Corporate Surveillance In Everyday Life

Scientific studies show that many aspects of someone’s personality can be inferred from data on web searches, browsing histories, video viewing behaviors, social media activities, or purchases. For example, sensitive personal attributes such as ethnicity, religious and political views, relationship status, sexual orientation, and alcohol, cigarette, and drug use can be quite accurately inferred from someone's Facebook likes. Analysis of social network profiles can also predict personality traits such as emotional stability, life satisfaction, impulsivity, depression and sensationalist interest.

Similarly, personality traits can be inferred from information about the websites someone has visited, as well as from phone call records and data about mobile app usage. Browsing history can reveal information about someone’s occupation and educational level. Canadian researchers have even successfully calculated emotional states such as confidence, nervousness, sadness, and tiredness by analyzing typing patterns on a computer keyboard.

The results of today’s methods of data mining and analytics rely on statistical correlations with certain probability levels. Although they may predict attributes and personality traits significantly above chance, they are naturally not accurate in every case. Nevertheless, such methods are already used to sort, categorize, label, assess, rate, and rank people not only for marketing purposes, but also for making decisions in highly consequential areas such as finance, insurance, and healthcare, among others.

Credit assessment based on digital behavioral data

Startups such as Lenddo, Kreditech, Cignifi and ZestFinance already utilize data from social media, web searches, or mobile phones to calculate someone’s creditworthiness without actually using data related to financial transactions. Some also draw on information on how someone fills out an online form or navigates on a website, the grammar and punctuation of one’s text messages, and the battery status on said individual’s phone. Some companies even include data about someone’s friends on a social network in calculating credit scores.

Cignifi, which calculates credit scores from the timing and frequency of phone calls, sees itself as the “ultimate data monetization platform for mobile network operators". Large companies, including MasterCard, the mobile network provider Telefonica, the credit reporting agencies Experian and Equifax, as well as the Chinese search giant Baidu, have started to partner with such startups. The larger-scale application of such services is particularly on the rise in the countries of the global south, as well as for vulnerable population groups in other regions.

Conversely, credit data also flows into online marketing. On Twitter, for example, marketers can target ads by the predicted creditworthiness of Twitter users based on data from the consumer data broker Oracle. Going a step further, Facebook has registered a patent for credit assessment based on the credit ratings of someone’s friends on a social network. Nobody knows whether it plans to turn this total integration of social networking, marketing, and risk assessment into reality.

Predicting health based on consumer data

Data companies and insurers are working on programs that use information on consumers’ everyday lives to predict their health risks. For example, the large insurer Aviva, in cooperation with the consulting firm Deloitte, has predicted individual health risks, such as for diabetes, cancer, high blood pressure and depression, for 60,000 insurance applicants based on consumer data traditionally used for marketing that it had purchased from a data broker.

The consulting firm McKinsey has helped predict the hospital costs of patients based on consumer data for a “large US payor” in healthcare. Using information about demographics, family structure, purchases, car ownership, and other data, McKinsey stated that such “insights can help identify key patient subgroups before high-cost episodes occur”.

The health analytics company GNS Healthcare also calculates individual health risks for patients from a wide range of data such as genomics, medical records, lab data, mobile health devices, and consumer behavior. The company partners with insurers such as Aetna, provides a score that identifies “people likely to participate in interventions”, and offers to predict the progression of illnesses and intervention outcomes. According to an industry report, the company “ranks patients by how much return on investment” the insurer can expect if it targets them with particular interventions.

LexisNexis Risk Solutions, a large data broker and risk analytics company, provides a health scoring product that calculates health risks, as well as expected healthcare costs for individuals, based on vast amounts of consumer data, including purchase activities.

Today’s dominant online platforms – above all Google and Facebook – have extensive information on the everyday lives of billions of people around the globe. They are the most visible, the most pervasive, and, aside from intelligence contractors, online advertisers, and digital fraud detection services, perhaps the most advanced players in the personal data and analytics industry. Many others operate behind the scenes and beyond public attention.

