The Brutal Fight To Mine Your Data and Sell It To Your Boss (bloomberg.com) 75
An anonymous reader shares a report from Bloomberg, explaining how Silicon Valley makes billions of dollars peddling personal information, supported by an ecosystem of bit players. Editor Drake Bennett highlights the battle between an upstart called HiQ and LinkedIn, who are fighting for your lucrative professional identity. Here's an excerpt from the report: A small number of the world's most valuable companies collect, control, parse, and sell billions of dollars' worth of personal information voluntarily surrendered by their users. Google, Facebook, Amazon, and Microsoft -- which bought LinkedIn for $26.2 billion in 2016 -- have in turn spawned dependent economies consisting of advertising and marketing companies, designers, consultants, and app developers. Some operate on the tech giants' platforms; some customize special digital tools; some help people attract more friends and likes and followers. Some, including HiQ, feed off the torrents of information that social networks produce, using software bots to scrape data from profiles. The services of the smaller companies can augment the offerings of the bigger ones, but the power dynamic is deeply asymmetrical, reminiscent of pilot fish picking food from between the teeth of sharks. The terms of that relationship are set by technology, economics, and the vagaries of consumer choice, but also by the law. LinkedIn's May 23 letter to HiQ wasn't the first time the company had taken legal action to prevent the perceived hijacking of its data, and Facebook and Craigslist, among others, have brought similar actions. But even more than its predecessors, this case, because of who's involved and how it's unfolded, has spoken to the thorniest issues surrounding speech and competition on the internet.
So, Google, Apple, MS, Facebook... (Score:5, Insightful)
...it kinda sucks when someone takes information you thought was yours alone and sells it to the highest bidder, eh?
Re: (Score:1)
You mean Amazon not Apple. Apple tends not to sell its user data to third-parties. What they do with it internally is a different matter.
Re: (Score:2)
Re:So, Google, Apple, MS, Facebook... (Score:5, Informative)
Much of TFA is misleading. Google, Facebook, and Apple all have privacy statements that expressly and unambiguously state that they DO NOT share your data with anyone. Perhaps they are lying, but TFA provides no evidence whatsoever that they are.
Amazon's privacy statement [amazon.com] says that they DO share your data, and describes who they share it with, and why.
Microsoft's privacy statement [microsoft.com] appears to have been drafted by a large team of lawyers, working with their PR department, to say as little as possible about anything. It even has a subsection on "Fitness and Health" ... that says nothing about privacy.
Lumping all these companies together is very misleading and unfair.
Re: (Score:2)
My take from the article (TFA) is that user information is harvested from tech giant's sites, apps and such, both by working within their platforms, and outside their platforms, regardless of the privacy statements. The net effect is user information is collected, repackaged and sold for billions of bucks. Like when Youmi's APIs, used in hundreds of apps, were found harvesting user data; or when health monitoring
Re: (Score:1)
Lumping all these companies together is very misleading and unfair.
It's somewhat misleading, and somewhat unfair. If Facebook collects information on every aspect of your life and sells it to whoever pays them enough, then that's bad. If Facebook collects information on every aspect of your life and doesn't sell it whoever pays them enough, then that's somewhat less bad... but that's still plenty bad.
The point of the article, the thing that you're supposed to find alarming, is that you don't have control over your data. Whether it's one company or many companies who con
Re: (Score:2)
https://www.youtube.com/watch?... [youtube.com]
Re:So, Google, Apple, MS, Facebook... (Score:4, Interesting)
Fortunately, in Europe this is a criminal act.
Yes! Look up EU GDPR and check the penalties (Score:3)
The EU seems perfectly willing to fine these nice big US companies when they break EU regulations, and they tend to make the fines a nice percentage of their gross income:
http://www.eugdpr.org/ [eugdpr.org]
Terje
Re: (Score:2)
...it kinda sucks when someone takes information you thought was yours alone and sells it to the highest bidder, eh?
If you put information out on a public website, you shouldn't be shocked to learn that members of the public can read it.
Re: (Score:3)
Weird... I thought, Slashdot's collective opinion [slashdot.org] was, that information can not be stolen — whether it can even be owned is doubtful...
Because it "wants to be free" and because you still have your files even if I made a copy — and shared it with the rest of the Internet...
But, yeah, it does suck — and some of us thought so for years...
