The unknowns of “data travel”
There’s an uncomfortable question I don’t like to think about when browsing the internet: who’s collecting my data, and where is it going? “Cookies” is probably the first answer, the information collected by individual websites when you visit them. However, we’re a long way from the simple days of trackers.
Now, data and personal information is spread all over the place, from cloud-syncing your browsers, to app permissions, to websites asking for your email addresses, to the info stored with online retailers. For instance, did you know FCC commissioner wants TikTok removed from the app stores because it presents a security risk? Why, you ask? Mainly because the information collected on that specific app is alarming. Does that warrant security concerns? Depends on who you ask. More importantly, it begs the question how comfortable someone is with their data being collected and transferred around unregulated shadow markets.
The TikTok scenario is just to emphasize the point: where goes that data, and who has it? Worse, what kind of data?
Here’s the thing, depending on the tracker, app, and/or website in question, anything from your personal info, keystrokes, mouse movements, and exodus history are tracked. For instance, trackers on websites are measuring the time you spend on a page, other pages, where your cursor goes, and, the website(s) you visit after you leave the tab.
I don’t know about you, but it’s not a businesses, well, business, to know what websites I use after I close a tab. That’s to say nothing of the other details collected on a website or app. On mobile devices, it gets so much worse.
Predatory apps, for example, control permissions on your smartphone, ranging from scrolling through your pictures, having access to your camera, knowing the apps you download (with the ability to add/delete on a whim), and even track your messages. Granted, that’s an extreme case, but still, good lord. That’s the equivalent of strangers basically walking around your home, sifting through your personal items, taking pictures, and stalking your every move.
Just because it’s electronic doesn’t make it any less frightening.
Apps, websites, and now the IoT
Once again, it’s worth pointing out the IoT (internet of things), a concept where data is recorded and sent over a network based on “smart” devices. In other words, devices with network connection functionality and/or internet access. What network and where it goes depends on the manufacturer, but it’s additional details and data about an individual. With the expansion of IoT adjacent devices, so too is the creation of more “attack surfaces.” I’ve discussed in other articles, but attack surfaces are essentially more net-connected nodes which can be compromised in some fashion.
At any rate, it’s just more information stored in places you don’t know, sold to vendors you’ll never meet, for purposes you probably don’t agree with (unless you love junk and spam email). While that’s not the same for every use case scenario, it’s a general rule of thumb.
The right data in the wrong hands
So again, I come back to that question posed at the article’s beginning: where’s my data going? Sometimes, I can see it in action. Because of trackers and how data is marketed, I get “targeted ads.” If you browse the internet, you will too.
For instance, say you’ve been browsing shoes on Amazon and you leave the website. Or, you’ve searched familiar terms about shoes. Maybe you also visited a vendor’s website for a type of shoe. While using other sites, you may notice “focused” ads, which relate to your searches. In this scenario, your data was collected, sent or sold to a search engine, then coded to focus on your browsing activity. At first glance, it’s no big deal. On further thought, it’s strange that trackers watch your activity so rigorously, even if it is to make a sale.
Then, the very real threat of compromised data exists. Data breaches are significant problems for that reason. Not only because of the security aspects in place, but because of all the information gathered about you beyond basic credentials. If a data broker is breached, you’re in hot water.
Speaking of, there’s also the growing, contentious problem of said brokers having wholesale control of where data is bought and sold in essentially unregulated environments. Those that want to maintain an advantage in the financial tech sphere will often outsource services to unregulated data controllers. Does that sound a bit confusing and complex? It should, because again, where is your information going in all of that? While tech giants consolidate power and hedge their monopolistic squeeze on the data industry, our personal lives become a statistic and basis of leverage, instead of what it is: privacy.
As we grow yet more reliant on technology and data-based solutions for personal life and work, where will our info go? Regulatory bodies might pinch the tide, but the reality is a bit scarier.
The answer to question I posed: I don’t know where it goes or who sees it.