At its core, online advertising consists of an ecosystem of thousands of companies focused on constantly tracking and profiling billions of people. Every time an ad is displayed on a website or in a mobile app, a user’s digital profile has just been sold to the highest bidder in the milliseconds before. In contrast to these new practices, credit reporting agencies and consumer data brokers have already spent decades in the business of personal data. In recent years, they started combining the extensive information they have about people’s offline lives with the user and customer databases operated by large platforms, online advertising companies, and myriads of other businesses across many industries.

Facebook uses at least 52,000 personal attributes to sort and categorize its 1.9 billion users by, for example, their political views, ethnicity, and income. In order to do so, the platform analyzes their posts, likes, shares, friends, photos, movements, and many other kinds of behaviors.

In addition, Facebook acquires data on its users from other companies. In 2013, the platform began its partnership with the four data brokers Acxiom, Epsilon, Datalogix and BlueKai, the latter two of which were subsequently acquired by the IT giant Oracle. These companies help Facebook track and profile its users even better than it already does by providing it with data collected from beyond its platform.

Consumer data brokers play a key role in today’s personal data industry. They aggregate, combine, and trade massive amounts of information collected from diverse online and offline sources on entire populations. Data brokers collect publicly available information and buy or license consumer data from other companies. Generally, their data stems from sources other than the individuals themselves, and is collected largely without consumers’ knowledge. They analyze data, make inferences, sort people into categories, and provide thousands of attributes on individuals to their clients.

The profiles that data brokers have on individuals include not only information about education, occupation, children, religion, ethnicity, political views, activities, interests and media usage, but also about someone’s online behaviors such as web searches. Additionally, they collect data about purchases, credit card usage, income and loans, banking and insurance policies, property and vehicle ownership, and a variety of other data types. Data brokers also calculate scores that predict an individual’s possible future behavior, with regard to, for example, someone’s economic stability or plans to have a baby or to change jobs.

Oracle lists nearly 100 data providers in its data directory, including Acxiom and credit reporting agencies such as Experian and TransUnion, as well as companies that track website visits, mobile app usage, and movements, or that collect data from online quizzes. Visa and MasterCard are listed as data providers, too. Together with its partners, Oracle provides over 30,000 different data categories that may be assigned to consumers. Conversely, the company shares data with Facebook and helps Twitter calculate the creditworthiness of its users.

Oracle’s ID Graph identifies and combines user profiles across companies. It “unites all interactions” across databases, services and devices to “create one addressable consumer profile” and “identify customers and prospects everywhere”. Other companies can send match keys based on email addresses, phone numbers, postal addresses, and other identifiers to Oracle, which will then synchronize them to its “network of user and statistical IDs that are linked together in the Oracle ID Graph”. Although the company promises to only use anonymous user IDs and anonymous user profiles, these still refer to certain individuals and can be used to recognize them and to single them out in many life contexts.

Generally, clients can upload their own data about customers, website visitors, or app users to Oracle’s data cloud, combine it with data from many other companies and then transfer and utilize it on hundreds of other marketing and advertising technology platforms in real-time. They can use it to, for example, find and target people across devices and platforms, personalize interactions, and eventually, to measure how consumers respond after having been addressed and affected on an individual level.

Online platforms, advertising technology providers, data brokers, and businesses in all industries can now monitor, recognize, and analyze individuals in many situations. They are able to learn what people are interested in, what they did today, what they are likely to do tomorrow, and how much they might be worth as a customer.

Data about people’s online and offline lives

A wide range of companies has been collecting information on people for decades. Before the Internet, both credit bureaus and direct marketing agencies were major points of integration between data flowing from different sources. A first big step into systematic consumer surveillance occurred in the 1990s through database marketing, loyalty programs, and advanced consumer credit reporting. Following the ascent of the Internet and online advertising in the early 2000s and the rise of social networks, smartphones, and online advertising in the late 2000s, we now see the traditional consumer data industry integrating with the new digital tracking and profiling ecosystem in the 2010s.

Until recently, advertisers who used Facebook, Google or other online ad networks could target individuals based only on their online behavior. However, a few years ago data companies began providing ways to combine and link digital profiles across platforms, customer databases, and the world of online advertising.