Re: (Score:2)
Nope, you are confused. The slashdot privacy model is top down. When all the secrets of those at the top are exposed then the secrets of those below them can be accessible and not before. So strictly top down, the most powerful first, the least powerful last. See the subtle difference and you can not escape the logic of it, it is the sane sensible manner it which to do it. Keep in mind they do keep secret, what information about you they have and what they do with it (go on ask google to give you a copy, go
Re: (Score:2)
Secrets? What secrets? For years Slashdot has given high praise to people asserting, information can not be "stolen"... And now, suddenly, it can be... Confusing, is not it?
It may be harder with other companies, but Google (claims to) makes it easy [google.com].
You aren't any more entitled to that, than
Re: (Score:2)
...it kinda sucks when someone takes information you thought was yours alone and sells it to the highest bidder, eh?
Why did you think it was yours? Are you the one who collected it?
Re: (Score:3, Insightful)
If you're gonna start doing this you have to go back to the beginning of the slide downhill when Microsoft allowed every home computer nationwide get backdoored by every local and foreign intelligence service in the name of security, then lied to the public when criminals also found the same backdoors and Microsoft said that the complete lack of security was the best possible effort. That's where the public perception of the value of privacy got so horribly skewed in the first place as to allow companies l
Re:These assholes (Score:4, Insightful)
Re: (Score:1)
I don't disagree with what you have said, but the answer is not violence, but education and debate. Unfortunately many people in our society have become extremely intolerant and think the solution to everything is threats, intimidation and violence.
I'm extremely privacy focused (I permanently use a VPN, cookies disabled, I don't create accounts with anything, etc) and I do appreciate that these companies are a major threat to our society. However, I think people who turn to intimidation and violence are a
Re: (Score:2)
This was discussed several decades ago. At the time, the government wanted to be able to have access to databases covering things like the financial status of workers, their communications, telephone records and bank transfer records. There would be public outrage if any government department tried to do this, so it was easier to get the private companies to do this collection and for the government to pay a premium to get the information they wanted. Meanwhile the companies would have a free hand in levera
Re: (Score:1)
That sounds like a lengthy, expensive and dangerous process. Wouldn't it just be easier to not voluntarily give these companies all sorts of free information about yourself?
Re: (Score:1)
No, your solution sounds like a much more lengthy, expensive and dangerous process. Your solution involves actually educating the mass population to not do such silly things.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Come on, moderators! You have failed the troll test.
Real or sarcasm? Only the AC knows for sure. (Score:3)
Both computers updated this morning. Went very smoothly. New features, seems to be more secure and faster. There was zero cost for this update. Great job Redmond, keep 'em coming. Much appreciated here! Highly Recommend!
I am completely unable to tell if this post is straight-up, or if it is straight-faced sarcasm.
Only the AC knows for sure.
Re:IMHO, HiQ is not doing anything wrong (Score:5, Insightful)
They didn't break the law. That doesn't mean that there's nothing wrong with what they did.
The law doesn't define what's right or decent. Only what's legal. Big difference.
Re: (Score:3)
It would be astonishing if they had to break the law to get what they want, since their money was largely responsible for making the law.
Re: (Score:3)
It's not a crime - not in any sense, and not by a long chalk.
Classical economics assumes (with a wave of the arm) that everyone participating in the economy has full information, and shares it at the same time.
Really! I'm not kidding here. They might as well add that the sky is green and the Sun is made of Gorgonzola, but that would be a bit too obvious. In the real world, of course, as we all know - or as we find out pretty soon, the hard way - "business" consists very largely of a battle to hide informati
Re: (Score:1)
So what information do the potential employees get about the employers in return? Pretty much zip. Basically what those employers choose to publish, which is mostly self-serving propaganda - and which is not checked for accuracy or even truth by anyone. Even items of obviously great importance to potential employees - such as salary data - are kept a closely guarded secret.
How is that any different than the information the employee publishes?
Re:IMHO, HiQ is not doing anything wrong (Score:4, Insightful)
How is that any different than the information the employee publishes?
That's a good and logical question. I gave it some thought before posting.
Basically, there is a lot of asymmetry between an individual employee and a corporation. In the first place, of course, the employee is a single person - a private individual - whereas the corporation disposes of a lot more people and resources. But that's just the start. To the employee, the world of work is usually just part of life - perhaps the dominant part, perhaps just an unpleasant but necessary way of earning a living. The corporation, on the other hand, is not a real living person (although it is, by a legal fiction, treated as being a kind of "person"). It has no interests outside the world of its business, no affections, no fears, no human relationships or responsibilities. It has no spouse or children to care about (and worry about) and provide for.
