by Marc Goodman
Of course if Google told you all this, you might be freaked out, so instead a pretty ruse was created, a fig leaf of sorts. When Google was founded, it projected itself as the underdog, the little guy battling evil Microsoft. In fact, Google would tell its users that it was so benevolent that it decided to make “Don’t be evil” its official company motto. To allay any lingering doubts, Google’s icons and graphics, like its childlike multicolored logo and the adorable little green Android guy, were created to be so cute and nonthreatening that surely they could be trusted. Google Doodles, drawings on its home page celebrating everyone from Martin Luther King to Gandhi, further reassured the public that these were the good guys. Besides, Google had all these privacy policies too, which protect me, right? Not so fast.
Viewed with a skeptical eye, Google creates products not to give you free e-mail but to get more data out of you. Like a pusher holding that first dime bag of heroin over a soon-to-be junkie, Google gave you something “on the house,” and only later might you realize the implications of the bargain you were making. By then, it was too late. This became clear when in early 2012 Google announced it was merging its data across all of its seventy products and services. The result: a unified, profound, and unprecedented view of you and your world. Previously, your searches in Google, what you did on your Android phone, and the videos you watched on YouTube were data that in theory Google held separately. Not anymore; now Google has a single unified, highly detailed picture of you and everything you do across its Googleverse. Many have even argued that Google knows you better than you know yourself. It is precisely because it has all of these data that it can command top dollar from advertisers for your information.
If it wasn’t abundantly clear previously, you are not Google’s customer; you are its product. That’s why you don’t get a bill. That’s why there’s no 800 number for technical support. Those items are reserved for its real customers: the advertisers who are purchasing all the data you litter along Google’s information superhighway. You are the thing Google sells to other people; that’s the deal it never quite made truly clear to you, and whether or not you realize it, you are completely complicit in the process.
Google to its credit provides mostly wonderful products that serve the needs of its users, and the company is filled with loads of extremely talented and dedicated employees. But make no mistake, its loyalty will always be first and foremost to its advertisers, who pay the bills, and to its shareholders, to whom it has a fiduciary obligation to extract from you (its product and supply chain) the maximum value possible. That is why Google stores every search you have ever conducted on the site indefinitely: “the Ohio State college Republicans” you asked about ten years ago, the “symptoms of gonorrhea” after that one-night stand, the “Girls Gone Wild videos” while traveling for work at your hotel, “is my husband gay?” when feeling dejected and lonely.
Google does not forget, and Google does not delete. Each of the above queries is used to profile you, categorize you, and sell you to advertisers and data miners who make further assumptions about you based on your searches, e-mails, voice mails, photographs, videos, and locations as cataloged by Google. How many data is Google processing every day? you might wonder. About 24 petabytes’ worth (that’s 1 million gigabytes or 1,000 terabytes—a measure used to describe a volume of data). To put that in perspective, it takes approximately “1 gigabyte of data to store 10 yards of books on a shelf.” If all the data Google processed on a daily basis were printed and those books were stacked on top of each other, the pile of books would reach halfway from earth to the moon. That’s how much information Google is storing on users—every day!
With all of these data come immense insights and tremendous power, but as the old saying goes, power corrupts. Around the world, Google has been repeatedly sued for privacy violations, security breaches, mishandling user data, theft of intellectual property, tax evasion, and contraventions of antitrust laws. After a lawsuit by thirty-eight American state attorneys general in 2013, Google admitted that its bizarre-looking Street View cars, those outfitted with high-tech 360-degree roof cameras, were not just taking photographs for its Street View mapping product as they drove down the streets of our neighborhoods but also pilfering data from computers inside our homes and offices, including passwords, e-mails, photographs, chat messages, and other personal information from unsuspecting computer users.
In October 2013, a federal judge refused to dismiss a class-action lawsuit against Google claiming its practice of reading and scanning users’ Gmail accounts violated U.S. laws against unlawful interception and wiretap. Before that, in 2012, Google was fined a record $22.5 million by the Federal Trade Commission when it was revealed it routinely circumvented privacy settings on Apple computers and for those using Apple’s Safari Web browser to track users across the Web against their clearly stated wishes.
Of course Google is a highly innovative company, and in its quest to coax ever more data out of you for its real customers (advertisers), Google has planned a host of new products that may make past privacy concerns pale by comparison to future ones. One such product is Google Glass—a wearable computer in the shape of a pair of eyeglasses sporting an “optical head-mounted display” that connects to the Internet and is capable of projecting visual information onto a screen embedded in the glass. The device runs on the Android operating system and can take photographs and video and stream them in real time via its built-in camera and microphone.
