Privacy advocates would say that this figure is too low – everyone with an email account and a credit card should be worried. But assistant privacy commissioner Katrine Evans says it’s not the technology we should be concerned about.
“Technology itself is neutral,” she says, “It’s what we do with it.”
Consider this. Every time you make a telephone call, purchase something using a credit card, subscribe to a magazine or pay your taxes, a little parcel information that can be linked to you goes into a database somewhere. Every electronic transaction, every email, every phone call leaves a mark. Just like snails, we leave a trail behind us. It may feel invisible but in fact it’s almost impossible to erase.
We do it without thinking. Surf the web. Send an email. Register our car. Use a supermarket loyalty card. Buy a house. Go to the doctor.
On their own, these pieces of data reveal little. But put them together and you have a data profile that is extremely valuable to people who want to sell us stuff.
In the US, where direct marketing campaigns account for about three-quarters of a billion dollars in sales each year, the personal data industry is booming. One company, Donnelly Marketing, keeps dossiers on over 90 percent of American households.
In New Zealand, Loyalty schemes like Flybuys or Progressive Supermarket’s One Card allow companies to collect additional information like name, address and date of birth and correlate them with purchasing patterns.
Companies can use a method called data mining to profile the card holder and forecast their response to special offers. This way, offers can be targeted to the people most likely to take them up.
University of Waikato professor of Marketing Richard Varey says, “Once an electronic connection is established, every move is recorded and trackable.”
One often-quoted example is of a US grocery chain that used the data mining to analyse local buying patterns. They discovered that when men bought nappies on Thursdays and Saturdays, they also tended to buy beer. The retailer could use this information to increase revenue by moving the beer closer to the nappies and making sure beer and nappies were sold at full price on Thursdays and Saturdays.
“Tracking and analysis of shopping behaviour, linked to time, place, and activity, is now commonplace,” Varey says.
Marketing planners look at what is purchased and in what combinations to draw conclusions about a person’s lifestyle. They can time offers to match birthdays, weddings or anniversaries.
“This is way more sophisticated than simple revenue or profitability measurement – and the customer is no longer anonymous to the supplier. Communication via email, SMS, etc. is now almost costless, and endlessly personalisable, avoiding the waste of large-scale broadcast advertising. The benefit to sellers is obvious,” Varey says.
Massey University marketing professor Ben Healey says targeting offers is a way to try to reduce wastage in marketing. “There’s an old adage that half of your advertising money is wasted, but you don’t know which half,” Healey says.
Companies that collect information about customers normally have a privacy policy that promises not to pass personal information on to a third party. Healey thinks there is a strong incentive for companies to stick to this policy.
“My personal experience in working with these organisations is that they’re quite well run. Of course, there are always instances where people misuse information and you hear about people in the US hacking into computer systems and stealing data. There’s always the potential for that but there is also a heavy incentive not to misuse data.”
Healey believes that New Zealand companies who have loyalty schemes tend to use them more for their original purpose, encouraging customers to choose one chain over another.
So should we be concerned about the supermarket knowing who we are, where we live and which brands we prefer?
“It comes down to the individual,” Healey says. “We definitely need to be more aware of what data’s collected and we need to be comfortable with what information we are giving out.”
Why do marketers want to know so much about us? It’s summed up with a new corporate strategy called "relationship marketing," where companies try to bond with customers for life through an increasingly differentiated array of transactions.
And there are some frightening technologies in development to achieve that. A New Jersey company called PreTesting is developing a watch that records messages encoded into the sound tracks of radio and TV commercials. The same device will also detect signals from a chip inserted into the spines of magazines, conveying how long a reader spends perusing a publication.
The old standard of selling to the masses, demographics, is being replaced by a more precise classification of personality profiles called "psychographics." Psychographics are used to determine not just who is buying a certain product but why they are buying it. Demographics include statistics on age, income, education, status or type of occupation, region of country and household size. Psychographics take it a step further to include people's lifestyles and behaviours – hobbies and interests, favourite holiday destination, the values they hold and how they behave.
Keeping such close tabs on the consumer population requires a high level of surveillance or what Australian information privacy researcher Roger Clarke calls “dataveillence”.
Clarke coined the term in 1988 and he defines dataveillance as “the ability to monitor a person's activities by studying the data trail created by actions such as credit card purchases, cell phone calls, and Internet use”.
Felicity Brown, a master’s student at Auckland University of Technology, is researching surveillance.
