The internet’s private enterprise
How far can we trust the corporations that profit by the personal data millions of us disclose online via social networks
On the internet, as elsewhere, information is money, and information is power. So why have we given it away so lightly?
Something extraordinary has taken place over the last few years. Voluntarily, and without coercion or, indeed, payment, internet users have handed over vast amounts of highly personal data – their preferences, where they live, who their friends are and what they do – to private companies, whose primary goal is to profit from that data. And every day, we hand over more, willingly.
On Facebook, we think we are sharing only with our friends the information – the news, the messages, the photos – that we place on “our” pages. But thanks to Facebook’s confusing privacy settings, users are propelled to default and “recommended” settings that make public almost everything – and in so doing, also permit Facebook to make use of your information. Yet more obscure are the complicated and multi-caveated user and privacy agreements most never bother to read. It is only here that Facebook admits that the content (your “intellectual property”) belongs to the company. They own it; once it’s on the site, you don’t.
Google’s professed aim, apart from its famous motto to “do no evil”, is to organise and share all the world’s information. Less loudly avowed is its parallel objective: to make large amounts of money from that venture. This is not a cynical view: profit is – and must be – the goal of all share-held enterprises. If Google did not promise good returns to its shareholders, its share price would collapse and it would cease to exist. (Facebook has not yet been floated on the stock market; it is widely assumed that it soon will be, for perhaps $50bn.)
Both Google and Facebook offer their services to users apparently for free. But the services are not of course free. Both companies sell the information that users provide – in search data, or personal profiles. In Google’s case, this takes the form of information about individual and collective preferences as revealed by people’s searches. Apparently, these companies mostly sell their (your) information to advertisers who mine the data in order to target consumers more effectively. But, despite fervent declarations about transparency, in fact, it’s very hard to find out exactly to whom they sell the data or what the “data miners” do with it. McDonald’s or the CIA? We’re not told, even though it is information about us that they are trading.
Most people have realised that this is the exchange implicit in using Facebook or other such “free” services. But the quid pro quo is never explicit: when you sign on to Facebook or Twitter, nowhere are you clearly told that this is the deal. This small but highly significant absence is obviously deliberate, as, one suspects, if we understood more clearly, many of us might think twice before handing over our personal data so lightly. These companies have not been entirely straight with us.
The fundamental, if well-concealed deceit of this exchange is why so many feel uneasy about these companies, and about the way that the internet is developing. And this is not the only problem. In any circumstance, whether in the private sector or government, the concentration of power in the hands of the few is a bad thing. Thanks to network effects, the vast majority of users concentrates in a few sites, making it very hard for new competitors to attract users. This means that a massive amount of personal information about us is now in the hands of a very small number of privately-owned companies whose interests, however valid, are not the same as our own. A company that wishes to expand in China may have few qualms handing its users’ data to the authorities in return for permission to operate. Infamously, Yahoo has already made precisely this bargain. Its users did not – and do not – get a say in the matter: none of these companies is democratic; that’s not what companies do.
Some may feel that the exchange of free services for our data is worthwhile. Both Facebook and Google have changed the way that we live, arguably for the better. But the price is a hidden one. Eben Moglen, of Columbia University, argues that in handing over our data, we have handed over something vital about ourselves; that in giving away our privacy, we have surrendered our very identities. To take our identities and privacy back, we must recoup our data, safeguarding it on our own “freedom boxes”, mini-servers that connect peer-to-peer, not through commercial intermediaries.
It may be overstating it that our very identities have been compromised, but what is unarguable is that we have handed over an unprecedented stock of information about ourselves to private entities, whose primary interest is to sell it. We have done so often unthinkingly (I didn’t think about it when I signed up), and largely on trust, assuming that because these companies say so, our interests will be protected.
There is, in fact, almost nothing to guarantee this, and indeed, the manner in which the exchange is presented, or rather misrepresented, when we sign on, suggests that our trust is misplaced. As more and more of our lives move online, we need to think harder about how to promote decentralised information as an intrinsic and essential principle of the internet (as distinct from the rather more compromised, unenforceable and often contradictory “principles” so earnestly declared by Facebook, Google and their like). Like Professor Moglen’s “Freedom Boxes”, the Locker Project also seeks to help us take back control of our own data. For unfortunately, at the moment, the flow of our information is all the other way. We need to turn it back.
As Richard Stallman and the free software movement realised early on, this is ultimately a political battle. For it is our information – and thus our privacy and our freedom – that is at stake.
• With thanks to Neil Levine (@neilwlevine) for his advice in preparing this article
• This article was amended on 8 July 2011 to clarify the type of information about users that Google is able to sell.