Companies are tracking your personal data without your consent, what you need to know

Published: Oct. 5, 2021 at 8:58 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

BIRMINGHAM, Ala. (WBRC) - Each day unnamed companies are collecting our information; data so personal we likely wouldn’t share it with our closest friends.

Despite the existing privacy challenges, Alan Butler, president of the advocacy organization EPIC, or the Electronic Privacy Information Center, acknowledges some consumers still believe they’re in control of who has access to their data.

“People think of the data about them online as what they post on Facebook or their order history on Amazon,” Butler explained. “But the reality is it’s such a vast network of entities that are collecting, analyzing and monitoring data about what you’re doing that you have no knowledge of.”

You may be surprised to learn this practice is legal. No federal privacy laws are in place to regulate this activity. Data collection is often framed as targeted advertising to sell consumers products they’ve been searching for online, but Butler says it’s far more invasive.

“There are all sorts of devices that have the capability to record inside your home and internet environments, I think it would be crazy to think that we should live in a society where that can be done without any rules, without any restrictions on what they’re going to do,” stated Butler.

Here’s how it works: As you browse the internet there are devices that track what you’re doing and build profiles about you that ultimately influence what shows up in search engines or what lands on your timeline. Brick and mortar stores also build consumer profiles, even if the shopper doesn’t have an online account.

“Incredibly targeted advertising or marketing can change and affect the way we think of the world,” Butler admitted. “One element is almost a kind of psychological warfare, you lose control of that data and you’re subject to profiling and targeting, and you can be targeted for any kind of influence campaign.”

That information is being shared far and wide, company to company and subsequently at times with hackers.

Butler and his colleagues are calling for federal reforms to regulate what data can be collected, what companies can do with it, and how long they can keep it.

“We haven’t passed a meaningful consumer privacy law in the United States in over twenty years, we are so far behind”, he added. “We rely heavily at the federal level on the Federal Trade Commission to help regulate and police this space, but that agency is woefully underfunded and its mandate is way too broad. This is an entity that regulates deceptive labeling on consumer products as well as a whole host of other things. They have a lot on their plate and we need an entity that’s actually dedicated to this issue.”

Butler says consumers aren’t powerless. The best line of defense against fraud: use strong passwords and good internet hygiene, especially with financial data or websites.

“Making sure that your devices are updated is a really important step that anyone can take to protect themselves against some of cybercrime threats that are issued,” Butler responded. “For example, Apple just announced a big patch a few weeks ago that corrects a major vulnerability in mobile operating systems.”

It’s important to pay attention to popups on websites, especially those who ask about privacy settings. This action is connected to state-level privacy laws passed in as a stop-gap measure to protect residents.

“For the most part you can ignore them and click past them if you don’t want to allow certain types of tracking, but they can be quite obtrusive and obnoxious and a lot of them unfortunately are designed to trick you,” he added. “It uses things called dark patterns to essentially trick you into turning on tracking when it’s not actually what you want.”

You may have also noticed a tab on a growing number of websites that states ‘do not sell my data’, which is in response to California’s privacy law. Butler cautions consumers, it’s not as cut-and-dry and it may seem.

“You may ask one company to delete your data, but unless they effectively tell you who else has access that data and how to get that data deleted from those profiles, that may not be effective,” Butler said.

It’s also important to note, some tech giants are operating above-board.

“The major platforms, the major reputable companies do have privacy controls that abide by [Europe’s data privacy and security law], under the new California privacy law and a number of new state laws that are requiring companies to abide by requests to delete, provide access to data that they have about you and to not sell your data,”.

Alabama doesn’t have a privacy law, but HB216 was introduced during the 2021 regular legislative session that would have created one of the most comprehensive state privacy laws in the country. It’s unclear if it will be reintroduced during the 2022 session.

Copyright 2021 WBRC. All rights reserved.