A company recently demoed to me that they have the ability to see the work history, credit report, and bank balance of a visitor that visits a site with some tracking code, in under 500ms. They use this information for a product that qualifies leads for sales teams, so the sales team knows who is a waste of time to go after and who isn't.
Creeps me the fuck out, and the owners seem to have no ethical qualms about buying, selling, and using this data.
None of it is accurate and almost all of it is modeled from sparse, low quality training sets. Banks are not selling PII’ed account balance data to shady aggregators.
To me, the more interesting and outrageous story is how many aggregators are able to sell garbage data so successfully.
>Banks are not selling PII’ed account balance data to shady aggregators.
But is Plaid?
And banks do sell account balance data, they also sell credit and debit transaction history
The first time I saw a session replay of all the mouse movements and input of a user on their own fucking computer that some marketing website-spyware had recorded was the moment I decided the Internet was a mistake.
Soon to be combined with palantir face recognition tech. No need to chip your citizenry!
"A visitor" as in "any visitor"? Or rather "a visitor", i.e. a specific one, about whom they already possess all this data and it's just a look up?
The latter I absolutely believe. The former I'd file under sci-fi marketing tales that anyone with some amount of knowledge about web technologies wouldn't fall for.
Wait.. physical site like a store or a web site? Not that either would make it that much better than the other, but you got me really curious.
Just beat them to death.
Jury nullification.
Or vote, or whatever the site rules permit, good luck with that.
Sounds like vaporware. Might be possible for a negligibly small % of visitors. And even then cold outreach is not very effective.
Finally. We all “know” that corporations will always choose profits over literally anything else. Glad to see the come back of the FTC. It seems we only get meaningful progress when there’s strong regulation.
Other notable examples: the EPA. There was a time when people had to wear gas masks out doors in some cities because the pollution was so bad before regulations and enforcement came into place. Similar stories with CFC emissions.
The development of the Internet has been accelerated under mostly conservative leadership which has been walking back regulations. And while much innovation has happened in that time I think a great deal more could have been achieved if it weren’t focused on this kind of profit-at-all-costs environment it’s been simmering in.
Report link at beginning of article:
https://www.ftc.gov/news-events/news/press-releases/2024/09/...
https://www.ftc.gov/system/files/ftc_gov/pdf/Social-Media-6b...
Edit: added link to pdf
A four year investigation to tell us what we already know. The real question is: What is the federal government (or anyone else) going to do about it?
A lot of people wonder why we study and document things that are already “common knowledge”. This is true of scientific studies as well. What a waste of money, right?
The answer is, until you actually do the work you don’t actually know. Scientists and government officials can’t cite common knowledge. And even if you were right about the conclusion, the details matter. The amount matters. The mechanisms matter.
High-quality studies also lay out a methodology for evaluating, assessing, and ultimately characterizing the issue, so that the impact of policy changes can be properly assessed. Even showing that well-known investigatory methods function adequately for a given problem is of value.
Put another way, "you can't control what you can't measure" (or in this case, characterize more generally).
> government officials can’t cite common knowledge
Government officials can cite whatever they want, including stuff they pulled out of their ass, as long as they have the votes.
This report gives us a framework for legislation. In no way does it "tell us what we already know".
There are plenty of people who "know" things that are actually wrong. This investigation is an important first step for the government to feel confident they know what's going on before exercising state power, which is, you know, a good thing. Vibes- or rumor-based exercise of state power is ill advised.
The Biden FTC has been quite aggressive against all sorts of anti-consumer practices throughout the economy which tend to follow these types of reports. I suspect action is coming relatively soon.
Agreed. Out in public yet encrypted is something I've been playing with as https://exfilcloud.com has no protection against access other than encryption.
This looks kinda sus. Why would or should anyone use this, @exfildotcloud?
> "While not every investigated company committed the same privacy violations, the conclusion is clear: companies prioritized profits over privacy. "
Why wouldn't they? A capitalist shareholder system requires that they do exactly this, to whatever extent it does not impact sales.