“In the private sector, dataveillance is used by agencies such as Baycorp to determine an individual’s credit history. In the public sector, citizens are watched to make sure they correctly declare their income for taxation, provide welfare or a student allowance. In fact, dataveillance is a very pervasive part of our everyday lives. We require these passports that testify to our trustworthiness when applying for insurance, hire purchase agreements, finance, or any dealings with the bank,” Brown says.
One of the most common ways that your personal information can be used against you is through identity theft. Identity theft is much-talked-about overseas, especially in the US (where identity fraud is the fastest growing crime and now totals $52.6 billion a year) but it’s also on the rise in New Zealand.
Using a bank statement, driver’s license, passport or even a power or phone bill, identity thieves steal personal details to commit theft or fraud. They can use your identity to buy items on hire purchase, open a credit card account or take out a loan. They could fraudulently obtain benefits. It can be an expensive and time consuming process repairing the damage done by identity theft. Victims in the US spend an average of 600 hours recovering from this crime - the equivalent of nearly US$16,000 in lost potential or realized income.
Identity fraud is the most ominous misuse of personal data but there is also a more common consequence of being classified by your data trail. Clarke believes our digital profile can extend the biases of class into everything from getting a mortgage to the marketing information you receive in the mail to the way a company responds to your complaint. Once established, your profile is hard to shake.
Felicity Brown says monitoring consumer activities reverses the perceived benefit of the free-market – consumer choice. “In telling consumers what to think about direct marketers create shopping agendas for individuals, seeking to programme particular choices by privileging certain options, and then smoothing the path to the door of the outlet.”
Fooled by the mistaken belief that we are anonymous online, we often reveal vast amounts of information about ourselves while we surf the web.
The internet - by definition - is a system designed to share information between computers. So it should come as no surprise that our online activities are an open book. When we surf the web, send an email, chat or post to newsgoups, our computer leaves behind a digital fingerprint called an Internet Protocol (IP) address. An IP address is a computer’s unique identifier.
We may be anonymous but our computers aren’t. Little files called "cookies" can track every site visited on your computer. Web merchants may monitor Internet chat-rooms or news groups, collecting email addresses and demographic information based on users’ online behaviour and postings. Every time you subscribe to a newsletter or fill in a form, your profile becomes more comprehensive. Marketers use this information to assemble a precise image of your wants and needs. This information can then be sold to other interested parties and direct marketers.
Sometimes, we’re willing to sacrifice privacy for free services. Google’s popular Gmail service, released two years ago, offers users a free email account with huge 2GB mailbox. Is Google just generous? No. By signing up, users agree to have their emails scanned and then Google delivers targeted advertisements based on their content. You might think that would put people off but Gmail now has tens of millions of users.
When governments start to take an interest in the information held by search engines, things get scary. Yahoo has been cited in a Chinese court decision to jail a dissident internet writer for 10 years for subversion. This is the fourth case implicating the US search engine, who has responded by saying, "The Chinese government ordered Yahoo China to provide user information and Yahoo China complied with local laws."
While the Chinese government has a reputation for jailing dissidents and disrespecting privacy, search engines have also received subpoenas for US courts.
In March, a US judge ruled that Google must give the Federal Trade Commission the entire contents of a customer's Gmail account, including deleted messages. In another case, a judge said the company had to provide 50,000 web addresses from its database to the Justice Department for a study of child pornography online. While Google initially resisted the subpoena, Yahoo, AOL and MSN complied without a fight.
GOVERNMENT INVOLVEMENT
Apart from our electronic spending data, the largest holder of information about us is the government – in the form of electoral rolls, car registration, building consents, and the companies register.
We are under the mistaken impression that data held by the government is safe – locked up in some grey Wellington office block. But thanks to the Freedom of Information Act, public information is, well, public. And more and more of it is available online.
I can – without leaving my desk – find out if you are a director of any companies or trusts. If you’re listed with Telecom’s directory, I can find your phone number and address. I can search QV or LandOnline to see if you own the house at that address and for a small fee, I can find out how much you paid for that house and when, and what its approximate market valuation is now. Thanks to the LTSA’s online Motoweb, which was designed to protect car buyers from purchasing stolen or fraudulent vehicles, I can punch in a vehicle registration number, find out who owns it and whether they bought it outright or financed it and how much is owing.
