Top 10 Big Brother Companies: Ranking the Worst Consumer Privacy Infringers
How much would you sell your private data to a company for? Would you take $100 to let someone see every site you have visited over the past year, how about $1,000? Today, many major companies spend millions collecting a variety data on individuals such as; what charities you donate to, your political beliefs, your shopping habits, your educational data and your contact information. Unfortunately, you never get to decide how much your privacy is worth to you, because these companies aren't asking your permission. In this article we highlight ten of the worst corporate offenders when it comes to invading privacy. While we aren't so naive as to think that this sort of exposure is enough on its own to cause any real changes in corporate behavior, we hope that by helping to bring to light some of the personal privacy infringements that these companies are engaged in, more people will begin to select the companies they do business with on the basis of their privacy policy. If that starts to happen, real consumer-driven change is possible. So without further adieu, here are the top ten big corporate privacy offenders:
It seems the only thing growing faster than Google's control of online searches is their database which they hope will eventually hold information on every internet user in the world. Google boasts databases big enough to permanently save the countless number of searches internet users make each and every day. The information Google stores on its users is great enough to create a virtual identity equipped with information ranging from favorite flavors of ice cream to sexual fantasies. And who can forget Google's infamous eye in the sky, also known as Google maps. How scary of a thought is this: a group of people monitoring servers in California know everything you did yesterday, your major plans for the rest of the week, and where you live. To top it off, Google offers services such as GMail that can store even more information about your personal life. Unfortunately, however, that isn't the worst of Googles privacy offenses.
Google's most prominent form of data assimilation lies in their cookies. Where most websites set cookies to expire in a few days (or in rare cases a few months) Google configures their cookies to expire in 30 years. Google claims this gestation period is to gather information to provide users with more accurate search results and protect Google from denial of service attacks and other cyber-crimes, but the simple truth is Google is gathering your information and has the storage space to create a very detailed picture of your online activity.
Facebook, as many of you know, has unrestricted access to everything you do related to its site. The amount of information Facebook has on you and its other members is appalling. In signing up for Facebook -- and filling out your profile -- you've essentially completed the world's most widespread survey. With over 400 million active users, the Facebook Like and Facebook Share widgets on seemingly every website you browse, it's no wonder some experts speculate the company's worth at over $11 billion. Twitter, by comparison, is speculated to only be worth a paltry $1 billion. That disparity has much to do with the amount of information Facebook holds concerning its users and their online activities and browsing habits.
America Online
America Online's privacy intrusion efforts are so aggressive and offensive, that the only explanation seems to be that AOL thought its clientele was so naïve they would never catch on to the company's privacy invasions. In August of 2006, America Online released web search data from more than 650,000 users without prior consent. A handful of users involved have since then filed a lawsuit against America Online citing that the released data contained information some users considered too private to ever make it beyond the comforts of their own home.
To attract new customers, America Online is currently using an anti-spyware software campaign. What America Online fails to tell you is that packaged within portions of their software (including AIM and various online games) lies WildTangent, an application that reports personal information directly to various databases. America Online went so far as fail to tell users WildTangent was being installed on their machines in the End User License Agreement, until mounting complaints finally forced their hand.
Yahoo!
The world's most popular website Yahoo! is also one of the world's biggest data aggregators. The plethora of services Yahoo! offers provides the ideal data collection scheme. The beauty of the system is, Yahoo! doesn't have to go through any extraordinary means to obtain your personal information; instead, users voluntarily give Yahoo! their information every time they use a Yahoo! product, perform a search, enter a Yahoo! promotion or sweepstakes, or purchase products through Yahoo!. Eventually, Yahoo! has acquired enough of your personal data to create for each user an individualized profile which they use to target advertisements that are most likely to appeal to you.
Microsoft
It will come as little surprise to many that Microsoft products are among the world's elite when it comes to privacy invasion. Microsoft is constantly developing new ways to aggregate customer data for the ostensible purpose of creating a "smoother ride" for the user. Practically speaking, however, many Microsoft products and features are designed simply to provide a convenient way for the program to report back to Microsoft databases what type of activities you regularly engage in on your computer. In effect, the Windows operating system works like a two-way mirror: the customer has little idea that Microsoft is literally watching every move he makes.