It's on citizens to demand regulation, and yet in the US, a probable majority of voting citizens don't like regulation, and think that government is too large or too untrustworthy. Combine that with the control that corporations have over our politicians, and further combine that with low public understanding of the issue, and there is nothing realistic that can be done.
So I consider surveillance capitalism to be permanent in the US. Regardless of the fact that most people don't like being spied on and manipulated constantly. Perhaps some really large, really bad event could galvanize the public, but I doubt it.
And what was the FTC doing all these years?
Election year. The assumption is it is simultaneously posturing for current administration, validating its existence and funding to potential new one, and PR for the public.
Before that? I don't remember that much from the past few years, but I think a good chunk of federal agencies were kinda in a weird stalemate ( which is kinda what the US is system is built for anyway ).
This will make optimal global pricing an insane world where everything will cost the maximum you can pay but the overall system will collapse as people will consume way less and be more miserable within it.
As true as that is, I think the people should still worry 100x more about government surveillance than about commercial surveillance. Commercial surveillance is only trying to sell you something you don't need. In contrast, government surveillance, with or without cooperation from commercial entities, is trying to lock you up for victimless crimes or on flimsy evidence because they have run out of real terrorists to fight. The government's data collection is vastly larger than of anyone else, all paid for by you with your taxes. Encryption, cybersecurity, and minimizing data retention are the primary ways to fight it.
> Commercial surveillance is only trying to sell you something you don't need.
This simply isn't true. Commercial surveillance is a means and method of inserting itself further into your workflows or lives. Just think of all the health and identity related 'features' being rolled out (and celebrated), and how governments are readily capitulating to them. It isn't far fetched or tinfoil to consider that these commercial entities, at some point in the future, can become the arbiters of decisions that affect you.
This isn't even about commercial vs government surveillance, they are equally dangerous, and of both you should be equally wary; governments are far more careful with actions, even with malicious intent, whereas commercial entities with deep pockets are often abstracted away sufficiently to escape blame or consequences. However, governments that delegate to commercial for decision making means that there is little to no difference in the 'type' of surveillance.
Minimizing your own ecosystem lockin is extremely important.
> health and identity related 'features'
But it's easy enough to just opt out of all that. I don't use fitness or health wearables. I don't have my DNA or ancestry analyzed. I don't use online/telehealth services. Hell I don't even visit the doctor very often. I don't trust healthcare at all because it's very easy for them to use "scare" marketing to get people to pay for all kinds of stuff that (a) they don't need and (b) has very little real benefit and (c) that in most cases is for conditions that common sense and a little self-discipline can avoid.
You're free to think that doctors and health organizations operate on some higher plane of morality but the truth is they are businesses and need to compete for customers just like any other business does.
When the government is allowed to buy information which would otherwise require a warrant, private surveillance becomes government surveillance.
This should be the top rated comment. This [1] is the tactic that is used by government agencies to actively work around protections afforded by the Constitution of the United States.
[1] https://www.washingtonpost.com/outlook/2021/04/26/constituti...
Exactly, there is no difference. In fact in some ways it is worse because the government can say with a straight face they aren't collecting your data and monitoring you... they just pay someone else for that service.
Yep, and I keep harping on that one simple point. If that data is collected at all, it will be used. Even with laws protecting it. Look how HiPAA has become something of a joke now between regular breaches and app everything, which skirt as much as they can.
> Commercial surveillance is only trying to sell you something you don't need.
Besides the maximimization of revenue, the profit motive also dictates the reduction of risk. Consider any application for insurance, membership, coverage...
>government surveillance, is trying to lock you up because they have run out of real terrorists to fight
"Government is surveilling/fighting you because who else" is easily applicable to $EvilCorp monopolies, because its tautological.
I assume that all data the commercial providers have on you, the government can access too if they would like to. Probably the government is even happy they can "outsource" a lot of data collection.