Uses and Risks of Personal Data in Big Corporations

Data Collection in Commerce

Research Statement

This report will analyze both the uses and risks of personal data in big corporations.

Purpose

The purpose of this research document is to explore the reasons as to why big companies use personal data, what the data is used for, and the amount of data that is inadvertently taken from consumers.

Background and Significance

Big Data has taken a huge role in art in creating today’s Technological Revolution. It is a phrase coined to describe the exponential volume of data we currently hold. Data is collected from a number of sources including cell phones, applications, databases, servers, etc. In return, it can then be used to find trends, patterns, and connections specifically related to how humans behave along with their interactions. This information includes likes, dislikes, preferences, and search and buyer history and is not limited to personal data such as birthdate, social security number, home address and much more. Corporations across the globe have found new ways to use this data in everyday business functions.

  Collection of Big Data can be used to a company’s advantage in marketing, finance, and Government. Despite the fact that in a few situations Big Data can be hard to control, it can possibly enable organizations to enhance tasks and make quicker, savvier choices. This information is gathered, organized, controlled, put away and examined, can enable an organization to increase helpful knowledge to expand profit margins, obtain clients and enhance activities. Big Data can help marketing companies collect historical information and use it to their advantage. Past data can help predict who will respond to certain campaigns, allowing marketers to target certain customers for profit. For example, Neil Patel, a top 10 marketer according to Forbes says, “Netflix has 130 million worldwide streaming subscribers. Having this large user base allows Netflix to gather a tremendous amount of data. With this data, Netflix can make better decisions and ultimately make users happier with their service.”(Patel, 2018, para. 7) 

 When trying to understand how companies are able to collect different types of information about people, it may be easy to assume companies are obtaining data illegally. However, companies are not only operating within their legal rights when they collect and use this information, but they are doing so with the legal consent of their customers. For example, companies like Facebook state “in plain English” that the site gathers and uses your data in their Terms and Service and Data Use Policy (Costine, 2018, para. 1).

 Though big data is a great tool to better sell products and to target marketing offers, there can also be many disadvantages. Many companies misuse data reflecting in the act of exploitation and discrimination. Rick Smolan, the writer of The Human Face of Big Data, states in one of his podcasts that there are banks that take advantage of Facebook in order to find out customer’s personal preference. For example, if the customer likes rap music, they will get a lower loan rate to protect their bank (Smolan, 2013, THKR).  Identity theft also occurs as a result of Privacy and Security issues when employees and customer’s financial and personal information is not properly taken care of. Yahoo, JP Morgan, and TJX are some of the largest companies that have been involved with data breaches in the 21st century (Armerding, 2018, para. 2). This paper will explore the reasons to companies incorporating Big Data into their practices. It will also discuss how it can potentially benefit or offset to the company or consumer in the future. 

                                                    Review of Literature

With an increase in overall internet use and data consumption alike, there are many risks associated with the data consumers provide. This data is accessed in many cases legally through the permission of the consumers themselves. Corporations are accessing data and once obtained are even sharing it with other corporations as a way to increase profit margins and focus on target demographics.

In 2014, the US Federal Trade Commission analyzed nine consumer data brokers. The Commission found that these organizations assemble “gigantic measures of information, from on the web and off the web sources, to be compiled creating personal consumer profiles” (Ramirez, 2014, p.3). This happens on such a massive scale without consumer’s knowledge, with the information also being pushed from broker to broker, that it would be nearly impossible for the consumer to find out how the data was originally obtained. As of late, consumer information collection has grown into systems of advanced tracking and profiling. A vast landscape of interconnected databases has developed that is comprised of not just big contributors like Facebook and Google, but many others as well. Thousands of different organizations from other enterprises also contribute to the gathering, breaking down, offering, exchanging, and using information on billions of people (Christl, 2017, p.7).

While this gets done behind closed doors, buyers can be left oblivious. Buyers can become unaware of what individual data is gathered, how this information is handled, and with whom it is shared or sold to. One main reason this happens is that consumers are distracted when trying to understand contracts or the fine print is way too complex to understand.  Organizations do not attempt to adapt straightforwardness, rather they either don’t inform consumers at all or use ambiguous and misleading information. In contracts, the details of privacy policy or terms of service are hard to comprehend as they are darkened, and use hypothetical dialect. When security advocates, researchers, and regulators request more data, organizations have been known to deny requests and argue that the “information practices are composed trade secrets and should in this way be ensured to be kept secret” (Katz, 2013, para. 2).

