Tracked and Traced: You are the product, thanks to surveillance capitalism

Listen and subscribe to Tracked and Traced:

Apple Podcast — Spotify — NPR — Stitcher — Google Podcasts

In this episode:

• Russ McNamara falls down the surveillance capitalism rabbit hole
• Interview with Tim O’Reilly, founder of O’Reilly Media and author of “WTF: What’s the Future and Why It’s Up to Us”
• Interview with Rob Johnson, president of the Institute for New Economic Thinking and host of the podcast “Economics and Beyond with Rob Johnson”

Editor’s Note: After publishing this episode, Securus Technologies contacted WDET, their comments are reflected in this version of the story.

Is your online data secret? Is it safe? High-profile data breaches have become the norm, including Target, Marriott, Equifax, Bank of America. The list goes on.

Companies worth billions of dollars are using your personal information in ways you might not expect. Often, it’s given freely. Other times, it’s coerced.

Between your GPS-enabled smartphone, the agreements you have to sign for using apps or social media, it might seem like there’s no expectation of privacy. And in jail, it’s even worse than you might think.

“Everybody who was incarcerated was required to make a voiceprint and if you didn’t make the voiceprint,” says Bianca Tylek, executive director of Worth Rises, “you would not be allowed to use the phone.”

But what happens to those voiceprints? They were going into databases and being sold to law enforcement, says Tylek.

A judge recently put a stop to that, but jail telecom companies like Securus Technologies have other ways of making money. Like calls to home or calls to lawyers.

“Securus has routinely recorded and handed over privileged calls; those are calls between people who are in jail and their attorneys which are protected constitutionally to prosecutors and law enforcement,” says Tylek.

But Securus doesn’t consider their product to be a voice print. A Securus spokesperson describes it this way, “Our platform includes voice identification technology. It uses a proprietary algorithm to generate a numerical formula based on an individual’s voice.” Securus also says they do not record or access calls to private numbers. So, if the company isn’t turning over the calls, it’s likely a jail or prison employee that is looking them up and handing them over to prosecutors. Still, Securus has paid out hundreds of thousands of dollars in settlements in cases in California, Kansas and other states for recording privileged calls.

Who is Securus Technologies? If you work your way through a mix of subsidiaries you’ll find Platinum Equity, which is owned by Tom Gores. Gores also owns the Detroit Pistons. (Ed. note: this has been changed from an incorrect usage of shell companies.)

Another place you might not think to look for data collection and resale: automobiles.

“I think a lot of people don’t realize that the moment you plug your phone into a car either through you know the USB connection or connect over Bluetooth your phone is probably sending over personal data to the car’s computer.” —Geoff Fowler, Washington Post

Geoff Fowler is a tech reporter for the Washington Post. He and an expert tore apart a car to figure out all the data it was collecting. In his reporting, Fowler found that GM “had the right to collect pretty much whatever they wanted for whatever purpose and to hold on to it indefinitely.”

So how much does your car know about you? An awful lot.

“Those computers, just the infotainment system which again is just one of the many computers in a car, can collect and generate gigabytes and gigabytes of data per hour,” says Fowler.

“So we found locations, places I had gone, places where the owner of the car Doug [a volunteer who let Fowler look inside his two-year-old Chevy Volt] had gone. We found a contact taken from our phone. We found calendar entries, music, all kinds of things that basically would have let whoever had access to that computer reconstruct our lives.

“I think a lot of people don’t realize that the moment you plug your phone into a car either through you know the USB connection or connect over Bluetooth your phone is probably sending over personal data to the car’s computer.”

Even if the company doesn’t do anything particularly nefarious with your data, that doesn’t necessarily mean others won’t. Everything from McDonald’s and Kroger to Planned Parenthood of Los Angeles have had data breaches. Fowler says that means others can get your information and use it against you.

Another industry that finds your automobile data interesting is insurance.

