy is to collect as little information as needed and to store it for the least amount of time necessary,” explained James E. Lee, chief operating officer at the Identity Theft Resource Center in San Diego.
“This is one of the bedrock principles of the European approach to privacy, often described as ‘privacy by design,'” he told TechNewsWorld. “It is just now being seriously discussed in the U.S. as a result of state privacy laws, but we have a long way to go before businesses are actively practicing this principle.”
How Collected Data Is Being Used
Other retailers with low marks for hoovering data included IKEA (23.53 percent), Nike (26.47 percent) and Depop (26.47 percent). All the outlets store names, email and home addresses, along with bank details to make online purchases easier. In addition, Nike and Depop gather height and weight data to help them target their customers with more appropriate clothes.
Retailers have a different purpose for the data they collect than social media platforms, which is why they may need to collect less of it. “They use it to create better products and better present their products,” observed Rob Enderle, president and principal analyst at the Enderle Group in Bend, Ore.
“They consume the data they collect themselves. They don’t sell it,” he told TechNewsWorld. “The reason they don’t sell it is they don’t want a competitor buying the data and using it against them. Sharing data is anathema to how they operate.”
Atamaniuk noted that given the wealth of data shared with businesses, it’d be no surprise to see some things revealed about consumers that they’d rather be kept private.
“However, thanks to [General Data Protection Regulation]…what companies can actually do with your data is quite limited,” she wrote. “Beyond marketing to you and using your data to manage their website, business can’t do a lot more.”
“You shouldn’t get cold calls from businesses you’ve never spoken to, for example, or find your details are being sold,” she continued. “Your data is protected by the policies companies are forced to sign up for, and if they break these policies they could face big fines.”
As well-intentioned as laws like the GDPR are, they may still be falling short for many consumers.
“In practice, these things aren’t very effective,” Sterling maintained. “They put tremendous burdens on the consumer.”
He explained that many websites are complying with the letter of laws like the GDPR and California Data Privacy Act, but making it so onerous to do something like stop the reselling of personal data or manage cookies that consumers give up exercising their rights so they can get on with their lives.
“They make you work,” he said. “The easiest option is to accept all because you want to get to the content.”