January 11, 2011

The technology of privacy threats

This post is the second of a series. The first one was an overview of privacy dangers, replete with specific examples of kinds of data that are stored for good reasons, but can also be repurposed for more questionable uses. More on this subject may be found in my August, 2010 post Big Data is Watching You!

There are two technology trends driving electronic privacy threats. Taken together, these trends raise scenarios such as the following:

Not all these stories are quite possible today, but they aren’t far off either.

One of the supporting trends, pretty obvious, is that there is a lot more electronic information than there used to be. Indeed:

Here’s what I mean by the inevitability claim. Whether or not you think anti-terrorism concerns are overblown, as a practical matter your fellow voters* will allow a broad range of governmental information access. Besides, just the widely-available credit card and similar commercial data is enough to provide a fairly detailed picture of what you’re up to. In most countries, anti-pornography, anti-file-sharing, and/or general civilian law enforcement efforts serve to strengthen the point further.

*If you live in a country too unfree for voters to much matter, then it is surely also the case that governmental information has few practical limits.

Examples of information being tracked (more particulars were covered in the first post of this series):

Most of that data is available to law enforcement departments. Much of it is available to commercial companies as well.

And these vast amounts of data will hardly go to waste. The second major technological trend in play is that the data can be much more effectively analyzed than before. New kinds of or effectiveness in analytic profiling create whole new levels of exposure (using the word “exposure” in its most literal sense), in at least three ways:

* I just coined the terms “relationship profiling” and “propensity profiling.” “De-anonymization,” however, has been in use for a while.

Classical relationship profiling questions include assessing who has a close relationship with whom, who influences whom, who influences lots of people, etc. The most obvious data to infer this from is communication — who called whom, how long they talked, who they called next, what time of day this all happened, and so on. Anti-terrorist uses are obvious. A major marketing use is telcos — who of course have this data — deciding who to offer their best deals to, by trying to identify who influences the most other customers. These calculations of course involve comparing lots of data, mainly about people who are NOT targets of terrorist investigation or preferential telephone service pricing.

Much of Facebook’s $50 billion valuation hinges on the assumption it can do similar things based on the “social graph” it infers from informal communication among friends. To date that assumption has been questionable, but we’re still in the very early days. Meanwhile, cruder methods of analyzing social influence are used. But the trend is clear — marketers want to use technology to identify social leaders, influence them however they can, and hope that the rest of us follow along baaing. Up to a point, that’s actually OK — learning things from our friends and acquaintances is an important and pleasant part of living in a society. And political campaigners have been doing it for generations, in the most low-tech of fashions. Still, it’s one thing for such targeting of leaders to be transparent; if done surreptitiously, it suddenly starts to feel a lot more sinister.

For years, propensity profiling has been an area of huge investment and technological progress. It’s the central application of big data analytics, and the heart of the business for many companies I write about, or that are my clients. Credit files, web logs, other marketing responses, census information, and other data are combined to infer:

This has been going on since at least the 1990s, especially in service industries with “loyalty card” kinds of programs, such as retail or travel/leisure. In the credit case it’s been going on longer than that. But new data sources, processed by new analytic technologies, have brought the practice to a vastly greater height.

Finally — in case you care about being anonymous online, you’re running out of luck. De-anonymization analytics are getting too good. The Electronic Freedom Foundation’s de-anonymization overview in 2009 was one of many articles pointing out that it often was possible to attach a specific name to online activities that in theory don’t track personally identifiable information. Meanwhile, at a talk I attended in May, 2010, comScore spoke of its successful efforts to tie various anonymous online activities, such as visits to different websites, to each other. And after I entered “usinger.com” into my browser address bar, I started seeing ads for Usinger sausages at a variety of prominent websites.

I’m not sure how much of a privacy threat de-anonymization technology is in and of itself, but it certainly provides support to both relationship and propensity profiling.


4 Responses to “The technology of privacy threats”

  1. Privacy dangers — an overview | DBMS 2 : DataBase Management System Services on January 11th, 2011 11:25 am

    […] This post is the first of a series. The second one delves into the technology behind the most serious electronic privacy threats. […]

  2. Hemant K Chitale on January 14th, 2011 1:59 am

    The URL link in your second sentence “The first one was an overview of privacy dangers,…” seems to point to somewhere that I am not allowed to go to by my organisation.
    The link at the paragraph beginning with “Examples of information being tracked (more particulars were covered in the first post of this series)” is correct : http://www.dbms2.com/2011/01/10/privacy-dangers-an-overview/

    Hemant K Chitale

  3. Curt Monash on January 14th, 2011 9:16 am

    Thanks, Hemant! Fixed now.

  4. The technology of privacy threats (2011): A good overview of how net data is used. | Gordon's shares on February 19th, 2013 3:08 pm

    […] Link. In the early 90s I was all Cassandra about this, but I gave up by 99. Reminds me I haven’t watched Minority Report yet. This entry was posted in share and tagged pinboard by jgordon. Bookmark the permalink. Proudly powered by WordPress […]

Leave a Reply

Feed: DBMS (database management system), DW (data warehousing), BI (business intelligence), and analytics technology Subscribe to the Monash Research feed via RSS or email:


Search our blogs and white papers

Monash Research blogs

User consulting

Building a short list? Refining your strategic plan? We can help.

Vendor advisory

We tell vendors what's happening -- and, more important, what they should do about it.

Monash Research highlights

Learn about white papers, webcasts, and blog highlights, by RSS or email.