Connecting online and offline identities

In 2012, Facebook started allowing companies to upload their own lists of email addresses and phone numbers to the platform. Although these addresses and numbers are converted into pseudonymous codes, Facebook can directly link this customer data from other companies with Facebook user accounts. In this way, companies can, for example, find and target exactly those persons on Facebook that they have email addresses or phone numbers on. They could also selectively exclude them from targeting or let the platform find people with similar attributes, interests, and behaviors.

This is a powerful feature, perhaps more powerful than it seems at first glance. It allows companies to systematically connect their own customer data with Facebook’s data. Moreover, it also allows other advertising and data vendors to synchronize with the platform’s databases and tap into its capacities, essentially providing a kind of real-time remote control for Facebook’s data universe. Companies can now capture highly specific behavioral data, such as a click on a website, a swipe in a mobile app or a purchase in a store, in real-time, and tell Facebook to immediately find and target the persons who performed these activities. Google and Twitter launched similar features in 2015.

Data management platforms

Today, most advertising technology companies continuously pass various forms of codes referring to individuals onto each other. Data management platforms allow businesses in all industries to combine and link their own data on consumers, including real-time information about purchases, website visits, app usage, and email responses, with digital profiles provided by myriads third-party data providers. The combined data can then be analyzed, sorted and categorized, and used to address certain people with certain messages on certain channels or devices. A company could, for example, target a group of existing customers that visited a certain page on its website, and are predicted to become valuable customers, with personalized content or a discount – either on Facebook, in a mobile app, or on the company’s own website.

The emergence of data management platforms marks a key moment in the development of pervasive commercial behavioral tracking. With their help, businesses in all industries across the globe are able to seamlessly combine and link the data they have collected about their customers and prospects for years with billions of profiles collected within the world of digital tracking. Companies running such platforms include Oracle, Adobe, Salesforce (Krux), Wunderman (KBM Group/Zipline), Neustar, Lotame, and Cxense.

Based on the sophisticated methods of linking and combining data across different services, businesses in all industries can utilize today’s ubiquitous behavioral data streams to monitor and analyze a wide range of consumer activities and behaviors that might be relevant to their business interests.

With the help of data vendors, companies try to capture as many touchpoints across the whole customer journey as possible, from digital ones to in-store purchases, direct mail, TV ads, and call center calls. They try to record and measure every interaction with a consumer, including on websites, platforms, and devices they do not control themselves. They can seamlessly collect rich data about their customers and others in real-time, enhance them with information from third parties, and utilize the enriched profiles within the marketing and ad technology ecosystem. Today’s consumer data management platforms allow for the definition of complex sets of rules that dictate how to automatically react to specific criteria such as certain activities, people, or some combination thereof.

Consequently, individuals never know whether their behavior triggered a reaction from any of these continuously updated, interconnected, opaque networks of tracking and profiling, and, if so, how this affects the options they get across communication channels and life situations.

Testing and experimenting on people

Personalization based on rich profile information and pervasive real-time monitoring has become a powerful tool set to influence consumer behavior such as visiting a website, clicking on an ad, registering for a service, subscribing to a newsletter, downloading an app, or purchasing a product.

To further improve this, companies have started continuously experimenting on people. They conduct tests with different variations of functionalities, website designs, user interface elements, headlines, button texts, images, or even different discounts and prices, and then carefully monitor and measure how different groups of users interact with these variations. In this way, companies systematically optimize their ability to nudge people into acting how they want them to act.

News organizations, including large outlets such as the Washington Post, use different versions of article headlines to test which variant performs better. Optimizely, one of the major technology providers for such tests, offers its clients the ability to “experiment broadly across the entire customer experience, on any channel, any device, and any application”. Experimenting on unaware users has become the new normal.

Facebook stated in 2014 that it runs “over a thousand experiments each day” in order to “optimize specific outcomes” or “inform long-term design decisions”. In 2010 and 2012, the platform conducted experiments on millions of users and showed that manipulating Facebook’s user interface, functionalities, and displayed content can significantly increase voter turnout for groups of people. The platform’s notorious mood experiment on nearly 700,000 users involved secretly manipulating the amount of emotionally positive and negative posts in users’ news feeds, which ended up influencing how many emotionally positive and negative messages the users then posted themselves.