In early 2014, Google Glass was the subject of a Simpsons episode titled “Specs and the City” in which all of Mr. Burns’s employees were given a pair of “Oogle Goggles.” On the show, Homer Simpson and his colleagues use the glasses to see new information about the things and people around them. Ominously, perhaps presciently, Mr. Burns, while seated in his office command center, is able to access the glasses of all his employees and see what they are viewing and doing in real time (in an effort to reduce theft of office supplies).
Even the former head of the Department of Homeland Security (DHS) Michael Chertoff has raised privacy and public policy concerns about Google Glass. He rightfully asked who owned the users’ video data and whether the entire video database would be mined and analyzed for commercial purposes. One could also legitimately ask about government access to these data, either retrospectively or in real time, for reasons ranging from crime fighting to “national security.” Consider the implications for a moment: By using Google Glass, are you granting the company the right to capture all the live-streaming moments of your daily life, everything you see and hear, so that it can sell these data to advertisers? For example, if, while you were wearing the glasses making your morning coffee in your bathrobe, the Google Glass vision algorithm recognized the object in your field of view as a coffeepot (entirely possible), might you start seeing coupons for Starbucks on your eyeglass screens? Given the aforementioned privacy violations we’ve seen from the search giant, what else might it be capable of as we enter the age of wearable surveillance?
The Social Network and Its Inventory—You
Of course Google is not alone in its business model of selling you to its advertisers, and there are thousands of companies around the world that do the exact same thing, including most notably Facebook. Founded by Mark Zuckerberg in his dorm room at Harvard in 2004, Facebook is the iconic Silicon Valley success story. With more than 1.2 billion monthly active users, Facebook is by far the largest social network in the world. It has succeeded by getting people to talk about themselves in ways never previously imagined. Sexual orientation, relationship status, schools attended, family tree, lists of friends, age, gender, e-mail addresses, place of birth, news interests, work history, catalogs of favorite things, religion, political affiliation, purchases, photographs, and videos—Facebook is a marketer’s dream. Advertisers know every last intimate detail about a Facebook user’s life and can thus market to him or her with extreme precision based upon the social graph Facebook has generated.
In case you aren’t sharing enough, Facebook is happy to create new rules and regulations to force you to share more, as it did in 2012 when it instituted its mandatory timeline “feature.” The change provided advertisers a dynamic, ever-updating window into your life’s interests at any moment in time and more fodder for Facebook to sell to advertisers. Facebook, like Google, has been broadly criticized on issues including privacy, child safety, and hate speech. It has been sued repeatedly around the world, most recently in U.S. federal court in San Jose, California, for regularly and “systematically intercepting users’ private messages … and sharing the data with advertisers and marketers.”
Of course, Google and Facebook are by no means alone in getting you to reveal personal data about yourself and selling them: so too are Twitter, Instagram, Pinterest, and hundreds of other firms. For example, did you realize every time you speak a query into Apple’s Siri artificial intelligence agent, your voice recording is analyzed and stored by the company for at least two years? The question, however, is not who is storing your data—everybody seems to be these days—but what are they doing with the information? If the Faustian bargain were as simple as we provide you cool services “for free” in exchange for a few data, all would be fine in the world. But things are not so simple, and as you will soon see, keeping and storing these massive volumes of data in a world that is so connected, dependent, and vulnerable puts you at risk in ways you might never have imagined.
You’re Leaking—How They Do It
Every time you visit a modern Web site, the site places invisible digital marking files known as cookies on your computer or phone’s hard drive. With these tiny computer files, it becomes possible to track you and your activities across the Web. In addition, all your digital devices have their own unique fingerprints that allow you to be traced, shadowed, and cataloged. Unique identifiers, such as the Internet protocol (IP) address for the computer network you use to access the Internet, the media access control number (MAC address) from your Wi-Fi network cards, and the IMEI or IMSI number from your mobile phone, all allow online companies to know exactly what devices (and users) are utilizing their services.
All of these data are tracked, unified, and exploited to give Internet companies and their advertisers a clear and persistent look into you and your online activities. According to a 2012 Wall Street Journal study, one of the fastest-growing businesses today is spying on Internet users. In its report, it highlighted fifty of the most popular Web sites and discovered that on average each left more than 64 cookie tracking files for advertisers to trace and surveil your online activities. The Web site with the most tracking software was Dictionary.com with a total of 234 tracking files implanted on your computer with every visit. All of these tracking beacons and cookies are combined with your Likes, pokes, and tweets to paint an eerily detailed picture of the digital you. Accordingly, your computer’s cookies transform themselves into cookie monsters, revealing data you never intended to become public.