If you were born in a New Zealand hospital after 1969, a sample of blood taken from a heel prick is stored at the National Testing Centre in Auckland’s National Women’s Hospital. The blood is tested for seven diseases but it doubles as a DNA database and samples are sometimes released to police for criminal investigations.
There are other examples of government information being passed on to third parties.
In June 1998, it was revealed that thousands of Auckland valuation records had been sold to a marketing company in Queensland by Valuation New Zealand (now Quotable Value). As a result, property owners received unsolicited marketing in the mail. Some government agencies – like the motor vehicle register and the drivers’ licence register - give information away for free.
It may be the law hasn’t kept pace with technology. When these registers were made public, it was anticipated that someone would have to go into an office and request the file in person. Now that the databases are electronic, they’re more subject to abuse.
The electronic age also allows government agencies to share information between them. The Privacy Commission reported last year that over the period of 2004-05, 21.4 million files were officially disclosed by one government agency to another.
The Privacy Commission says that data matching is done mainly to detect fraud. WINZ and NZ Immigration might cross data to make sure that someone collecting an unemployment benefit hasn’t left the country for a holiday in Australia.
Parliament has to approve any data matches by government organisation in New Zealand and the Privacy Commission acts as an expert advisor. The requests for data matching must show that the public good overrides the intrusion of privacy.
Felicity Brown: “In terms of government dataveillance, a certain amount of information is required to run a nation, and do the things that we collectively agree to through democracy. Specifically, the provision of welfare, student allowances and the electoral system all require some degree of dataveillance.”
Properly handled, data matching can be both an efficient and beneficial bureaucratic solution. But data matching is basically a series of inferences based on a formula. And sometimes these inferences can be wrong.
In Britain, a minister recently had to resign because 2000 prisoners who should have been deported were instead released. Everyone assumed the computer wouldn’t lie.
When there are discrepancies in data in New Zealand, the law dictates that the citizen must be given a chance to explain themselves.
Felicity Brown says that this is the biggest problem with dataveillance: “It reverses the basic tenet of justice, that citizens are innocent until proven guilty. When dataveillance flags an individual as having transgressed the rules, it is up to them to prove that they haven’t. Apart from the worry that there might be mistakes in the system, this is the opposite to the way we’ve usually done things.”
There is also the risk that the aim of the data matching might be discriminatory. “Information-matching might be encouraged in order for welfare fraud to be identified, which is great, no-one wants their tax dollars ripped off. But welfare fraud might be more surveilled than tax evasion on the part of large corporations,” Brown says.
Brown says that dataveillance, in general, does not affect everyone to the same degree.
“Dataveillance involves a series of pre-determined judgements about an individual’s innate qualities, their moral fibre, their strengths and weaknesses. Large databases of information are searched for particular sets of qualities which signal a ‘risk’. The combination male + arab + flying from Dubai to Auckland, will require investigation, while the combination female + Australian + arriving from Sydney will not.”
International terrorism has driven a lot of recent surveillance initiatives. Since September 11, 2001, the New Zealand Government has passed several laws that require internet service providers and telecommunications companies to have systems in place so that calls and communications can be intercepted.
“These are laws that give police and intelligence agencies much greater access and dramatically increase the legal capabilities of the government to engage in surveillance,” Tim McBride says.
These laws have, McBride says, crept in mostly unnoticed. Mostly. In 2004, McBride was the spokesperson for the Big Brother Awards, which nominated people and agencies responsible for “outstanding abuse or disregard of privacy and civil liberties in New Zealand”. Three of the five awards were related to “antiterrorism” and surveillance legislation.
Person of the year went to all politicians responsible for passing the legislation, which the awards said “allow additional, secret snooping – with little or no public accountability - into the private lives, transactions and communications of New Zealanders. While falling mercifully short of the excesses of the United States Patriot Act, these various pieces of legislation result in significantly reduced privacy and civil liberties for all of us, but do little to reduce any actual terrorist threat.”
Along the same lines, Minister of Justice Phil Goff won worst elected representative and the Government Communications Security Bureau won worst public agency or official for the agency which has most systematically invaded privacy.
In Australia, privacy advocates are fired up by the John Howard’s proposal for a national identification card. Supporters argue it will increase efficiency and streamline government services but Roger Clark says, “National identity cards are an extremist measure, attuned to the needs of countries subject to central planning and despots, not to the expectations of free countries. The dangers of the card are serious enough, but the real focus needs to be on the dangers of the 'national identification scheme' that provides the infrastructure to go with it.”