There is a significant income increase for companies, publishers, providers, and businesses across multiple industries who contribute through advertisements, websites, and apps in today’s data market. Dozens of companies merge, combine, and sell off behavioral data sequences from several bases within milliseconds during a single website view. Technological researcher, Wolfie Christl write, “In 2007, Apple introduced the smartphone, Facebook reached 30 million users, and companies in online advertising started targeting Ads to Internet users based on data about their individual preferences and interests” (Christl, 2017, p.7). Ten years later, who consumers communicate with as well as their actions online are closely surveilled at an exponentially growing pace. Big corporations and tech giants study and organize this data by using mechanical algorithms. Individuals are now at risk when personal information is processed, kept, and given away. A key factor to the growth of data collection has been the ability of businesses to identify a consumers’ personally. Data clustering enables data to be linked and combined, then allows companies to cross reference personal attributes from multiple bases. The algorithmic machine working in real-time was developed for online advertising and is quickly stretching into other fields, from customer data management and personalization to pricing and risk management (Stanhope, 2016, p.27). As a result, many barriers between data have been crossed including, offline behavior, customer data records, risk assessment information, and data recorded on the web, mobile and any other kinds of devices.

Technological Journalist and TechCrunch Editor Josh Constine states, “In 2012, Facebook started to allow companies to upload and match their own lists of email addresses and phone numbers from their customer databases to its platform” (Constine, 2012, para. 7). This lets organizations efficiently connect their very own client information with Facebook’s information. Also, it permits other Ad technology vendors to synchronize with the program’s databases and take advantage of its abilities, basically giving a sort of constant remote control for Facebook’s information database. Google and Twitter enabled comparable features in 2015 (Halpern, 2017, para. 1).

Organizations have started connecting information from the web and smartphones with client information and offline data that they have been gathering for a considerable length of time. As of late, credit card systems have begun to make information about their clients’ purchases accessible to the advanced tracking and profiling universe. Google stated that “approximately 70% of credit and debit card transactions are tracked in the United States through third-party partnerships” (Dwoskin, 2018, para 10). With that said, data about Mastercard collaborations is also accessible to different organizations, for instance by means of data brokers. Analysts have stated that “MasterCard selling products and services created from data analytics might even become its core business given that information product, including sales of data already, represent a considerable and growing share of its revenue” (Cohan, 2018, para. 6).

Individual and mass dataveillance can be characterized as the observation of personal activities by looking into the information trail made by activities, for example, card purchases, mobile calls, and web utilization (Ball, 2006, para. 12). When today’s social media platforms, credit reporting agencies, consumer data brokers, banks, insurers, telecom companies, loyalty program providers, device providers, and online advertising firms constantly monitor and profile billions of people, they are typically not interested in single natural persons. These companies, in fact, use social sorting, which describes how individual and collected data are used continuously to “classify people and populations according to varying criteria, determining who should be targeted for special treatment, suspicion, eligibility, inclusion, access” (Lyon, 2003, p.14). This data-based sorting can be discriminatory and affect the life-chances of individuals as groups are treated differently due to varying criteria.

The main components in information, analytics, and innovation that open risk of people in vital fields of life like credit and even insurance, generally also give many marketing solutions. Different organizations utilize their information to sort, rank, target, or even avoid shoppers based on their assessed profitability. As the most extreme example of this, Twitter ads can now be targeted by “creditworthiness”, thanks to data provided by Oracle (Christl, 2017, 79-83).

Financial companies that are smaller can now predict Credit responsibility through distinguishing different call log records, mobile locations, personal customer data, various types of online purchases, browser searches, and personal information from social media, also involving who or what corporation one connects with on social media. Initiatives have been introduced in US and Europe that allow consumers to receive discounts on their insurance premiums if they agree to provide real-time data about car driving behavior and activities such as their steps, grocery purchases, and fitness studio visits (Christl and Spiekermann, 2016, p.52-68).

 In healthcare, data companies and insurers are working on programs that use everyday life data about consumers to predict someone’s health risks. Data and analytics companies have started to offer health scoring products that predict individual health risks of people based on large amounts of consumer data, including purchasing activities. Behavioral data in the computerized world is also being put into fraud detection systems, which utilizes highly pervasive technology to evaluate billions of transactions and gather huge measures of data about devices, individuals and suspicious behaviors.

 Companies have started combining information about devices, online behaviors, and digital transactions with personal identity and credit information. ID Analytics, a United States-based credit and fraud risk data company runs an ID Network with 100 million identity elements arriving each day from leading cross-industry organizations, containing data about 300 million consumers. Transunion Trustev, an American consumer credit reporting agency, even offers social fingerprinting, which includes friend list analysis and pattern identification analyzing social media content. The latter is only used with individuals’ full permission through a voluntary social network login (Rhoen, 2016, para 35).