After massive public criticism of Facebook’s experiments, the online dating platform OkCupid released a provocative blog post defending such practices, stating that “we experiment on human beings” and “so does everybody else”. OkCupid reported on an experiment wherein they had manipulated the “match” percentage shown to pairs of users. When they showed a 90% match to actually bad-matching pairs, these users exchanged significantly more messages with each other. OkCupid claimed that when they “tell people” they are a “good match”, they “act as if they are”.

All these ethically highly questionable experiments clearly demonstrate the power of data-driven personalization to influence behavior.

Data about people’s behaviors, social relationships, and most private moments is increasingly applied in contexts or for purposes completely different from those for which it was recorded. In particular, it is increasingly used to make automated decisions about individuals in crucial areas of life such as finance, insurance, and healthcare.

Risk data for marketing and customer management

Credit reporting agencies and other key players in risk assessment in fields such as identity verification, fraud prevention, healthcare and insurance analytics mostly also provide marketing solutions. Furthermore, most consumer data brokers trade many kinds of sensitive information – e.g. about an individual’s financial situation – for marketing purposes. The use of credit scores for marketing purposes to either focus on or exclude vulnerable population groups has evolved into products that unify marketing and risk management.

The credit reporting agency TransUnion provides, for example, a product for data-driven decisions in retail and financial services that allows clients to “implement marketing and risk strategies tailored for customer, channel and business goals”, including credit data and promising “unique insights into consumer behavior, preferences and risk”. Companies can let consumers “choose from a suite of offerings that are tailored to their needs, preferences and risk profile” and “evaluate a customer for multiple products across channels, and then only present the offer(s) that are most relevant to them, and profitable” for the company. Similarly, Experian provides a product that combines “consumer credit and marketing information that is compliantly available from Experian”.

Similarly, the credit reporting agency Equifax states that it has data on nearly 1 billion devices and can validate “where a device really is and whether it is associated with other devices used in known fraud”. By combining this data with “billions of identity and credit events to find suspicious activity” across industries, and with information about employment and about relationships between households, families and associates, Equifax claims to be able to “identify devices as well as individuals”.

I am not a robot

Google’s reCaptcha product actually provides similar functionality, at least in parts. It is embedded into millions of websites and helps website providers decide whether a visitor is a legitimate human being or not. Until recently, users had to solve several kinds of quick challenges such as deciphering letters on a picture, choosing objects in a grid of pictures, or simply clicking on an “I’m not a robot” checkbox. In 2017, Google introduced an invisible version of reCaptcha, explaining that from now on “human users will be let through” without any user interaction in contrast to “suspicious ones and bots”. The company doesn’t disclose which kinds of user data and behaviors it uses to identify humans. Investigations suggest that Google doesn’t only use IP addresses, browser fingerprints, the way user’s type, move their mouse, or use their touchscreen "before, during, and after" a reCaptcha interaction, but also several of Google’s cookies. It is not clear whether people without user accounts face a disadvantage, whether Google is able to identify specific individuals rather than only “humans”, or whether Google also uses the data recorded within reCaptcha for purposes other than for bot detection.

Digital tracking for advertising and fraud detection?

The ubiquitous streams of behavioral data recorded for online advertising increasingly flow into fraud detection systems. The marketing data platform Segment, for example, offers clients easy ways to send data about their customers, website, and mobile app users to many different marketing technology services, but also to fraud detection companies. One of them is Castle, which uses “customer behavioral data to predict which users are likely a security or fraud risk”. Another one, Smyte, helps “prevent scams, spam, harassment and credit card fraud”.

The large credit reporting agency Experian offers a cross-device tracking service that provides universal device recognition across mobile, web, and apps for digital marketing. The company promises to reconcile and associate their client’s “existing digital identifiers”, including “cookies, device IDs, IP addresses and more”, providing marketers with a “ubiquitous, consistent and persistent link across all channels”.

Experian’s device identification technology comes from 41st parameter, an online fraud detection company that Experian acquired in 2013. Based on 41st parameter’s technology, Experian also offers a device intelligence solution for fraud detection during online payments, which “establishes a reliable ID for the device and collects rich device data”, “identifies every device on every visit in milliseconds” and “gives unparalleled visibility into the person behind the payment”. It is not clear whether Experian uses the same data for its device identification services in fraud detection and marketing.

