Wild West

I actually wanted to jot down a piece with some practical advice on how to “harden” your devices and browsers. However, it occurred to me that the browser is only half – or not even half – of the overall problem, considering that we use so many “apps” on our mobile devices, which of course don’t have any of the limitations that websites have regarding storing information about you.

Aaand… down I went into another rabbit hole. Let me share a few points. I’ll write the actually planned post next. Or Real Soon Now. Promised.

Via my RSS reader, I had came across this post on Pixel Envy. The excerpt from the article by the Financial Times summarises the gist. Alas, the article itself is behind a paywall, but by some sleuthing I found a piece by the same authors with probably more or less the same contents here. The Business Day is a Nigerian news outlet, and I have no idea how reputable they are, and yes, they have trackers… the irony is not lost on me. Just don’t send any money to grab a deceased Nigerian princess' heritage. Anyway, the article outlines how vast and invasive data collection and brokerage has become.

Data brokers mine a treasure trove of personal, locational and transactional data to paint a picture of an individual’s life. Tastes in books or music, hobbies, dating preferences, political or religious leanings, and personality traits are all packaged and sold by data brokers to a range of industries, chiefly banks and insurers, retailers, telecoms, media companies and even governments. The European Commission forecasts the data market in Europe could be worth as much as €106.8bn by 2020.

To add insult to injury, read this in the Washington Post, if you’re so inclined.

Motherboard reported that major U.S. wireless carriers T-Mobile, AT&T and Sprint have been selling the location data of its customers in an unregulated market in which Americans' personal information travels through several layers of third-party entities that buy the location data but are not authorised to handle such information.

It seems I am not overly paranoid after all. In this vein, let’s talk about privacy policies, usually lengthy texts that no-one ever reads, but we all agree to by quickly clicking – or tapping – Accept when installing an app, or we agree to implicitly by simply using a website.

Weather forecasting apps on mobile devices are useful. And they often request access to the location of the device in order to give localised information. Even though here on the island they’re not really accurate – it seems, weather forecasting on a small island in the middle of a vast ocean is pretty difficult. But I digress, as I am wont to do.

Anyway, so I thought let me check out the privacy policy of one of the forecasting apps I use, WheatherPro by MeteoGroup. Their privacy policy is among the better ones I have read, or skimmed. They are thorough Germans after all. It’s still a Wall of Text That No-one Ever Reads, but they try to give specific information, explicitly list the cookies that are being deployed and the analytics services they use, and give some instructions how I can opt out of the tracking (I hastened to flip the switch in the prefs). It shows, however, that they are collecting information while I use the app on my iPhone, ie. not just their website. Nothing hidden here, they are upfront about it. If you read the wall of text.

Hence, bottom line, thinking about preventing tracking when surfing the web – you know, the browser thing – is not sufficient indeed. It’s probably the main reason why so many major news outlets and other websites have dedicated mobile apps these days. Blockers against tracking and ads don’t work with apps. It’s a data collection bonanza.

As an aside, MeteoGroup also mention their use of “social media” plugins, among them Facebook:

If you use our services, your browser not only connects to our server but also to Facebook’s servers. Thus, the content of the Plugin is transmitted to your browser which embeds content on the Site. Hence, Facebook receives information that you used our services. If you use our services while logged into your Facebook account, Facebook may be able to link use of our services to your Facebook account. E.g. if you click the “Like” button or post a Facebook comment this information may be transmitted directly to Facebook.

The same holds for Google and Twitter. As I said, never, and I mean never, stay logged in with these services. Unless you don’t care about your privacy.

As I was already having “fun” – the quotes here are essential – with privacy policies, I checked out the one of the NY Times, as I knew about their invasive use of trackers. Let me not beat a dead horse, no positive surprises here. Just a nugget from the lengthy text, about the use of logging data:

C) Analytics, Log Files and Reading History. As is true of most web sites, we gather certain information automatically and store it in log files. This information include IP address, browser type, operating system and other usage information about the use of the NYT Services, including a history of the pages you view.

We automatically combine this collected log-information with other information we collect about you.

There you have it, it’s happening. As the aforementioned article describes, data collection and the related brokerage business is a legal wild west. Better arm and protect yourself, you are on your own. Cue the music of the final show-down scene of The Good, the Bad, and the Ugly.