Systems of advanced following and profiling accumulate communications all through the web and along these lines, organizations can discover target clients with specific qualities or practices, access them, evaluate them, track them, and measure how they respond, including on sites, stages, and electronics that they don’t control themselves. This can be advantageous for companies and consumers alike as organizations can generate customer-specific advertisements and even products, generating a worthwhile business-consumer relationship (Wolfe, 2017, para 5). In order to capitalize on this data companies constantly aim to improve data quality. Many corporate databases that contain much more traditional hard facts on individuals, from financial institutions to the new platform sovereign are using miscellaneous portfolios of data to rapidly join forces.

The risk data industry consists of both centralized general-purpose credit reporting agencies as well as specialized companies in the fields of identity verification, employment and tenant screening, fraud prevention and detection, and insurance analytics. In countries in which these companies are allowed to cover broad areas of life, such as the US, their extensive private population data registries and automated systems have wide-reaching consequences for everyone’s opportunities and life chances. Their data is supplied by banks, lenders, collection agencies, insurers, utility and telecom providers, postal services retailers, and many other kinds of institutions that capture information pertaining to essential aspects of life.

As of late, a correlation has been formed between the gathering of personal data and the cybersecurity risks generated in the digital world. “These cybersecurity services have started to link the large amounts of available digital information to identify and risk assessment data. With this connection there has been confusion concerning the boundaries between commercial risk analytics companies, law enforcement, and government surveillance,” stated Professor of Law at Loyola Law School, Elizabeth Pollman (Pollman, 2017, p.49). Companies within the financial services industry are beginning to test the expansion of credit and risk monitoring by even including behavioral data such as phone calls, browser history, and social media activity. Most major firms in business software and analytics also play a significant role in managing and analyzing personal data for insurers, banks, and governments. There are many examples of finance companies which take part in these practices including IBM, FICO, Accenture, Capgemini, and Deloitte. Intelligence and defense firms like Palantir have also participated (Feretti, 2015, para 4).

Over the last decade, the escalation of social media, smartphones, and online advertising has embedded the collection and utilization of digital information about consumers into many areas of life. The inescapable ongoing observation surveillance created for web based advertising is currently quickly integrating with different practices of customer division and data marketing that have been around for some time. Today, organizations can discover and target clients with explicit attributes and behaviors continuously, no matter which device is utilized, which activity is followed, or even   consumers’ location within the instance. Within milliseconds, these systems auction and sell digital profiles about consumers to the highest bidder. The personal information used to achieve this is not only managed by platforms such as Facebook and Google and large consumer data brokers, but also by decentralized networks of digital tracking and profiling that consist of a wide range of advertising technology, data, and analytics companies (Fogg, 2002, para.3). Website publishers and app developers also provide user data on a massive scale, as do other corporations that sell products and services to consumers. It is this latter group that eventually makes the most use of the digital profiles produced by such processes.

  Expectations 

Conclusion

 Personal data collection comes with a countless amount of risks. Discrimination, tracking and profiling, data getting brokered, mass dataveillance, loss of anonymity, data breaches, potential lawsuits, personal security issues and moral insincerity within contracts are all risks involved with big data. If big corporations are going to continue collecting personal data and selling information to stock brokers, a less ambiguous and more concise form of contact must be put in place. Companies continue to believe they are acting within their terms or service, but fail to realize or ignore the effects consumers undergo from their decision making.

 The reasoning behind this survey is to find out what choices big corporations will be making to impact the future of personal data and big data collection. The outcomes will give more insight into the dark area of the big data industry and will tell if a corporation will or will not take action to make a change. Some will decide to continue to sell personal data to data brokers, some data brokers will continue to collect invasive data, and some might take more precaution to avoid breaches and lawsuits. Different outcomes are assumed to be present, but the trend may give more insight to show what corporations are doing behind closed doors. If all goes well, corporations will be more aware of how the personal data they share is impacting society.

Recommendations

1. Contracts should be read over and thoroughly reconstructed in precise and plain English. 

 A contract is created for consumers to be aware of where their personal information is going when getting involved in certain activities.  Enforcing transparent contracts about corporate data practices remains a key factor in resolving the massive information and unfairly divided power between data companies and the individuals that they process data on. There is also a need for more of a general understanding within today’s pervasive tracking and profiling technologies, their impact on, and consequences for individuals and society on a broad level.