Assistant Privacy Commissioner Katrine Evans says New Zealand laws don’t allow organisations to use the same unique identifier. A university cannot use drivers liscence numbers as student numbers and the heath system cannot keep track of patients using tax file numbers. This system is designed to keep information separate – and therefore safe.
“We don’t have the quantity of war stories in New Zealand that we see other places and that’s partly because we have strict limitations on the uses of unique identifiers. Another department cannot use IRD numbers to identify people because that would allow data aggregation.”
But McBride believes biometric identification cards are inevitable. “I’m sure we will fall into line but we need informed public debate on it. The proponents need to provide compelling arguments as to why we need such a system.”
The New Zealand Government is already involved in a much bigger system – a massive electronic intercept program called Project Echelon that can collect huge amounts of data and, by linking far-flung information from blogs and e-mail to government records and intelligence reports, search for patterns of terrorist activity.
According to intelligence experts in the United States and Europe, Echelon scans Internet traffic, cell phone conversations, faxes, and telephone calls looking for evidence of terrorist activity, military threats, and crime.
The electronic spying is being conducted by the secretive US National Security Agency and its counterparts in Australia, Canada, the United Kingdom and, yes, New Zealand. Echelon is so secretive that the NSA will not even acknowledge its existence.
The possibility that innocent people may become Echelon targets or that the project's spying may exceed legal boundaries bothers privacy activists, but researcher and writer Nicky Hager, who wrote a book about the subject, Secret Power - New Zealand's Role in the International Spy Network, says he doesn’t believe Echelon is a threat to everyday New Zealanders.
“But it is an example of large scale international spying, which does have implications for all kinds of issues that New Zealanders care about.”
Hager says there is a much more immediate and common threat in the vast amount of data that we leave behind in our everyday lives.
“When you put it all together in systematic way it adds up to a very complete picture of someone’s life,” Hager says.
Though this information can potentially be used against us by anyone from a jealous partner to a zealous employer or an aggressive marketer, Hager says the affect is even greater than that.
“The potential actually changes the way people live in very subtle, long term ways,” Hager says. We behave differently knowing that our emails are potentially read by our employers and that the websites we view can be looked up by other family members. “It changes the way somebody feels about their sense of private self. Most effect of that day-to-day is psychological. The serious, society altering thing is where people who like to be private stop believe that they have privacy.”
Computer forensics has shown that people’s lives can be remarkably reconstructed by the data on their computers.
“People have no comprehension of how much of their lives are going into computers, texts and emails with the assumption that those are private. The thing that’s changed since 30 years ago when surveillance meant a telephone tap is that very large parts of people’s live and relationships and legal, private personal business are being recorded electronically as we do our business. That means there is a much larger part of person’s self which is easily susceptible to interception.”
A warrant to seize a computer can be signed off by a junior registrar of the court with generalized explanation.
“I’ve heard of cases in Auckland where protesters – moderate lawful protesters - have had their computers seized by police. Suddenly, you have somebody who did a small, democratic political action and the police know more about their lives than anybody could have known about anyone 10 years ago.”
Hager says the level of warrant required to seize a person’s computer doesn’t reflect the seriousness of this privacy intrusion.
“It’s normalisation of what I would say is the most intrusive form of surveillance. The amount of data left on a computer about someone’s life is mind boggling.”
Hager predicts that when it dawns on people how much they’re computers reveal about them, there will be a call for the laws regarding seizure to be re-thought completely.
Although Hager accuses the New Zealand government of not being interested in privacy issues, he’s not pessimistic.
“What happens with new technology is that people at first are just dazzled by the advantages and it takes longer to realise the down side. I take more optimistic view. I would argue that over time people can understand and control the bad sides of it.”
And that will happen, Hager says, when there is more commitment from the government or when the issues become controversial enough that there is greater public pressure for change.
Tim McBride has spelled out his expectations for privacy protections in the New Zealand Privacy Charter 2004, which says, “A free and democratic society requires respect for the autonomy of individuals, and limits on the power of both state and private organisations to intrude on that autonomy. Privacy is a value which underpins human dignity and other key values such as freedom of association and freedom of speech. It is a fundamental human right.”
Sidebar: New monitoring on the horizon
An old technology may be about to change our lives dramatically. Radio Frequency Identification tags (RFIDs) were first developed in World War II, when the allied forces used the tags to identify friendly aircraft. Today, the tags are being used to track everything from warehouse stock to children and employees.