Not only are you leaking data as a result of your own social networking activities, but your friends and family are leaking data about you as well. Every time a colleague puts your name and address into his Google Contacts or iPhone, he is providing Google and Apple with your personal details. Record a birthday in Microsoft’s Outlook calendar for your nephew, girlfriend, or business colleague, and Microsoft now knows the person’s date of birth. When your friends tag you at a party on Facebook (after you called in sick to work), they have shared your location with marketers and potentially the rest of the world, including your boss. Social media and Internet companies love when users do this work for them; it’s like having free code monkeys completing survey after survey feeding their big-data machine.
This even happens when your friend uses a particular Internet site or service that you don’t. For example, for those who do not have a Gmail account but whose friends do, sending an e-mail to any one of Gmail’s 425 million users means that Google has now become a party to your conversation. So if you use your university or work e-mail address to send your sister a message on her Gmail account, and even though you never opened a Google account yourself, Google will still read, scan, and search the message for words of interest that it can sell to advertisers—a practice for which it is now being sued in federal court. In its defense motion for the case filed with Judge Lucy Koh, Google shockingly claimed “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.” In other words, Google’s argument is that by e-mailing any Gmail user, you have automatically waived any privacy rights and consented to its seizure and sale of your e-mail message and its contents, even if you intended the message to be private and don’t have a Gmail account yourself.
It’s not just your friends who are leaking data about you to third parties such as Google but also your children. In fact, sites aimed at children install more tracking technologies on computers than those for adults. Though a federal law titled the Children’s Online Privacy Protection Act limits the information online marketers can collect on kids under thirteen, the rule is blatantly violated on a routine basis. Children are repeatedly presented with requests to sign up for contests, play games, and fill out online questionnaires in an effort to elicit more and more data about them, in contravention of federal law. Well-known companies such as McDonald’s, General Mills, Viacom, Turner Broadcasting System, and Subway have all been fined for coaxing data out of young kids on their highly cartoonified Web sites such as HappyMeal.com, ReesesPuffs.com, Nick.com, and SubwayKids.com. In another case, Sony BMG Music asked minors to enter their street addresses and phone numbers on fan pages for their favorite bands, information that Sony then sold to data brokers on at least thirty thousand occasions, without first obtaining parental consent as required by federal law. But why would venerable companies like McDonald’s, Google, Facebook, General Mills, and Sony commit acts such as these? Simply stated, there are vast sums of money at play, and you and your data are worth the risk to them, given the exorbitant rewards.
The Most Expensive Things in Life Are Free
The business proposition that most Internet users do not understand is that they are indeed paying for all of the so-called free services they receive online—and paying dearly. That sucking sound you hear is your privacy, your data, and all of the details that make up your unique identity being inhaled by the giant Internet vacuuming system. The details of your searches—stuff you wouldn’t dream of sharing with your closest friends and family—are being filtered into a big computer algorithm in the sky, aggregated into petabytes, and sold for billions. That is why you have free search and Google has a $400 billion valuation. Because of you—its product. That’s the deal you’ve made, whether you realize it or not.
Google’s consolidated revenue for 2013 was more than $59 billion. That amount is the difference between how much your privacy is worth to Google’s advertisers and how much you are not being paid. Google gets $59 billion, and you get free search and e-mail. A study published by the Wall Street Journal in advance of Facebook’s initial public offering estimated the value of each long-term Facebook user to be $80.95 t
o the company. Your friendships were worth sixty-two cents each and your profile page $1,800. A business Web page and its associated ad revenue were worth approximately $3.1 million to the social network.
Viewed another way, Facebook’s billion-plus users, each dutifully typing in status updates, detailing his biography, and uploading photograph after photograph, have become the largest unpaid workforce in history. As a result of their free labor, Facebook has a market cap of $182 billion, and its founder, Mark Zuckerberg, has a personal net worth of $33 billion. What did you get out of the deal? As the computer scientist Jaron Lanier reminds us, a company such as Instagram—which Facebook bought in 2012—was not valued at $1 billion because its thirteen employees were so “extraordinary. Instead, its value comes from the millions of users who contribute to the network without being paid for it.” Its inventory is personal data—yours and mine—which it sells over and over again to parties unknown around the world. In short, you’re a cheap date. You’ve happily provided Internet companies everything you know, everything you do, and everywhere you go in exchange for a modicum of convenience or entertainment.
As if that cash-for-data deal weren’t stark enough, Google has decided to grow its $400 billion valuation by using you and your photographs in its advertisements. In October 2013, the company announced a new feature, called shared endorsements, that began to appear in search, map, and Google Play store results. So if, for example, you rated a song five stars in Google Play’s music store or gave a +1 thumbs-up of support to your local bar or bakery, Google now granted itself the right to sell your likeness, name, and endorsement to ad firms and data brokers. This way when your friends Charlie and Juanita searched for a bar or a song in Google, they would see your shining face endorsing the product next to their search results. George Clooney and Angelina Jolie get paid for their celebrity endorsements; do you?