Together, Google and Facebook take in one-fifth of global advertising revenue. While the primary services of these two companies are free, they require personal data to function, but the value of this data goes beyond making YouTube videos and sharing status updates. Data collection and sharing practices have changed quickly to facilitate the growth of these two behemoths. In creating advertising profiles of their users, the two companies have created a map of its users activities across the internet. Monetizing that data is done through advertisements, and they are able to attract such large investments because of their accuracy in defining a user’s interests and personalities based on nothing more than what is publicly available when interacting with their platforms.
One of the greatest issues for advertisers on cable networks and radio stations is that the demographics of any station are in a constant state of flux and unverifiable in real-time. Nielsen ratings have been the greatest source of information for advertisers attempting to understand who they are marketing to when they purchase airtime, however the ratings are limited in the data points they are based on. The major data points collected by Nielsen ratings are age, gender, race, economic class, and location. Contrast that with the 98 points that Facebook bases its user’s advertising profiles on and it becomes clear why online advertising is generally seen as more effective than traditional media.
How Does Facebook Monitor Users Across the Web
It might be helpful to understand how Facebook collects data on their own platform first. Each user is given a unique ID that is logged to any device they use to connect with the platform. As you interact with the platform, your unique ID contains all of the data that you offer up in one location – your devices, photos, location updates, liked pages, messages, even the text you type and then erase. All of this data is connected to an individual and unique ID that helps Facebook, or Google, to better understand how to market to you. While the total number of data points that Facebook uses is unknown, the information made publicly available by Facebook shows 98 of their current data points. It is worth scrolling through the list to get a sense of what is being used to create marketable demographics online. It ranges from general information, such as education, ethnicity, and income, to more specific points, such as whether a user carries debt, where they tend to shop, or if they drink heavily.
These data points are not limited to the platform of Facebook however, and bear in mind that Facebook also owns several other platforms including Instagram and WhatsApp. Within their ecosystem of apps, Facebook is able to track very specific data such as cursor movement and typed text, but even outside the platform data is collected. Tracking cookies are logged in each web browser with that same unique ID from before. When tracking cookies interact on other websites or through advertisements placed on other websites, they relay that data back to Facebook, or Google, and add it to the advertising profile. Each website that is connected to this hub is sharing which websites are visited and how they are used. In fact, even if you are not a Facebook user this data is still being collected and linked to a unique ID and advertising profile.
Securing User’s Personal Data Against Data Breaches
The issue for users has not been, necessarily, that this data is being collected. Most users understand that by interacting with social media platforms their content is essentially the product, and they consent to this through extensive terms of service agreements. With the recent Cambridge Analytica scandal, questions around who has privileged access to this data and how it is being stored are of concern to the general public.
In relation to Cambridge Analytica, many users had their data exposed through a loophole in Facebook’s privacy system. When one user offered up their data to Cambridge Analytica, their friends’ data was also forfeited without consent. In total, the number of users data that was mishandled by Facebook is estimated at 87 million. Facebook is now revealing to users whether their data was included in this, however it comes after the closure of Cambridge Analytica – a firm that had used extortion and propaganda to advance political agendas.
This has shaken the trust of Facebook’s users as it shows that not only is this data useful for manipulation, but it has been accessed without user’s consent with the purpose of coercion. Most practices for data companies are innocuous, but each data store must be equipped to defend their user’s data from unauthorized access. Cambridge Analytica’s use of Facebook’s data does not constitute a “breach” in the normal sense as they were operating within Facebook’s guidelines, but the list of data breaches continues to grow each year and has affected hundreds of millions, if not billions, of people to date. Consider Equifax, a financial credit reporting agency that was hacked in 2017. This breach alone effected nearly half of all Americans, including both their personal information (addresses, social security numbers, birth dates), and also their financial histories. The personal information alone is enough to commit identity fraud, and that is now a real possibility for 143 million Americans.
Google’s Role in Protecting the Data Privacy of its Users
While Facebook’s data practices are under scrutiny, Google has faced relatively little opposition to the data that they collect. One thing that users appreciate about Google’s practices is that they make most of the collected data available for users to explore – you can see your advertising profile, your device activity (including each app you use and when), everywhere you’ve been with location tracking on, and also hear each time you’ve spoken to a connected device (Amazon’s Alexa similarly keeps a record of voice history). Further, users can request to download the entirety of information that Google has archived on their account. This archive often weighs in at multiple gigabytes given that it also includes past and present Google Drive data. This type of transparency informs users on how their usage of internet platforms may be monetized, an important step towards informed consent.
Steps to Secure Your Personal Data
Maintaining your privacy in this world of data-seeking services and platforms can seem impossible, but there are a couple of good ways to hold out. The Electronic Frontier Foundation offers a tool that tests your browser’s security against tracking. After testing your browser, it will make some recommendations around how to better secure your browser and therefore your data. Disabling the tools that track your activity around the internet is effective, but that is far from the only data that you place on the web. Clearing tracking cookies, or blocking them altogether, will help to reduce the information being logged as well. Although it is useful for advertising, the amount of data being stored on corporate servers poses challenges for the security of the people behind the numbers.
As for data breaches, that responsibility falls to the respective company. Securing user data against unauthorized use is incredibly difficult, especially for large corporations that face hundreds of thousands of attempts in a day. At this point it should go without saying that you need a secure password and use 2FA wherever possible. Beyond these steps, your security is mostly dependent upon the proper handling of data. Data breaches are not disappearing in the near future, but there are ways of hardening access that should be used by data centres.
Ultimately, not offering your data is the only meaningful way to protect it, but for many reasons that isn’t always an option. Google simplifies our daily lives, Facebook connects us to loved (and not so loved) ones, and countless other online services are taking the place of their past mediums. Being conscious of how your data is being used can also lead to better practices, more secure usage, and less data sharing. Advertising is not the root cause of data being collected, but it is one of the more effective means of monetizing anonymized data. What is important is whether users consent to having their data shared, and whether users are aware of their data being shared. Google takes steps here in the right direction, while Facebook has had some missteps on record. Overall, the data you choose to share should be cared for and protected – the real threat to user data is not often the corporation that they share it with, but who else may have or gain access to it.