What If Social Media Giants Aren't the Worst Offender of Data Privacy?
The data privacy dumpster-fire conglomerate of Facebook, Instagram, & WhatsApp has gotten plenty of attention lately for its careless (and mischievous) approach to user data.
But what if I told you the worst violators are barely even noticed?
What if I told you that you entrust these violators with your money, financial reputation, and personal information that is far too private for any social network?
On Sept. 7, 2017, Equifax revealed that months-long illegitimate access to its credit-report databases had led to the breach of personally identifiable information of over 143 million people, nearly all in the U.S. The total number grew through March 2018 to over 148 million affected.
The company waited six weeks to disclose the breach. - source
Note: 148 million Americans includes over 45% of the country's entire population.
Also note: the Cambridge Analytica scandal included the data of 70.6 million Americans.
Three months later...
Alteryx, a marketing analytics firm, left an unsecured database online that publicly exposed sensitive information for about 123 million U.S. households.
A large portion of the data appeared to originate with Experian, one of three major U.S. credit bureaus, which collected and sold them as part of its “ConsumerView” product for marketers. - source
I could easily point to multiple stories of smaller 'leaks' before and after those mentioned above, but you get the point.
Credit Card Companies
For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for.
But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement.
Alphabet Inc.’s Google and Mastercard Inc. brokered a business partnership during about four years of negotiations, according to four people with knowledge of the deal, three of whom worked on it directly. The alliance gave Google an unprecedented asset for measuring retail spending, part of the search giant’s strategy to fortify its primary business against onslaughts from Amazon.com Inc. and others. - source
But Mastercard isn't the only one...
Last year, when Google announced the service, called "Store Sales Measurement," the company just said it had access to "approximately 70 percent" of U.S. credit and debit cards through partners, without naming them.
That 70 percent could mean that the company has deals with other credit card companies, totaling 70 percent of the people who use credit and debit cards. Or it could mean that the company has deals with companies that include all card users, and 70 percent of those are logged into Google accounts like Gmail when they click on a Google search ad. - source
Albeit egregious, it's one thing when your private messages are sold to Spotify and Netflix or when your "public profile, page likes, birthday and current city" are handed over to Cambridge Analytica.
But now we are talking about financial data. The role credit bureaus and credit cards in collecting user data and selling it to marketing firms (including Facebook & Google) without their users consent or knowledge is a whole new level.
It is hard for us to expect legislators to enact change (reform) in regards to tech giants when companies with government contracts leak customer data like a sieve.