2. All corporations should examine all risks within collecting personal data before sharing their information.

 Risks should be examined so companies can refrain from getting into breaches and lawsuits. Though today it is unlikely for companies to be involved in any form of personal data infringements, the future could hold many different possibilities. The number of risks could potentially grow wider. Due to technological advancements, data collection could become more conspicuous, or data could even be leaked from the cooperate system. Regardless of the circumstance, it is best for companies to thoroughly understand what all consequences are within the personal data collection.

Works Cited

• Armerding, T. (2018) “The 17 Biggest Data Breaches of the 21st Century.” CSO Online, CSO, 26 Jan. 2018, www.csoonline.com/article/2130877/data-breach/the-biggest-Data-breaches-of-the-21st-century.html.
• Ball, K. (2006). A Report on the Surveillance Society (pp. 1-102, Rep.). Surveillance Studies Network.
• Borgesius; Frederik J. Zuiderveen (2015): Online Price Discrimination and Data Protection Law  (August 28, 2015). Forthcoming as a conference paper for the Amsterdam Privacy Conference 23-26 October 2015; Amsterdam Law School Research Paper No. 2015-32; Institute for Information Law Research Paper No. 2015-02. Available at: http://ssrn.com/abstract=2652665
• Cohan, P. (2018, July 22). MasterCard, AmEx and Investment Profit from $400M Business of  Selling Transaction Data. Retrieved December 1, 2018, from Forbes website: https://www.forbes.com/sites/petercohan/2018/07/22/mastercard-amex-and-envestnet-profit-from-400m-business-of-selling-transaction-Data/#6e683dbc7722
• Christl, Wolfie, and Sarah Spiekermann. Networks of Control: a Report on Corporate Surveillance, Digital Tracking, Big Data ET Privacy. Faculties, 2016.
• Christl, Wolfie (2017): Corporate Surveillance in Everyday Life. How Companies Collect, Combine, Analyze, Trade, and Use Personal Data on Billions. Report by Cracked Labs, June 2017.
• Constine, J. (2012, October 11). First Results Are In Facebook’s New Custom Audience CRM Ads Increase Conversions and Lower Costs. Retrieved October 21, 2018, from https://techcrunch.com/2012/10/11/facebook-custom-audience-ads/
• Constine, Josh. “Facebook Rewrites Terms of   Service, Clarifying Device Data Collection.” TechCrunch, TechCrunch, 4 Apr. 2018, techcrunch.com/2018/04/04/Facebook-terms-of-service/.
• Dwoskin, E. (2017, May 23). Google now knows when its users go to the store and buy stuff.
• Washington Post, p. 1.
• Ferretti, Federico (2015): Credit Bureaus between Risk-Management, Creditworthiness Assessment and Prudential Supervision. EUI Department of Law Research Paper No. 2015/20. https://ssrn.com/abstract=2610142
• Fogg, B. J. (2002): Persuasive technology: using computers to change what we think and do. Ubiquity 2002.
• Halpern, Sue (2017): How He Used Facebook to Win. The New York Review of Books, June 8, 2017.
• Katz, M. J. (2013, December 06). FTC to Study Data Broker Industry’s Collection and Use of Consumer Data.
• Lyon, D. (2003.): Surveillance as social sorting: Privacy, risk, and digital discrimination. Routledge, London, New York.
• Patel, N. (2018, July 18). How Netflix Uses Analytics to Select Movies, Create Content, & Make Multimillion Dollar Decisions. Retrieved from https://neilpatel.com/blog/how-netflix-uses-analytics/
• Pollman, Elizabeth, and Barry, Jordan M. (2017): Regulatory Entrepreneurship (March 3, 2016). 90 S. Cal. L. Rev. 383 (2017); Loyola Law School, Los Angeles Legal Studies Research Paper No. 2017-29
• Ramirez, Edith. (2014“Data Brokers: A Call for Transparency and Accountability: A Report of the Federal Trade Commission (May 2014).” Federal Trade Commission, 6 May 2014, www.ftc.gov/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014.
• Rhoen, Michiel (2016): Beyond consent: improving data protection through consumer protection Law. Internet Policy Review, 5(1).
• Schiff, Allison (2017): More Than Half Of Age Data In Mobile Exchanges Is Inaccurate. AdExchanger, January 11, 2017.
• Smolan, Rick. “The Dangers of Big Data.” YouTube, THNKR, 16 Apr. 2013, Youtube/y8yMlMBCQiQ.
• Stanhope, Joe; Mary Pilecki; Fatemeh Khatibloo; Tina Moffett; Arleen Chien; Laura Glazer (2016): The Strategic Role of Identity Resolution. Identity Is Context in the Age Of The Customer. Forrester, October 17, 2016.