An RFID tag is like a high-tech version of a bar code. They are permanently attached to a product in order to electronically monitor levels of stock, or locations of objects (such as luggage at airports).
Privacy advocates warn that RFID tags will offer store owners, governments, hackers and direct-marketers unsurpassed insight into a consumers’ mobility, tracking them as they move through daily-life wearing tagged clothes and accessories.
In some cases RFID tags are even planted directly under the human skin. Select patrons of the Baja Beach Club in Barcelona, for example, have the rice-sized grains of silicon implanted in their shoulder. The tags allow the VIPs to skip the queue and order drinks directly on their e-accounts.
Amusement park Legoland in Denmark rents RFID tags to help parents keep track of their children. Employees in North America have been embedded with a small microchip to store information and control access to certain work areas. The technology has been trialled by Walmart in the US and the Warehouse in New Zealand.
University of Otago law professor Dr Paul Roth told Privacy Issues Forum in Wellington in march that Radio Frequency Identification (RFID) could be used to monitor workers and measure performance. He said the uses of RFID in the workplace raised new questions surrounding privacy law and practice.
As with any technology, there is a risk of failure or abuse. A master’s student at the Vrije Universiteit Amsterdam wrote a virus small enough to fit on a RFID tag in just four hours. The tags, which contain as little as 114 bytes of memory were previously thought to be resistant to such attacks.
What can we do to protect our privacy?
It is difficult to take action against violations of our digital privacy. As Tim McBride says, “It takes someone with deep pockets or an obsession.”
The best protection is prevention:
- Be aware of what information you disclose and read privacy statements carefully before you pass on your information
- Turn off cookies in your internet browser
- Ask to be removed from any Marketing Association member's mailing or telephone lists through the association's Name Removal Service. Call 0800 222 332 and for more information. If you also wish to have your name removed form the NZ Post mailing list phone 0800 804 307.
- Get a hard-to-trace email with services such as Anonymizer and Zero Knowledge.
You are what you search
A slip-up by US internet provider AOL proves how much people unintentionally reveal about themselves when they use search engines. The company posted detailed records of 670,000 customer’s online searches onto a supposedly secret website for research purposes. It didn’t take long until the information was the talk of blog sites. AOL was shamed in the media. The company quickly apologised and withdrew the files. But it was too late. The information had already been transferred to independent websites that allow anyone to easily search the data.
AOL identified the customers only by random user numbers but it didn’t take long for The New York Times to identify people using only their searches.
User No. 441779 searched for “60 single men” and “dog that urinates on everything”. A search for “landscapers in Lilburn, Georgia” narrowed the field as did several searches for people with the surname Arnold and one on “homes sold in shadow lake subdivision Gwinnet County Georgia”.
It did not take much investigating for The Times to follow user no. 441772’s data trail to Thelma Arnold, a 62-year-old dog-loving widow who lives in Lilburn, Georgia.
"Those are my searches," she told the paper when a reporter contacted her and read out some of the search terms.
Mrs Arnold said she was shocked that her search queries had been recorded and released to the public by AOL.
"My goodness, it’s my whole personal life," she said. "I had no idea somebody was looking over my shoulder."
The searches show that people turn to the internet for the most personal and sensitive issues. No. 3505202 asks about “depression and medical leave.” No. 7268042 types “fear that spouse contemplating cheating.”
There are also many thousands of sexual and possibly criminal queries. The search strings “how to kill your wife”, “child porno” and “how to kill oneself by natural gas” raise questions about what legal authorities can and should do with such information.
But while these searches can be interpreted to reveal much about the person who typed them, they can also prove highly misleading.
Thelma Arnold’s search history includes “hand tremors,” “nicotine effects on the body,” “dry mouth” and “bipolar.”
Arnold’s searches make her sound like a walking health hazard, but when contacted by The Times she said she often researches her friends' medical ailments.
“I have a friend who needs to quit smoking and I want to help her do it.”
AOL said that it had not intended to release Arnold's data or anyone else's, and told the paper: "We apologise specifically to her. There is not a whole lot we can do."
Mrs Arnold plans to cancel her AOL subscription. "We all have a right to privacy. Nobody should have found this all out," she said.
Try it at home:
Visit AOLSearchLogs.com and click on a random user. After browsing their search strings, you can have a go at putting together a profile of the user and see what interpretations others have come up with. Thelma Arnold's search records can be found on the site.
Article (c) Kris Herbert. Originally published in NZ Geographic, December 2006.