Fowler says, “Already these companies have deals with some insurance firms where they will automatically send back reports about what kind of driver you are, ostensibly for insurance discounts. But of course, what starts as a discount can end up leading us all to be paying more if we turned out to not actually be good drivers.

“There are lots of cases where courts or good governments or bad governments out there might want this data to know where a person was and what they were doing. And when I asked General Motors, ‘How often does it comply with a government request for data about our driving? It wouldn’t say.”
There are other ways your data can be collected in the home, too.”

Alanson Sample is an associate professor in computer science and engineering at the University of Michigan. He’s working on PrivacyMic, which is a developing audio technology that deals outside the normal frequency range for human ears. Even though we can’t hear it, that range is jam-packed with useful information for corporations that are looking to get as much usable info on you as possible.

“Normally we think about hearing from 20 hertz to 20 kilohertz, but there’s lots of frequencies of vibration that happen outside of that range. In fact, ultrasound has a lot of really unique, interesting sounds that […] we don’t think of as sounds, but they’re acoustic vibrations,” says Sample.

By using microphones that specifically capture specific frequencies, PrivacyMic can identify things like televisions being on, electric toothbrushes, or even whether lights are on or off, all while inherently removing speech.

And it’s not just audio. Sample and company are working on a camera that can detect if someone falls and needs help, without recording day-to-day events.

“In the camera itself has a privacy coprocessor where it goes and removes all personally identifiable information and just replaces you or the subject as a stick figure,” says Sample.

A surveillance technology that doesn’t capture personal information sounds innovative and potentially very profitable, right? Not quite. Sample says established companies are not as interested in PrivacyMic, suggesting the personal identifying information is a valuable part of any data being collected, bought and sold.

So what can we do about all of this data collection going on?

Lee Tien is the Senior Staff Attorney and the Adams Chair for Internet Rights at the Electronic Frontier Foundation, and he dislikes that question.

“I think one of the things I like the least about talking to journalists about the privacy problem is they always ask, ‘What advice do you have for individuals? What should people do to protect themselves?’ And honestly, there’s really very little that you can do other than to not, you know, engage,” says Tien.

“For instance, I don’t use Facebook. It’s not clear to me that there’s a safe way to do that if you want to protect your privacy.”

There are of course privacy policies that we almost always accept without reading. But, if we need to use certain technologies in order to function in society, are we really agreeing to this data use? Do we actually have a choice?

“People are online, they are doing things, but they don’t know what the secondary effects are, how it pulls together or what it actually does to the world.” —Lee Tien, Electronic Frontier Foundation

Tien says, “I mean, you know, agreeing is too strong of a word, right? Agreeing implies that people know what they’re agreeing to,” says Tien.

“I’d say that a lot of things are not a matter of agreement. It’s just sort of a matter of what is the path of least resistance. It’s more like acceptance and sort of like hope that things won’t go bad.”

Tien got philosophical about the whole thing, paraphrasing a quote by French sociologist and philosopher Michel Foucault: “People know what they do; frequently they know why they do what they do; but what they don’t know is what what they do does.”

“I was struck by it because I think it’s so true,” Tien says. “People are online, they are doing things, but they don’t know what the secondary effects are, how it pulls together or what it actually does to the world.”

Basically, we don’t truly know what we are getting ourselves into. Companies make it difficult or impossible to know about how your data is being used, and that’s the point.

Those that trade in your likes, dislikes and location want your focus on the latest shiny object, so you don’t realize they could be making more off of your name and info than you are.

Tien says that there are some indications that governments are catching up to the question of data and privacy, specifically in the European Union.

“Well, I don’t think the United States has been leading the way for changing this area for a while. I think we’ve been a little slow. I think the EU has moved a little faster than us. It’s moved faster than us on privacy. It’s moved faster than us on competition and unfair competition issues.”

Tracked and Traced is supported by the Pulitzer Center, the Community Foundation for Southeast Michigan, and MSUFCU.