The world is nowadays effectively united by the desire of everyone (and corporations are people too) to acquire as much money as possible. One reason is given in my friend John Wasson's version of the Golden Rule: “Those who have the gold, RULE”.
However, as humankind has known for a couple of millennia, the love of money is also the root of all evil [1].
Computers, internet, smartphones, and artificial intelligence have now established an environment where endless evil can flourish; and does.
One of the mechanisms is enabled by data brokers: companies that acquire as much information as possible about as many individuals as possible, and sell that to whoever cares to pay for it.
I first became aware of the existence of data brokers about 10 years ago when I was unable to sign on to the website of my credit card because they had established new security arrangements. In order to sign on, I was asked, “When had the house been built, in which you lived before where you live now?”.
I did not know (and probably never had known or cared).
I was able to answer the next question: “What streets intersected closest to that previous house?”
But I flunked so many of the following questions that I had to phone the credit-card company. I was fortunate enough to speak to a technician, who explained that the new security arrangements had been established by purchasing information about their card holders from a data broker.
Much data is of course available in public records: Real estate ownership and sales, for instance. But one’s social-security number can be used to gather much additional information, and even as gestures have been made against needing to reveal those numbers, doctors and dentists and other parts of the healthcare system continue to ask for and use them; and those health-care-data collections are anything but secure: quite recently, two such companies informed me of security breaches affecting my personal data.
There is no possible way to regulate or manage or control data brokerages, no matter that the state of Vermont tried to do so in 2018:
“The Data Broker Act requires data brokers to meet two general requirements: registration and minimum security standards”.
The Act is replete with good intentions:
“The Data Broker Act prohibits any person or business, not just data brokers, from fraudulently acquiring brokered personal information and from acquiring or using such information for improper purposes, namely: (i) stalking or harassment; (ii) committing fraud (such as identity theft, financial fraud, or email fraud); and (iii) engaging in unlawful discrimination (including employment and housing discrimination)” [2],
It should be obvious, however, that there is no possible way to police and hold to account, let alone prevent, actual behavior in gathering and selling and using personal data. The dangers are global, the potential bad actors are global, and the internet and smart phones cannot be effectively safeguarded.
Bad actors can cause damage that goes much beyond harming specific individuals; societies as a whole can be affected (and infected). A recent article mentions, for instance, that “data was [sic] used to exclude women from seeing tech job ads on Facebook”; and data from a variety of sources “have been used to prosecute women who had an abortion in the US since the Roe v Wade ruling was overturned last year” [3].
That article also cites Paul-Olivier Dehaye, who founded Hestia labs in Switzerland to explore ways of coping with these ever-present and increasing dangers. He points out that society-wide solutions are needed; for individuals, “this is a game you can only lose”.
Do not be reassured because websites give you an apparent choice as to accepting cookies; or by the promise from websites of several British newspapers, “Don't worry you will not be hearing from us”, after you did not sign up for a free account or a newsletter or for notification of items of interest. Artificial Intelligence (AI) can find patterns that tell much about you just from which websites your computer visits, and how often; and who your smartphone contacts are, and how often and from where you are in touch with them; and from what you buy anywhere on-line, and how often. Most likely, there are also far more sophisticated algorithms about which I know nothing. Every person’s political leanings and voting behavior, entertainment and food preferences, religious habits, etc., are described in some data broker’s collection — often quite accurately but sometimes incorrectly.
The owners of websites earn money whenever someone clicks on an advertisement, so there is unlimited incentive to attract as many website visits as possible. Newspapers offer enormously discounted subscriptions if you read them online, because that brings clicks on the ads. Television programs steer you to their on-line “overtime” information.
The love of money cannot be satiated. No amount of revenue is ever enough. Amazon's Prime-Time video lists, among its purported offerings, many that require additional fees or subscriptions; and it has recently announced that it will be inserting advertisements into its currently “free” offerings, unless one chooses to pay an additional $2.99 monthly.
Greed knows no bounds.
*************************************************************************************************************
[1] Attributed to Paul the Apostle; 1 Timothy 6:10
[2] “Vermont: Overview of the Data Broker Act”, https://www.jdsupra.com/, 26 January 2022
[3] Amanda Ruggeri, “Nowhere to hide”, New Scientist, 26 August 2023, pp. 32- 5
Thanks!
I just don't know enough about the German initiatives. But in general the EU does better in regulation than we do, re Facebook/Meta, Microsoft, and very much in negotiating drug prices with the manufacturers.
Thank you for your post, Mr. Bauer. I’d be keen to hear your thoughts on the Germans’ efforts—and those of the EU more generally, I suppose—to introduce a much stronger data protection regime than that which we have in the United States. Of course, your points about bad actors and the generally “insecure” nature of the Internet still apply, but I wonder if you find any redeeming qualities in the German system?
Your anecdote about the credit card also struck a chord with me. I have worked with the homeless at times, and the hurdles presented by common data security measures can seem nearly insurmountable to them and others living on the margins of society. How so? Well, to get a job today, one often needs to apply online, which often requires an email address, which, if one loses his password, can only be unlocked by two-factor authentication via a previously registered device, which, if it has been lost, or if it’s been disconnected due to one not having the funds for a phone plan, can’t be swapped out for another device. The homeless—or others who fall through the cracks—often face all manner of data-related complications like this as they attempt to reintegrate into normal society. Coupled with the fact that many of them are low IQ or otherwise lacking in executive functioning, this can mean that many are simply unable to get out of these bad situations without extensive tech support. Of course, this wasn’t at all the case only 20-30 years ago.