If you're like me, you're splurting data all over the place. Just a few years a back, the idea of sharing your credit card on the Internet seemed like a brazen act of digital promiscuity.
Now, we're stripped bare.
We log in, sign up, link up, and connect via our laptops, ipads, smart phones and more.
But it seems harmless—in fact, it almost seems safe.
Well, maybe not.
At the New York Video Meetup last week, a tech start up called Dynamic Video showed their brand of customized video advertising. Ads that know who you are, and what you want. Ads that can call you by name.
"Hey Steve, glad you dropped by - we'd like to show you a new Hyundai."
Almost before I could ask my first question of the guest presenter—he jumped in "It's kinda creepy, we know."
Took the words right out of my mouth. Maybe 'kinda' is a being a bit kind.
Then, I got this email from TiVo.
"Dear TiVo Customer, Today we were informed by our email service provider that your email address was exposed due to unauthorized access of their system. Please note, it is possible you may receive spam email messages as a result. We regret this has taken place. We take your privacy very seriously, and we will continue to work diligently to protect your personal information."
And hour later, I received this from The College Board:
"We have been informed by Epsilon, the vendor that sends email to you on our behalf, that your e-mail address may have been exposed by unauthorized entry into their system. We regret this has taken place. We take your privacy very seriously, and we will continue to work diligently to protect your personal information."
What happened? It turns out that the permission I gave Tivo, The College Board, and other brands and companies had been handed (without my knowledge or permission) to a company I'd never heard of, Epsilon. Epsilon, who's tag line is: "Marketing as usual. Not a Chance", appears to be somewhat less warm and fuzzy about their data breach, instead posting a terse statement here.
Which led me to thinking, when I trust TiVo—does that extend to any and all vendors TiVo determines to share my data with? If my social security number, or credit card data, or bank pin number is 'shared' by TiVo with Epsilon, and Epsilon allows that data to be stolen—then who am I to hold responsible?
If I gave a locksmith a key to my house, and they hired an employee to do work on my front door, I'd know the answer. If the employee made an illegal copy of the key, and robbed my house I'd sue the locksmith for sure. But the nature of the Epsilon breach leaves one wondering. TiVo and The College Board both profess that they take my privacy 'seriously' but have they fired Epsilon? Will they? Can I hold them responsible for the risk they've exposed me to?
Somehow I doubt it.
What lurks below the surface is the simple fact that these things will happen. Data will be exposed. My privacy won't remain intact.
Which is why I want my data BACK.
I don't want it to be shared, indexed, searched, anonymized, or otherwise used to 'make my life better'. I want my data to live on my computer, in my hands, and to be shared, on a case-by-case basis with users with whom I swap trust with responsibility. I don't want empty promises of concern, but rather clear public expressions of the responsibility that brands or sites have for gathering, protecting and RETURNING my data to me.