The individual, in his or her private life, has occasion to socialize and exchange information with friends, acquaintances and family members. Such information may impinge, in some ways, on work, but only indirectly. A person may come home and vent on social media about the atrocious treatment he had to put up with at work; that is normal, understandable human behaviour and may meet with sympathetic responses that help to soothe the hurt. To the employer, however, it is a revelation of undesirable attitudes.
The corporation is run according to its various policies and the decisions of managers. It can choose to keep secret whatever it wishes; it has no private life, no feelings, no social intercourse. Unlike the individual human, its guard is always up; it never goes off duty.
The contest is like one between a human being - possibly armed - and a killer robot. Very one-sided. And even if the human being triumphs, the robot doesn't care even if it is destroyed.
Somehow... (Score:1)
The major problem is security is impossible (Score:5, Insightful)
If the goal is to share information (like your resume to potential employers or customers) you can't keep it private (say, from your current employer, family, or your nosey neighbour).
If you publish information about yourself on the Internet... YOU'VE PUBLISHED INFORMATION ABOUT YOURSELF ON THE INTERNET.
Who is mining the sites and what they're doing with that information is more or less irrelevant, since you should be assuming everyone is doing whatever they want with it.
Re:The major problem is security is impossible (Score:5, Insightful)
Re: (Score:1)
Re: (Score:2)
> If you publish information about yourself on the Internet...
>YOU'VE PUBLISHED INFORMATION ABOUT YOURSELF ON THE INTERNET.
Or, sometimes, you are just in the contacts list of someone ELSE who published information about THEMSELVES on the Internet...
https://gizmodo.com/how-facebo... [gizmodo.com]
Re: (Score:2)
Re: (Score:2)
Every time I think I'm getting paranoid in my old age, somebody points out something worse that either has already happened or could credibly be happening.
Apparently, even as a cranky old man I'm an optimist, relatively speaking.
That explains it (Score:5, Insightful)
Last week the headhunters started piling up in my inbox. I mean, yes, I usually got the odd "don't you wanna reorient yourself" mail, but we're talking a flood of mails, with headhunters bending over backwards with offers that made me question their sanity.
But if they were mining what's publicly available about me, I can understand it.
You see, the game works both ways. You can dig up anything I put out there about me, but in turn, nothing I put out there about me has to be true. This system assumes that people are actually truthful when they write stuff about themselves. Beats me why this works, but it seems to.
Well, I am not truthful when I write stuff about me on Facebook, LinkedIn, Xing, Twitter, whatever.
According to my "social media" pages, I'm the hottest potatoe there is right now in security. I rub shoulders with the best and brightest in the field, there are pictures of me hanging out at a bar with some of the key players in the security world (Photoshop is one hell of a program), and it seems i held the keynote at some of the past Black Hats (hey, it ain't my fault if they use my page instead of Black Hat's as a source for their information!). I also complained about the cocktails at the bar there. And that Bruce Schneier can't really tell jokes. You know, spice it up a bit.
None of this is true. Nothing. I know Bruce, of course, I can truthfully answer yes if someone asks "you really know Bruce Schneier?". Of course I do, the whole security world does.
I just highly doubt that he has any clue who I could possibly be...
I would of course never lie to a potential employer. If they actually ask me whether I gave keynotes at Blackhat, whether I am on a first name base with Bruce Schneier, whether I really declined speaking at Def Con because I didn't like their attitude and that it's "too commercial" for my tastes and I got better things to do than give talks at "insignificant petty has-been cons" like my Facebook claims, I will of course tell them the truth.
That my Facebook page, along with the other social media pages, are tools to weed out the stupid and gullible.
Re:That explains it (Score:4, Insightful)
I would of course never lie to a potential employer.
Yah. Very nice. But how will that potential employer see the information that you published and that they paid good money for, if it turns out to be untrue?
They'll say, "Well this guy is obviously a habitual liar. Who's the next candidate?"
Re:That explains it (Score:5, Interesting)
I would think "here's a security guy that seems to understand modern security issues".
Re: (Score:2)
You and other thoughtful people might see that, but how does his application get to your desk if it's screened by various systems and less thoughtful humans?
