I’ve worked at both Facebook and Google, and I’d second this sentiment. It is pretty disgusting that anyone with a passable knowledge of how to hide their tracks can basically get all of the information (messages, posts, photos, private information) they want about you. Sure, they might get fired if they’re caught, and maaaaaaaybe (read: probably not) face legal action, but they can do a lot of damage beforehand. And if they’re good enough, they won’t get caught.
I trust the people that I worked with there, but these are big organizations, and a lot more people than I would be comfortable with have essentially administrator access to private data.
Not a fans of these people saying how bad thing are but refuse to elaborate. Like sure, i know ads and socmed company will collect my data piece by piece and put it together to know who i am and target me with stupid ads, but i also love to know if there’s more to it. It’s not to convince me but it’s to convince others.
I worked at an ad agency and we’d literally have every user’s email, name, phone etc in random spreadsheets that everyone had access to.
As an intern I had root access to just about everything on the company server because I was one of the people who “knew computers” who wasn’t a dev.
There was constant debate about how to trick people into giving over their data etc (e.g. email sign-up for some free crap that you never actually got). Or getting people to allow apps permission to access their contacts, as then you’ve got 100 new people, and enough info about them to get them to open a spam email.
Also, if the user fell for a trick, their details are suddenly high value, as they are dumb enough to be a “mark” (or maybe their English isn’t very good), so their stuff can be sold to scam companies or just scummy people.
Privacy is a layer of defence, and shitty people feel entitled to take it away from you.
“…root access to just about everything on the company server.”
The urge to set up a cron for a random time after my departure to sudo rm -rf / would be so strong.
Or a Python script that quietly swaps all the data tables’ values, so the aggregate information looks valid but is functionally worthless.
That last sentence is a beautiful summary. I’m totally going to steal it. I promise to try and remember to give credit.
Some things that my company does:
-
Has someone watching you browse our site live. We can see everything you do in real time. All your searches, missclicks, mouse movements, etc. Only thing it cant see is credit card info.
-
Uses these live views to create a profile on you. Are you in the deep south and searched for something that could be “conservative”? Your now on our Conservative mailing list. Vise-versa as well, We have email marketing campaigns that are written to cater to demographics. For each email sales campaign we put out, there are about 8 varieties of those emails that are tailored to what we think you want.
-
Keep databases of all our customers and people who visit the site, with as much info as possible. IP, location, estimated salary, spending potential, whether or not you are more likely to click on our links. All kinds of info that isnt really protected in any meaningful way. Most of it is just on a Google Drive.
-
For our big spenders and repeat customers, we have a separate database that has even more personal info. The marketing manager has even gone so far as to look up Facebook and Linkden and whatnot on you and take whatever they can find. Family, friends, hobbies, jobs, anything that they think can be useful to sell more stuff. Again, none of this is really secured to well.
Im not in the marketing department of my job so theres probably a lot more that im not aware of. These are just a few things we do and im sure this is mild in comparison to bigger companies. My job is a small family business with like 10 people working there.
Yeah, the first time I saw he granularity of what Analytics could collect on a site, I was mortified. Like yeah, they may not record your specific name, but if they know every page you visit and everything you buy, you’re still a unique and trackable entity.
This is why I run several layers of adblock on my network and use plugins to search random terms that seem real, while also clicking every ad that makes it through.
My goal ceased being to contain my interests/info when I realized how much they knew. Now my goal is to just make the data as poisoned as possible.
-
I built software around 2010-2014 around harvesting visitor data.
Shit was scary back then with how much we could predict. We were already laser targeting customers and people. I can only imagine what they’re doing now.
This was before the whole “big data” push when companies were cross-referencing data sources from other harvesters.
oh rly? then why, after i’ve used facebook daily for 15 years, does it thin my interests include “foot” and and actors ive never heard of? why does google, after about that same amount of usage plus me owning many androids and having an even deeper entanglement with it than with facebook, think i’m the opposite sex (!) and imagine countless interest for me that i don’t have, just like facebook?
iv yet to see any of these companies being very accurate about me.
Sounds like you’re not the only person using your devices, including network and router. And even if you are, if you live with others and not on a VPN you’re very likely sharing an open IP with people of different tastes as well as gender. I get my spouse’s YouTube recommendations all the time, even when not signed in and on a totally different machine, because to YouTube it’s all coming from the same IP.
It’s not a huge mystery.
ah, i am sharing the router and network. i hadn’t considered that, and i’ve wondered and wondered how such inaccurate info commanded so much money and uproar. thanks!
deleted by creator