In recent years, pre-existing practices of commercial surveillance have rapidly evolved into a vast landscape of corporate players that constantly monitor entire populations. Some actors in today’s pervasive tracking and profiling ecosystem, such as the large platforms and other companies with large numbers of customers, have a unique position in terms of the scale and depth of their consumer profiles. Nevertheless, the data used to make decisions on people in many areas of life is mostly not held in one place, but rather assembled from several sources in real-time, as needed.

A wide range of data and analytics companies in marketing, customer management and risk analytics seamlessly gather, analyze, share, and trade consumer data as well as combine it with further information from thousands of other companies. While the data and analytics industry provides the means to deploy these powerful technologies, businesses in many industries equally contribute both to intensifying the amount and detail of the collected data and the ability to utilize it.

Google and Facebook, followed by other large platforms such as Apple, Microsoft, Amazon and Alibaba have unprecedented access to data about the lives of billions of people. Although they have different business models and therefore play different roles in the personal data industry, they have the power to widely dictate the basic parameters of the overall digital markets. The large platforms mostly restrict how other firms can directly obtain their data; in this way, they force them to utilize the platform’s data on users within their own ecosystems and gather additional data from beyond the platforms’ reach.

Although the large multinationals in different sectors that have frequent interactions with hundreds of millions of consumers are in a somewhat similar position, they not only acquire consumer data collected by others, but often also provide data. While parts of the financial services and telecoms sectors, as well as crucial societal areas such as healthcare, education, and employment, are subject to stronger privacy regulation in most jurisdictions, a wide range of companies has started to utilize or contribute data to today’s networks of commercial surveillance.

Retailers and other companies that sell products and services to consumers mostly also sell data about their customers’ purchases. Media conglomerates and digital publishers sell data about their audiences, which is then utilized by companies in most other sectors. Telecom and broadband providers have started following their customers through the web. Large companies in retail, media and telecom have acquired or are acquiring data, tracking, and advertising technology firms. With Comcast acquiring NBC Universal, and AT&T most likely acquiring Time Warner, the large telecoms in the US are also becoming giant publishers, creating powerful portfolios of content, data, and targeting capabilities. With its acquisition of AOL and Yahoo, Verizon also became a “platform”.

Financial institutions have long used data on consumers for risk management, such as credit scoring and fraud detection, as well as for marketing, customer acquisition, and retention. They supplement their own data with external data from credit reporting agencies, data brokers and marketing data companies. PayPal, the biggest name in online payments, shares personal information with more than 600 third parties including other payment providers, credit reporting agencies, identity verification and fraud detection companies, as well as with the most advanced players within the digital tracking ecosystems. While credit card networks and banks have shared financial data on their customers with risk data providers for decades, they have now started selling transactional data for marketing purposes.

A myriad of smaller and larger firms providing websites, apps, games, and other applications are closely connected to the marketing data ecosystem. They use services that allow them to easily transmit data about their users to hundreds of third-party services. Many of them sell their users’ behavioral data streams as a core part of their business model. Even more worryingly, companies that provide new kinds of devices such as fitness trackers also seamlessly embed services that transfer user data to third parties.

The pervasive real-time surveillance machine that has been developed for online advertising is rapidly expanding into other fields including politics, pricing, credit scoring, and risk management. Insurers all over the world have started to offer their customers programs involving real-time tracking of behaviors such as car driving, health activities, grocery purchases, or visits to the fitness studio. New players in insurance analytics and financial technology predict individual health risks based on consumer data, as well as the creditworthiness of individuals based on behavioral data on phone calls or web searches.

Consumer data brokers, customer management companies, and advertising agencies such as Acxiom, Epsilon, Merkle or Wunderman/WPP play a major role in combining and connecting data between platforms, multinationals, and the advertising technology world. Credit reporting agencies like Experian that provide many services in very sensitive fields such as credit reporting, identity verification and fraud detection also play a major role in today’s pervasive marketing data ecosystem.