Perhaps the most insidious method of privacy invasion Microsoft employs is the "Windows Live ID" (formerly Microsoft .NET Passport). The Windows Live ID collects data from the majority of Microsoft networks including MSN, Hotmail, and Xbox Live, and stores them in a central database. This data includes email addresses, generic personal information (name, age, etc), your favorites (books, video games, gadgets, etc), address books and contact lists (so your friends can be exploited too!), and much more. Microsoft then takes this data and generates ads targeted specifically to you.
Amazon.com
It should come as no surprise that the world's biggest online store has a lot of private information pass through its servers on a daily basis. Amazon.com happens to have receipts on more than 59 million active customers, which are used by the company to track the purchases that individual customers make.
To make matters worse, Amazon.com now has the capability to cross reference their database with public records to create enough marketing information to make any unscrupulous retailer squeal with delight. Amazon.com is currently among the world leaders in distributing information about its users to advertisers, and if they continue this practice the recent advancements in data mining by Amazon threaten to make shopping online with any form of anonymity a thing of the past. To give you an idea of the severity of Amazon.com's commitment to exploiting their costumers here is an excerpt from their privacy policy:
"As we continue to develop our business, we might sell or buy stores, subsidiaries, or business units. In such transactions, customer information generally is one of the transferred business assets."
Yes, you read that correctly, Amazon is in the business of selling private consumer data. And for that move, they earn the #7 spot in our ranking.
ChoicePoint
ChoicePoint, a marketing conglomerate, wins our coveted George Orwell award as the company most likely to be watching you right now; i.e., Big Brother. ChoicePoint maintains more than 17 billion records on 220 million people with topics ranging from social security numbers to DNA samples. The majority of ChoicePoint's information is sold to the highest bidder which more often than not happens to be a representative of the United States government, a leading American company, or a Nigerian fraud group. In addition to their willingness to sell private information to questionable sources, another factor that makes ChoicePoint the biggest privacy threat is the company's failure to provide a high level of data security.
In 2005 ChoicePoint announced that approximately 160,000 users in their database had various forms of sensitive information compromised. This breach in security resulted in more than 750 cases of full blown identify theft.
Response Unlimited
In what is perhaps the boldest (and most brainless) information scam of all time, Response Unlimited, a large marketing firm, received authorization to sell a list of Terri Schiavo's financial contributors to other companies as sales leads. The story broke on Response Unlimited's company wide privacy mining operation only after it was revealed that most of the donors were constantly getting loads of spam and telemarketing calls.
Response Unlimited's shameless consumer data mining scheme earns them the number 10 spot on this countdown.
LexisNexis
LexisNexis is a company as notorious for its inability to secure the private information it has as it is for its privacy invasions. LexisNexis maintains the LexisNexis database, which includes millions of records which include mailing addresses of almost every person in the United States. In July of 2005, the LexisNexis security system was compromised resulting in more than 300,000 records being stolen by computer hackers. This security breach ranks among the top personal data heists of all time. Luckily, the LexisNexis hackers were identified as a few teenage kids looking to have some fun, but it demonstrated how inept their security measures are at protecting one of the largest caches of private data in the world.
Accenture
Accenture is on this list for their growing reputation in expanding digital dossiers and accepting a $10 billion dollar contract with the United States Department of Homeland Security to build a surveillance system that tracks visitors, to, from, and within the United States. The system calls for extensive fingerprints and photographs of all visa wavier travelers and non-naturalized U.S. residents. The system is also experimenting in futuristic technologies such as biometrics via iris scanning and facial recognition. So not only does Accenture know your credit history and previous court dates (even if only jury duty), they also know what you look like.
Bonus - Acxiom
Dubbed as the premiere source of addresses and telephone numbers for telemarketers and mass mailers, Acxiom has a reputation of collecting data better than anyone else. Acxiom boasts records on millions of Americans including drug test and criminal histories, education data, and the popular "Suspected Terrorist Watchlist" available at a premium price. The company claims this data is to help employers weed out untruthful applicants and illegal employees, but often the information is used to create very targeted ads by advertisers.
Conclusion
This list of the worst ten copmanies for privacy invasion and data mining is intended to highlight some of the worst actors among big business. While this exposure on its own cannot make a big difference in causing companies to change their policy, by having citizens and internet users who are more aware and concerned about the threats posed by data mining, real change can actually occur. So if this article leaves you with anything, I encourage you to become more educated about the privacy policies of the companies you do business with, and consider making consumer decisions on the basis of what you learn.
