Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

The Cost of Sharing Our Data Online

Which Disney character are you? What will you look like when you’re 90? These profiling apps pepper our Facebook pages and many users are unable to resist the temptation. A few pieces of information exchanged for an amusing revelation to cheer up the feed. Easy.
 
A Cambridge University researcher designed one such app; a personality survey called ‘This is Your Digital Life’. It was shared online and he harvested the personal – willingly given – details of 270,000 users.

He also gained access to their friends, gathering data on an estimated 50 million users in total. This data was gathered for Cambridge Analytica (CA), who in turn scoured the vast sample for subconscious anxieties that would enable them to deliver a specific message to a specific audience for a specific purpose or to influence a big event.

Or, in the words of Mark Turnbull, managing director of CA: “we just put information into the bloodstream of the internet and then..give it a little push now and again..like a remote control”.

Unfortunately for Turnbull, his words were being filmed by an undercover Channel 4 news reporter and were shared with the world. The media reeled at the revelations of data exploitation and online manipulation: both Facebook and CA are being scrutinized by the Government who is trying to identify illegality in the complicated web of big data that governs so much of our lives today.

We knew this was coming. Five years ago, a group of researchers investigated how much profiling could be achieved by analyzing Facebook likes. The answer was a worryingly large amount. The researchers warned: “The predictability of individual attributes from digital records of behavior may have considerable negative implications, because it can easily be applied to large numbers of people without their individual consent and without them noticing.”
 
That’s called targeted marketing, and its commonplace. Persuasion is one of the founding principles of almost all commercial enterprises and can certainly be traced back eons – who can forget the propaganda posters of years gone by, archaic to our modern eyes but operating on the same principles?

Digital footprints have made it so much easier to achieve intentions, whether that be to persuade people to part with their money or, more worryingly, check a box on a ballot paper. 

Governments are well versed in manipulation. It is generally approached using the six principles of persuasion, as detailed by Dr Robert Cialdini, that map out how a rational response can be bypassed by tapping into an instinctive reaction. Cialdini was part of an ‘academic dream team’ that Obama used during his election campaign and his principles also underpin what has become known as number 10’s ‘nudge unit’.

The UK Government’s persuasion machine is formally known as the Behavioural Insight Unit. It defines itself as a ‘social purpose company’ that uses behavioral science to ‘enable people to make better choices for themselves’ and inform policy decisions. Areas of focus include health and wellbeing, education and access to public services. The Unit is ultimately looking to save money and offer more efficient and effective services to make life better for all.

It’s a smart use of science and a win for us all. The flip side is that this approach is used for online manipulation – but then we are being manipulated almost constantly, whether via our peers and family, by the Government, by physical adverts and online, or when we turn on the TV.

We are probably even manipulated by the school curriculum, from the history books written by the victors, and from the social conditioning that starts the moment we enter the world.

Does this matter, and can we really do anything about it? Should there be more policy in place to prevent social engineering online or restrict targeted ads based on data collection? The commercial practice may be interrupted by the incoming European policies of GDPR and e-Privacy directive, but the idea that all manipulation online can and should disappear is ludicrous and futile.

The internet is international and largely borderless. Convenience is usually prized by users above all else. How could you starts placing huge restrictions that are largely impossible to enforce and will disrupt user experience? 

One of the only way to proceed is to ensure people are informed and aware of the potential for manipulation online.

This process has already started, with the Cambridge Analytica furore serving to wake people up to the consequences of ticking a box to give permission for third parties to use their personal information. School children are already being educated in digital skills: we hope this include details of online manipulation strategies and how best to mitigate the effect, beyond identifying fake news.

Eventually, we must accept that persuasion is a part of human nature. Who among us can deny creating secret strategies to get the kids to bed by 8pm? What matters are the intentions and the gains of such manipulation, and we need to wake up to the reality of the commercial world.

Data is a resource and will be exploited. What did we really expect from a free service like Facebook? There is no such thing as a free lunch, even online. Would we be willing to pay subscriptions to use the site if that guaranteed privacy and security for our data? Probably not – so how to proceed?

We need to start taking responsibility for our own privacy and take better care of our data rather than playing the blame game. Create a strategy for what you share and don’t share, when and with whom. Think twice about signing up or filling in, or checking a box that allows your details to be spirited away to third parties.

We always look before we step out into the road because we know the risks and we bear the responsibility – the online world is just as risky and we must take just as much care of our digital life. The days of blind faith are over.

What’s Hot on Infosecurity Magazine?