Particular large companies that provide data, analytics, and software services have been named as “platforms” as well. Oracle, a large database and business software provider, has become a consumer data broker in recent years. Salesforce, the market leader in customer relationship management that is managing the customer databases of millions of clients, yet having many customers each, has acquired Krux, a major data company connecting and combining data all over the digital world. The software company Adobe also plays an important role in profiling and advertising technology.

In addition, most major companies in business software, analytics and consulting, such as IBM, Informatica, SAS, FICO, Accenture, Capgemini, Deloitte, and McKinsey, or even intelligence and defense firms such as Palantir, also play a significant role in the management and analysis of personal data, from customer relationship management to identity management to marketing to risk analytics for insurers, banks, and governments.

This report finds that the networks of online platforms, advertising technology providers, data brokers, and other businesses can now monitor, recognize, and analyze individuals in many life situations. Information about individuals’ personal characteristics and behaviors is linked, combined, and utilized across companies, databases, platforms, devices, and services in real-time. With the actors guided only by economic goals, a data environment has emerged in which individuals are constantly surveyed and evaluated, categorized and grouped, rated and ranked, numbered and quantified, included or excluded, and, as a result, treated differently.

Several key developments in recent years have rapidly introduced unprecedented new qualities to ubiquitous corporate surveillance. These include the rise of social media and networked devices, the real-time tracking and linking of behavioral data streams, the merging of online and offline data, and the consolidation of marketing and risk management data. Pervasive digital tracking and profiling, in combination with personalization and testing, are not only used to monitor, but also to systematically influence people’s behavior. When companies use data about everyday life situations to make both trivial and consequential automated decisions about people, this may lead to discrimination, and reinforce or even worsen existing inequalities.

In spite of its omnipresence, only the tip of the iceberg of data and profiling activities is visible to individuals. Much of it remains opaque and barely understood by the vast majority of people. At the same time, people have ever fewer options to resist the power of this data ecosystem; opting out of pervasive tracking and profiling has essentially become synonymous with opting out of modern life. Although corporate leaders argue that privacy is dead (while caring a great deal about their own privacy), Mark Andrejevic suggests that people do indeed perceive the power asymmetries of today’s digital world, but feel “frustration over a sense of powerlessness in the face of increasingly sophisticated and comprehensive forms of data collection and mining”.

In light of this, this report focused on the actual practices and inner workings of the contemporary personal data industry. While the picture is becoming clearer, large parts of the systems in place still remain in the dark. Enforcing transparency about corporate data practices remains a key prerequisite to resolving the massive information asymmetries between data companies and individuals. Hopefully this report’s findings will encourage further work by scholars, journalists, and others in the fields of civil rights, data protection, consumer protection, and, ideally, also of policymakers and the companies themselves.

In 1999, Lawrence Lessig famously predicted that left to itself, cyberspace will become a perfect tool of control shaped primarily by the “invisible hand” of the market. He suggested that we could “build, or architect, or code cyberspace to protect values that we believe are fundamental, or we can build, or architect, or code cyberspace to allow those values to disappear”. Today, the latter has nearly been made reality by the billions of dollars in venture capital poured into funding business models based on the unscrupulous mass exploitation of data. The shortfall of privacy regulation in the US and the absence of its enforcement in Europe has actively impeded the emergence of other kinds of digital innovation, that is, of practices, technologies, and business models that preserve freedom, democracy, social justice, and human dignity.

On a broader level, data protection legislation alone will not mitigate the consequences that a data-driven world has on individuals and society, whether in the US or Europe. While consent and choice are crucial principles to resolve some of the most urgent problems of intrusive data collection, they can also produce an illusion of voluntariness. Besides additional regulatory instruments such as anti-discrimination, consumer protection, and competition law, it will generally require a major collective effort to realize a positive vision for a future information society. Otherwise, we might soon end up in a society of pervasive digital social control, where privacy becomes – if it remains at all – a luxury commodity for the rich. The building blocks are already in place.

Further reading:

• A more comprehensive take on the issues covered in the web publication above, as well as references and sources, can be found in the full report, available as a PDF download.
• The 2016 report "Networks of Control" by Wolfie Christl and Sarah Spiekermann, which the current report is largely based on, is available as a PDF download and as a printed book.

The production of this report, web materials, and illustrations was supported by the Open Society Foundations.