Carriers Selling Your Data: a $24 Billion Business

An anonymous reader writes: It goes without saying that cellphone carriers have access to tons of data about their subscribers. They have data about who you call, what sites you visit, and even where you're located. Now: "Under the radar, Verizon, Sprint, and other carriers have partnered with firms including SAP to manage and sell data." The article describes some of the ways this data is used by marketers: "The service also combines data from telcos with other information, telling businesses whether shoppers are checking out competitor prices on their phones or just emailing friends. It can tell them the age ranges and genders of people who visited a store location between 10 a.m. and noon, and link location and demographic data with shoppers' web browsing history. Retailers might use the information to arrange store displays to appeal to certain customer segments at different times of the day, or to help determine where to open new locations." Analysts estimate this fledgling industry to be worth about $24 billion to the carriers, and they project huge growth over the next several years. The carriers are trying to keep it a tightly held secret after seeing the backlash from the public in response to government snooping, which involves much less private data.

You Are Always the Product

[ohnocitizen]

When we hear about free services snooping on you, people are quick to say "Free service? You are the product" and "not surprised". Yet we pay our telcos (sometimes ridiculous sums of money), and we are STILL the product. And guess what? The degree to which we allow ANY company or government agency to snoop on us allows the rest to get away with more too. So if we want to take a stand to keep some shreds of privacy intact, we need to take a powerful pro-privacy stance. We need to punish ANY organization that goes too far invading privacy, and establish laws and regulations to give us teeth for when they violate that privacy. And we need to stop reacting to news of privacy violations with dull acceptance. We need to fight back and one of our best tools available is to campaign hard to regulate the industry.

latest update was loaded

[dltaylor]

The latest software update for my phone was loaded with this kind of carrier (Virgin Mobile on Sprint) crap (yes, I have complained to VM, but no, they're not going to take it back). Fortunately, HTC has tools to delete things from the "ROM", so it isn't permanent on the phone I have.

Anonymous data? Remember AOL Search?

Even aggregate data has its malicious uses, but such data is rarely anonymous. Remember the AOL search history release?

https://en.wikipedia.org/wiki/AOL_search_data_leak

AOL released the "ANONYMIZED" search history of its users, only to find it was quite easy to datamine their identity... just from this one set of data. If you have multiple sets, it becomes trivial to do so. e.g. they visit the pizza ordering page, you have the customer list for the pizza place, so you know that that user's details, and by extension all of the other stuff, and if their searches contain "Herpes cures" and "Herpes Clinic", then I wouldn't share a pizza with them.

Even as aggregate data it can be misused. Recall Choicepoint?

http://www.theguardian.com/commentisfree/2006/jul/08/comment.mainsection4

They were the company that analyzed the voting roll in swing states for likely Democrat voters, then analyzed for matching names in other states to create "scrub lists", lists of people to be scrubbed from the electoral role on false claim of fraud. So if Bob Jones in Florida was likely to vote Democrat, they'd find another Bob Jones in another state, and add him to the scrub list to block his vote.

By analyzing the individual wards for bias, they could determine which wards should receive defective voting machines to swing the vote. Hanging chads were not randomly distributed. Those faulty machines were sent largely to black districts.

That was AGGREGATE data, they didn't know how an individual "Bob Jones" would vote, they knew the voting likelihood of his demographic.

One of the tricks used was to send "confirm your residency to be allowed to vote" letters out.... to students (students on *aggregate* vote Democrat) during the summer break requiring a signature from them on receipt. So the student was away on holiday, couldn't get the letter and wouldn't be allowed to vote. The vote was during term time, so they knew the student would be there for the vote, but not for the letter.

This data would let them fine tune such strategies, and often (see AOL) down to individuals.

Re:How is this under the radar?

[AHuxley]

"Senate Rejects All CISA Amendments Designed To Protect Privacy, Reiterating That It's A Surveillance Bill" (Oct 27th 2015 )
https://www.techdirt.com/artic...
All your data is for sale and no looking or asking about what the US is buy or using it for :)

This is equivalent to

[presidenteloco]

If the old-school telephone companies hired people to listen in to your phone calls then sold the info to the highest bidder.
Or the post office routinely steaming open the envelopes of your letters and selling the info, or using it to extort you.

If this sh*t ain't against the law it should be.

They're a common carrier and nothing more. Get off my lawn.