Using customer data – Other countries, other laws
When you visit any website, you leave a digital fingerprint. Data such as IP address, geographic location, gender, interests and websites visited are collected and analyzed to create a profile. All this to generate a customer experience. This includes attention, discovery, care, advice, purchase and service. And from this, it is hoped to generate a loyal repeat customer.
Cloud technologies make it easier to monitor customers. This includes website tracking, automation, personalization and Big Data. Search histories are combed through, status updates on social media are analyzed, as are articles read online and shopping on the Internet. Based on this, profiles are created on individuals or homogeneous groups to influence behavior online. This practice is implemented by almost all companies. The big players, which cover many areas of our lives, manage to do extensive and good profiling.
The biggest data octopuses are known to us all. Facebook and Google process huge amounts of data, which is used for personalized advertising. The more specific the data, the more the companies are willing to pay for it. The market for personal data is worth several billion CHF.
Article 13 of the Swiss Federal Constitution fundamentally states that every person has the right to respect for their private and family life, their home, and their correspondence, post and telecommunications, as well as to protection against misuse of their personal data.
Parliament revised the Swiss Data Protection Act (DPA), formerly adopted in 1993, and approved it on September 25, 2020. As a result, it aligns with the European General Data Protection Regulation (GDPR) and no longer requires individual contracts with service providers in other European countries to exchange data.
Since the GDPR better protects the rights of private individuals on the one hand, but also punishes companies more severely if they fail to comply with the law, some companies are forced to relocate their headquarters to a country where data protection regulations are not subject to strict requirements. This means that sensitive customer data can continue to be collected.
Data octopuses – where do the traps lurk?
Recently, there was a real exodus of users from WhatsApp. Data provided by the users themselves are stored. That would be, for example, display name, birthday, phone number, status and profile picture. The data is supposedly not stored on servers. But as soon as someone uploads their backup to the cloud, the data becomes vulnerable. The content is encrypted end-to-end, but WhatsApp is able to filter metadata, such as location, recipient’s phone number, device numbers, time when a message was sent or time of the phone call. This is also enough to see who is in contact with whom and how often. It is hard to get rid of WhatsApp, especially when almost the entire circle of acquaintances continues to use this messenger. Nevertheless, WhatsApp is still the most popular and widely used messenger.
Since Facebook bought WhatsApp, Facebook has been able to fill in the missing data of WhatsApp’s profiling (metadata collection) by means of data exchange, as Whatsapp’s new T&Cs allow this.
It was said that Facebook uses the metadata to track down problematic users. If, for example, a newly opened account quickly sends a high number of chats, this could be an indication of a spammer.
Unencrypted and thus traceable metadata is still this:
- Names and profile pictures of WhatsApp groups
- phone numbers
- profile photos
- status messages
- Battery level, ID, operating system, languages, time zone and IP address of the phone,
- strength of the radio signal
- all linked Facebook and Instagram accounts
- time of the last used app
- all past violations
When installing various apps on your phone, it sometimes happens that you carelessly click on “install” without checking what you are giving the app access to. Does a photo app really need access to the phonebook? Does a note app need access to SMS? And why does a painting app for kids need access to the microphone, phonebook and camera function?
In January 2020, some media portals reported how certain cycle apps (over 40% of all apps tested) sold women’s most intimate data to Facebook. Even women who did not have a Facebook account were affected. Just imagine what Facebook and Co. could do with data such as frequency of sex, pregnancy wish, contraceptive methods, mood, alcohol consumption, etc. What if women were already seeing ads for diapers on Facebook, and Facebook could use algorithms to predict a pregnancy at an early stage?
Traps lurk everywhere. We are sometimes too careless with our personal data.
Who benefits from the data?
If you want to catch a glimpse of the tangled world of data exchange, we recommend an app check: https://appcheck.mobilsicher.de/.
Based on various scores (points), privacy is checked and points are assigned per app. 1 = no risk, 5 = very problematic.
The data that various apps share with marketing companies (most of them based in the US) is used for purposes such as measuring success, maximizing profits, user tracking and linking, IP address location and target group analysis. What used to be gold is now personal data. Nowhere else can more money be made. If the Internet knows what I like, where I am and when I’m awake, advertising can be targeted and personalized. And what people often search for, they will eventually buy. The data octopuses know this, too.
When a dating app shares data with Facebook, TikTok, Twitter, and Yahoo, you have to wonder if you really want nearly the entire Internet to know about your preferences, relationship status, and contacts (thanks to aggressive tracking). What is true for apps is usually also true for various Internet accounts.
Artificial intelligence is able to extract new insights from big data in the cloud. Today, algorithms trained with machine learning are able to quickly identify seemingly hidden relationships in a lot of unstructured data, providing new insights for decision making.
And who benefits from your data???