Why do We Allow Data Aggregation and Inference, at all?
I've been reading How to Destroy Surveillance Capitalism and I find myself wondering why we continue to allow data about us to be collected, aggregated, and used for inference, without explicit permission and explicit ways of requesting our data be removed? This goes beyond allowing or disallowing certain uses of these profiles and datasets, or preventing targeted ads. The entire activity should be illegal, and companies whose business is based on it should find new forms of revenue or simply go out of business.
Certainly, there are records to be kept (various gov't databases related to property, company activities, and legal issues come to mind). Companies that use our data for legitimate purposes that are in our best interests are quite different than the shady, abusive companies that Doctorow talks about. If my doctor runs an expert system that helps detect and diagnose illness, there is a clear path to making this system work within reasonable constraints. I consent to have my HIPPA-protected data used, the system does not share this data with unrelated companies that use it for other purposes, and there is a (reasonably) well defined cost-benefit tradeoff. (Yes, we currently have no reason to trust that this data is used ethically, and there are issues with the medical system that have to do with for-profit insurance companies using medical data to discriminate and decline payment, etc., but those are orthogonal issues).
But if you step back and look at it, why do we accept that companies are allowed to track, collect, and share data without explicit consent (vs opt-out, if they even allow that) and without managing our data in a way that allows us to inspect, correct, and demand deletion?
If I have an account on a shopping site (whether Amazon or MomAndPopShop.com), I should be able to know what data they have and be confident that I can ask for part of it to be removed, that when I delete my account it will be removed, and that they aren't selling it. I don't mind Amazon keeping track of what I look at and using it to suggest future items; I mind Amazon selling or sharing the data, aggregating it with other information they acquire in other ways, and so on. Just because things are technically possible, doesn't mean they should be legal.
And there should be strong controls and requirements for security and data expiration. MomAndPopShop doesn't need to keep my shopping history indefinitely (perhaps they can, if I ask them to). Data breaches can't leak data that doesn't exist.
More broadly, companies like Acxiom, Epsilon, and CoreLogic, whose primary business is collecting, aggregating and selling data, should probably not exist. Period.
Credit reporting agencies like Experion and Equifax (regardless of how you feel about the idea of credit agencies and how they are run) should be forced to stop selling or sharing data with 3rd parties.
And that doesn't even touch on companies like Oracle (and others) that collect, aggregate, and sell massive databases of personal information.
When we talk about the disinformation campaigns that are causing so much havoc in liberal democracies (from Europe to American and beyond), much of it relies entirely on targeted ads and filter-bubbles and the click-bait "engagement patterns" that are necessary to feed the data beast.
Starve the beast, and much of the rest will get fixed, eventually.
Or, if you care about your privacy, I guess you can spend your spare time tilting at windmills, trying to opt out of services when given a chance. But chances are it will do nothing to stop these companies from doing what they do.
Header image is a screen shot of https://privacybee.com/blog/these-are-the-largest-data-brokers-in-america/, the first hit when I searched for information on data brokers.