Every Move You Make

PrivacyI’m a 40 something self-employed writer and a huge movie and technology fan, and will happily admit, I can’t live without the internet. I post to Facebook and Twitter, watch YouTube videos, buy everything from books to plane tickets online, visit dozens of websites and on an average day read, file or delete 100 emails.

I consider myself a savvy online citizen who cares about personal and financial security. I’m careful about where I post personal details. I change passwords often. But whether I like it or not, I’m sharing information about myself every second I’m connected.

I saw proof of this recently when I complained on Twitter about the speed of a new system on my computer after I’d installed it. Minutes later, websites I was visiting started showing me ads for tools to speed it up. Within a frighteningly short space of time, software had picked up key words in my tweet and told another system that pushes adverts out to my browser that “Here’s someone who might be in the market for these tech gadgets.”

I shouldn’t have been surprised. It was a blatant example of what’s been dubbed “The Other Internet”, a layer of businesses that work in the background to capture and trade details about what you like and visit online.

Is Your PC Tracking You?

The technology to track our online life started with the humble cookie. A cookie is a small chunk of data a website sends to your browser that remembers where you’ve been. In the early days of the web, cookies helped e-commerce companies tag who you are. If you log into a service, put items in an online shopping cart or send an encrypted credit card number, it’s cookies that tell the website it’s still you doing the transacting.

“The easiest way to understand a cookie is to compare it to a wrist band,” says online entrepreneur Sam Oh. “When you attend a concert, it lets security know who you are and lets you re-enter without disruption.”

But e-marketers soon realised cookies could also tell them what else you’ve been doing. It was my browser cookies that told subsequent websites I visited that I’d been posting about my slow system on Twitter.

As I prefer to make my own decisions about what I share online, I’ve got into the habit of regularly deleting my cookies and browser history.

However, it’s a double-edged sword. Culling these records covers my tracks but it means I have to repeatedly log into services I use often, plus those sites have no record of what I’ve bought in the past, and I can’t store items in wishlists and shopping carts to come back later.

I know I could use tools in my browser to automatically restrict cookies or even install a product like Ghostery that gives me complete control over who’s tracking me, but it’s a complicated process.

Perhaps it’s not even worth the trouble: Nico Sell, co-founder of the messaging app Wickr, which vouches that it doesn’t retain any of your data, reminds me that, depending on your service provider, clearing your history isn’t enough. “The code is on the provider’s end, so you can’t take steps to avoid it.”

Fighting for Attention

Even if you do everything you can to share only what you want others to see, you’d be surprised at how much advertisers can guess.

“Many people don’t understand the power of inferring things about you based on a limited amount of information,” says Michael McKinnon, security advisor for online security provider AVG Technologies Australia. “It could be something as simple as your browsing history,” he says, referring to websites you visit that can see where you’ve been before. “Telltale signs [enable] accurate decisions about the sort of person you are.”

The extent and reach of such digital guesswork (all done by software algorithms at giant online advertising companies) and detail-swapping is astonishing. After I heard about a special offer on a website I’d never been to I typed in the website address. I clicked a few links and left the site, having – I thought – given them no information. To my shock, they were sending me emails advertising their service within the hour.

“At some point you’ve provided at least your email address to someone,” explains McKinnon, “and they’ve shared it, maybe just within a group of related companies.” That might sound nefarious, but as long as the website operator tells you what they are doing (usually buried way down on “terms and conditions” pages), it’s legal.

Batten Down the Hatches

Even more intrigued now, I started looking into other privacy-friendly technologies. One is the Tor browser, which obscures your IP (internet protocol) address. This is the string of numbers allocated to your computer, much like a telephone number, that identifies, among other things, which country you are in.

Or there’s duckduckgo.com, an alternative to Google’s search engine that doesn’t track where you’ve been.

I feel more comfortable using them, but if I’m honest, they’re simply not as good as the major name tools that put hundreds of millions of dollars into research and development so their servers run faster and better, and employ armies of user experience designers to keep us happy.

But the trade off for a better experience is our personal data. As Dave Mosher, a technology journalist and editor with experience in tracking technologies, puts it. “Any time you use Facebook you’re adding more to Facebook’s database to help them further target you.” Every time you click a button liking or sharing something, you’re sending a message directly to the social network provider (Facebook, Google Plus, etc) about your interests.

Everyone Has Their Price

The reason advertisers are so hungry for your personal details is simple: it’s worth big money.

Professor Adriana Sanford of the W.P. Carey School of Business at Arizona State University says the database of a data broker – a company that collects and sells information on you – can capture data from ecommerce transactions worth over US$1 trillion a year. “Some of these businesses have the ability to add three billion new records to their databases each month,” she says.

According to the most recent numbers, 5.3 trillion ads a year appear on websites in the US alone, with the average consumer seeing over 1700 every month.

The economy of you and I buying clothes, music, electronics and streaming TV shows online was worth about US$1.1 trillion globally in 2014 and, on the back of all the data collected about us while we did so, advertisers made another $125bn. Of that, dominant industry player and data-collection company Google clocked up $59bn in advertising revenue, while Facebook earned a tidy $12.5bn in total.

Now, before you get too worried, remember you’re one of millions in vast datasets of people the collective wisdom of the online advertising industry thinks are, for instance, female, 50+, like cats, live in the suburbs, and drive a hatchback.

That gives you economic value as an individual to the services like Facebook, Google, Apple and Microsoft who sell your profile to advertisers. Dividing Google’s near-unbelievable total revenue last year  (US$66bn) by the people who used the search engine, you are worth around $55 to the company a year. Facebook, meanwhile, values its North American users at $9 a user, and its Asia-Pacific members at just over a dollar a year.

Where to From Here?

The biggest irony of online advertising is that when you first glance at the figures, it seems to perform terribly. Click-through rates [how often people who see an ad end up clicking it] are less than a sixth of 1% at most.

Adriana Herrera, who runs an online advertising platform called GrandIntent, thinks it’s time the ad industry changed its ways and put people before algorithms, for the sake of both profits for them and privacy for us.

When online advertisers keep track of and swap our habits with each other, they (in Herrera’s words) “destroy and diminish brand equity by stalking consumers”. It’s just what I felt when a website I’d visited started sending me spam email. By allowing users to actively choose what types of ads they’d like to see, GrandIntent has enjoyed 33 times the standard click-through rates.

Tech-savvy web users like Generation Y (20- to 35-year-olds) are so bothered by traditional practices, she says, that nearly a quarter of them have browser ad-blocking software, a rate that’s growing rapidly.

So where is this all heading? When the channels through which they can track and advertise to us only increase, any technology we deploy to stop them will be an ever-escalating arms race.

In the end, it might just be that we have to understand the rules of the game. As Dave Mosher says, “I always imagine anything I put on the internet – from an email to a private or instant message – might be seen someday by somebody I don’t want to see it.”