It might come as a surprise, but the newest currency online isn’t from PayPal. It’s not called Bitcoin and it’s not trading publicly for high values. It’s personal data and it’s being traded underground. The data is worth potential millions, and companies as large as Facebook are in for billions trying to protect and use that data.
What makes this data so powerful? Some of it involves fraud, but the real money maker is the ability to crunch that data in search of the magic sales formula that will bring companies or individuals untold sums of money. Knowing your interests, your location and your history tell companies a lot about their potential audience.
New rules in place from the FTC are ensuring that you have methods of escaping this form of invasive tracking, but finding what’s out there can be difficult. What we’ve lost and the value of that data are still questions we are trying to answer.
What Info is Contained
When judging the value of our information, we must first look at what’s actually contained in the package. Data can be anything, an email address or a name. Most often it’s a combination of many things. When Adobe was hacked, user credentials were lost along with credit cards and profile details that gave away physical locations and other privately identifiable data. That data would be worth far more than a Facebook profile, which in aggregate is already worth $51 per share as of this writing.
Profile by profile, there is not much money to be made. Hackers aren’t targeting users by individual, they are looking for bigger databases from less-secure networks. Places where we go for email or to order holiday cards become fodder for hackers looking for easy targets. Once they have a person’s email address, they can look for other points of entry. Since most people use the same email and password combination for their services, the next target is easy enough to locate.
Once a hacker has collected all of the potential data he can, the user profile is worth far more to potential buyers. So losing our personal data has greater implications than a loss of productivity. We could unknowingly leak our other credentials through unrelated breaches in privacy.
Who is Buying
The companies buying this data range, and some of them are large. Small businesses looking to promote services on Facebook are, in essence, buying user data. The same concept applies to advertises who use aggressive cookies to collect data about a user’s browsing habits.
When you watch television episodes or read articles online, your browser is collecting these cookies and using them to report your data to the advertisers that back the publications you read. Some of these services are transparent, letting you know that cookies are being used and describing exactly how they work.
A recent crackdown in the Android marketplace ended in an application that was caught illegally using location data. The application was a flashlight. Leaking that kind of data is easy to do from the user side. It may seem perfectly reasonable to use location or call data if you’re not trained to be suspicious of that kind of thing.
Total data ownership will involve a few aspects before it can be called complete. A user must have full control over his data, which is already fragmented over many networks and websites. Each time a user is asked to create an account, there are new credentials he must remember and protect. A new database that could be hacked to betray a user’s privacy.
When users have an entity they can use where one credential will get user’s access to multiple services like an ID card for the Web, privacy will become less of an issue. Users also do not value their own data, either because they do not understand the ways of the Web or they have not been taught otherwise. If user’s understood the implications of their browsing habits or their financial history leaking online, privacy would become a greater concern.
There is also no way for a user to monetize or gain some reward for the data he leaves behind. At least not a reward beyond what he already receives for leaking his data in the first place. Free email, a social network with friends and family and endless videos online are just a few of the potential draws that privacy enthusiasts must contend with. Educating users about privacy involves instruction on why free isn’t free.
Money Transfers Online
There are tons of services that allow people to send money internationally and an equal number of security measures that are being put into place. A common term transfer services use is “bank grade security” to describe the process of securing a financial transaction. Transfers across international borders are becoming more and more frequent, causing users to seek the safest ways to make deposits to foreign employees, business, and accounts.
Innovative ideas like Bitcoin are challenging our known concepts of currency by enabling anonymous money transfers. This digital currency is a lot like stock, with value that fluctuates depending on the state of the currency.
As the freelance economy grows, individuals will expose themselves to more risk as they deal with clients and seek to get paid. Institutions like PayPal provide a safe space for transactions to occur, but they are not yet international.
This bank grade security is also applied to applications we use, protecting the data we transfer to and from the entities we work with. The hope is that encryption will stop outside intrusions, but plugins like firesheep continue to expose flaws in the system. Poor passwords or users trusting unsecured networks can still cause hiccups and these are easy mistakes for the uninformed to make.
True security around the Web, and for our data, is still a way’s away. The FTC’s rules on “Do Not Track” help protect consumers and give us a shield to say we want to stay private, but consumers still don’t understand the value of data. The fact is that big data is a multi-billion dollar operation that is only growing. The sooner we accept that, the sooner we can focus on protecting our privacy in the digital age.