Re: (Score:2)
Like I said, it's a screening process to weed out the stupid. I do not want to work for people who can't think past the tip of their nose.
Re: (Score:2)
I would be respecting the candidate's OPSEC skills.
Re: (Score:2)
In my job, being able to come up with elaborate lies and fortifying them against cursory examination is more likely to land you a job than to disqualify you.
Re: (Score:1)
They'll say, "Well this guy is obviously a habitual liar. Who's the next candidate?"
No. They'll offer him a position in management.
Re: (Score:2)
This certainly seems to explain the number of really, really pointless "articles" that people post on LinkedIn.
I used to try reading them, really. But the vast majority of them are really piss-poor.
The ones about language, language-learning, cultural adaptation and sensitivity, etc. are usually so full of fallacies that I could quite literally spend all my waking hours writing rebuttals to them.
The ones about management and leadership are even worse.
It looks like academia, but without the intelligen
Re: (Score:2)
Those articles are a lot of hot air and aimed at managers who get impressed by big words and people who use them.
This said, there are a few articles worth reading on lists worth following. Most of them are invite-only, though.
It’s not all rosy (Score:2)
If they actually ask me... , I will of course tell them the truth.
Good luck with that. When they realise that you’ve been intentionally posting lies about yourself, I doubt they will take the time to listen and favourably reflect about your motives (especially when it’s about “weeding out the stupid and gullible” among them).
On the other hand, I think that your experience illustrates the dangers of this type of low quality data mining, when widespread. If Internet postings contain flattering lies about you, when those recruiters eventually talk to
Re: (Score:2)
Once headhunters have invested time in you, they want to sell you. All you need is a foot in the door and that's what those pages do.
This is doing long term damage (Score:5, Insightful)
These companies have a very narrow definition of employee quality that they peddle to insecure managers.
What they don't take into account is the influence their systems have on the level of 'psychological safety' that employees feel in organizations. The level to which they are willing to challenge dominant (but often wrong) ideas, or share new thoughts. In short, by over-measuring these systems actually limit the ability to innovate.
Ironically, one of the organizations that has pointed to psychological safety as the key factor for good teamwork is Google:
https://www.nytimes.com/2016/0... [nytimes.com]
A good example of a company in this 'human risk management' field is Red Owl, which recently got bought by another risk management company, Forcepoint. Amongst other things, their software aims to weed out potential whistle blowers.
A concept I've been working on to help us talk about the long term issues at stake here is "Social Cooling". The website explains the large scale chilling effects which are created by our unprecedented ability and desire to manage risk.
https://www.socailcooling.com/ [socailcooling.com]
Re: (Score:2)
An undercover team led by Grayson lands on Sargas 4, an Earth-like planet with a culture similar to that of 21st-century human civilization, to locate two missing anthropologists. There, LaMarr is arrested after a video of him dancing with a beloved statue receives more than a million "down" votes, and must convince the public to pardon him or be subjected to "treatment" for his actions. Alara and Claire locate one of the missing, but find him in an irreversible lobotomized state. With LaMarr facing a final vote to determine his guilt, Mercer brings one of the planet's inhabitants, Lysella, aboard the Orville and learns about the "Master Feed", which Isaac is able to hack and upload doctored images of John, narrowly swinging the vote in his favor. Now free, John and the others return to the ship and depart. The next day, Lysella decides against taking part in a public vote.
I guess it's only fair (Score:2)
Since I may or may not have 3+ TB of confidential information I archived from work, safely encrypted and stored off site in case we had any issues between us.
There may or may not be information that would cause jail time for many levels of my management.
I'd do it but I'm sitting here. (Score:2)
You need to ostracize not just these companies, but any real companies that use it. In short order, companies that sell real products will quickly be brought to heel.
Someone should do this someday, someone should.
it will be deemed surreptitious recording (Score:1)
like the supreme court case in 2012 when it was ruled illegal to attach a GPS device to a car when it would have been legal for the poilice to obtain similar information by tailing the suspect, i think/hope this will be decided in favor of linkedin, for the use of bots effectively makes this a case of surreptitious recording, where the meta-data is being digitally recorded by the bots--each a kind of hyper-spectral recording device.
fuck you, pleb, that's why (Score:2)
Loss-making venture capital backed companies sure do have contemp for the pricacy of working people.