logo

electric sheep

Out of Con-tolls

January 19, 2007

We live in a world where information is disseminating incredibly quickly. You can search locally based on your zip code. You can upload photos with geographic data in them. You can send emails. You can make phone calls at your fingertips. For each of these actions, some amount of information is captured. Where does that data go? And who owns it? Increasingly, I’m afraid, the answer is: not you.

I went to a talk today by Brady Forrest, author of O’Reilly Radar. He had some really cool things to talk about - new gizmos and virtual gadgets dealing with “Geocoding”, one of the hot new applications of “Web 2.0″. He showed us some new ways that data is being captured and displayed on the internet. It used to be that cameras took pictures. Later, you looked at the picture and maybe scrawled a caption on the back, and that was it. But nowadays, digital cameras store lots of metadata along with the photo, including the date and time it was taken, the model of the camera, the image format, etc. One of the key data points that is being added is the “geodata” - the latitude and longitude. Some cameras have GPS devices built in, which makes it easy. Others have GPS extensions attached. There are ways to determine location without GPS. For instance, if you happen to be anywhere near any Wifi networks (so pretty much anywhere in a big city), then Skyhook Wireless can pinpoint your location by looking up a database of known networks and locations. This location data is attached to the image, which can then be uploaded onto Flickr and mapped out. It’s available for millions of other users to then mix and match, look at, filter, whatever.

Seattle Times story about how invasive technology has become in our modern-day lives. Specifically, how much information is being collected about you during the day? This article lists a few common sources:

  • Security cameras. These are everywhere and growing more pervasive.
  • Email, stored on remote servers like Gmail, Yahoo. Even stored on your local ISP it is subject to sniffing on the wire.
  • Cellphone company records call time and who you called. It stores location data (which cell tower you used) but does not share that with you.
  • Mobil speedpass.
  • Credit / debit card purchases
  • Online companies to keep track of birthdays, anniversaries. Amazon does this; Ecards; lots of sites do this.
  • Domino’s and pizza companies keep databases of phone numbers, names, addresses - even unlisted ones.
  • GPS devices in cars (for services like OnStar, ATX)
  • Automated toll devices (iPass, EZPass)
  • Shopping cards (Safeway, Jewel, Costco)
  • Retailers (BestBuy, Circuit City, Amazon)
  • VIP services (for the rich and famous)
  • Web Searches (Google, Yahoo). Any web site you go to is recorded by that web site.
  • RFID keys, electronic keys. Many condos/ apartments have this. Each entry may be recorded.

All of this data. It floats around out there. Who owns it? More specifically, for each data, can you ask:

  • Who looks at it normally? Usually the company will tell you “nobody”. It’s only viewed by “computers”.
  • Who could look at it if they wanted to? The government could subpoena, hackers could exploit, employees almost always have full access even if they aren’t supposed to.
  • How long is it kept? This is a tough one to answer. Companies don’t like to delete data, even when they should. Your data may be around for a long time, much longer than you’d think it would be relevant or useful.
  • Can you ask for your data? This is tricky. Sometimes you can, sometimes you can’t. Most of the time you don’t even know what data is held or by who. Can you ask to see security camera recordings that have your face on them? What about the record of your entry to your apartment? How about your shopping history at Safeway? None these companies will give you your data - although I haven’t personally tried.
  • Who can change or delete it? Can you? Can they? Do they have the right to?

This kind of technology is really cool. But it’s also terrifying. If you think about how much data was recorded about you just a few years ago and compare with today, you’ll find that it has gone up tremendously. And in the next few years, it will only continue to rise. This data can be used by many people - it’s not clear what the right mix is. The important thing to think of is this: none of the companies have an incentive to protect your data. Only you do.