Retailers have moved away from collecting identifiable information from consumers, but need to be aware of requirements for the personal data they do collect, an Albertsons privacy official said.
NEW YORK — Privacy laws should be as much of a concern to grocers as ad partnerships as retailers expand their in-store and online retail media efforts, an Albertsons official said at an industry event last week.
The industry has been moving away from collecting personally identifiable information (PII) like first and last names, email addresses and phone numbers and toward personal data, which is broader than PII and incorporates “pseudonymized identifiers” like a mobile ID, platform ID or a cookie ID, Privacy Counsel for Albertsons Andrew Tobel said during a panel at the Interactive Advertising Bureau’s Connected Commerce Summit last week.
As a result, privacy law has pivoted to regulating the personal data retailers do collect, Tobel said Wednesday during the session, which focused on how retailers can best navigate privacy laws and understand where they currently stand.
These days, privacy laws are more focused on the parameters of personal data, Tobel said.
“Even if the law doesn’t treat a specific data attribute as sensitive, you need to consider what your consumer expects,” he said.
Privacy laws today require retailers to have explicit terms around personal data and pseudonymized identifiers in their contracts with service providers, processors or third party companies outlining what those entities can do, Tobel said.
“Personal data” is an expansive term that also includes “sensitive personal data,” which can include people’s location, ethnicity and nationality — information that is vital to retailers and CPGs as an “effective driver” for ad campaigns and ensuring that ads reach the right audiences, according to Tobel.
Tobel broke down the origin of personal data into three concepts — direct, supplied and derived.
Direct data is personal information gathered right from the consumer and, according to Tobel, is the most impactful when it comes to creating creative and inspirational ways to engage customers.
Supplied data, on the other hand, refers to data that is purchased as part of identity graphing or audience segmentation capabilities, Tobel said, and, under privacy laws, falls into the category or “purpose specification.” Retailers purchase this kind of data for a specific purpose, and it can be used to create relevant ads or push notifications to consumers. However, this area can be a slippery slope as consumers may not be aware their data would be used in a different way than how they supplied it, Tobel said.
Meanwhile, derived data refers to inferences or predictions retailers and CPG partners make about customer behaviour, whether an individual shopper or a group, Tobel said. Like supplied data, the rules that apply to derived data are subject to change under privacy laws’ consent requirements, and this needs to be taken into account when retailers work with their data science teams and partner with vendors.
Data clean rooms — secure and controlled spaces where multiple companies can compile data for joint analysis — can be an effective way to move forward with personalization-focused retail media efforts, as they are a “great privacy-conscious way to work with … consumers’ data,” Tobel said. However, one misconception about these data clean rooms Tobel pointed out was they are not “privacy safe” or a “silver bullet” that can work around privacy laws.
The law requires data to be available to ad and CPG partners, according to Tobel. Retailers also must make available tools used within data clean rooms to process personal data collected by retailers, Tobel said.
Smartphones hold some of our most personal data. This not only includes material like personal photos, but also data that is sensed from the device, such as your location.
With smartphone users spending on average more than five hours a day on their devices, it is critical that we understand how to protect our privacy by controlling what data apps and services can access.
Often, these “free” apps and services are funded by our data. With many of them, if you are not paying for the product, you are the product.
Fortunately, there are now more ways to protect your data. Let’s dive into a few basic steps you can take to shield your information.
One basic step is to periodically review the permissions an application was granted. Why do this? If you have an application such as a weather app that receives your location in the background, it can understand your daily habits, such as when you leave for work, when you pick up a child from school, when you are home, etc.
On iOS, you can review permissions in the “Settings” under “Privacy” and examine each category, such as “Location” and “Photos.”
On Android, you can do the same in “Settings” and then “Apps” and review the permissions for each app.
You will want to disable any permissions where there is not a good explanation for their use. For example, if Facebook is accessing your location or microphone.
With weather apps, you can disable access to the location and manually enter a ZIP code. Our research has found weather apps to be some of the most abusive with location data, frequently sending that data to other companies without your knowledge.
Another basic step you can take is to install an “Ad Blocker” for your browser. The Electronic Frontier Foundation (EFF), which advocates for better digital privacy, has a free blocker called “Privacy Badger.”
If you have an Apple device, DuckDuckGo makes both a custom browser and ad blocker extension. Installing an ad blocker has several benefits: It can block trackers on web pages that are used to profile you and it can save your battery, as fewer requests need to be made to load a web page. You can install these extensions the same way you install apps on your device.
Another simple step you can take is to switch your default search engine. I have been using DuckDuckGo for several years and very rarely do I ever feel the results are not good enough that I need to switch to Google.
DuckDuckGo’s business model is based on serving up ads based on what you search for at that moment in time. Unlike Google, they do not track you across websites.
To make the switch, in iOS go to “Settings,” then “Search Engine” and select “DuckDuckGo.” With Android, in Chrome you can click on the three-dot button in the upper right corner and make the switch there.
There are many more steps you can take to protect your privacy, but these few steps alone can have a significant impact. If you are interested in more, I encourage you to check out spreadprivacy.com, which has additional tips for different devices.
Digital privacy is important, because once your data is gone, you can’t get it back.
By Dr. Brian Krupp
Guest columnist Dr. Brian Krupp is an associate professor of computer science at Baldwin Wallace University. He leads the MObile, Privacy and Security Research Group (MOPS) at BW and also advises BW’s CS+ group that provides educational opportunities for young minds in the community to learn computing. More information is on his website.
Experts say the privacy promise—ubiquitous in online services and apps—obscures the truth about how companies use personal data
You’ve likely run into this claim from tech giants before: “We do not sell your personal data.”
Companies from Facebook to Google to Twitter repeat versions of this statement in their privacy policies, public statements, and congressional testimony. And when taken very literally, the promise is true: Despite gathering masses of personal data on their users and converting that data into billions of dollars in profits, these tech giants do not directly sell their users’ information the same way data brokers directly sell data in bulk to advertisers.
But the disclaimers are also a distraction from all the other ways tech giants use personal data for profit and, in the process, put users’ privacy at risk, experts say.
Lawmakers, watchdog organizations, and privacy advocates have all pointed out ways that advertisers can still pay for access to data from companies like Facebook, Google, and Twitter without directly purchasing it. (Facebook spokesperson Emil Vazquez declined to comment and Twitter spokesperson Laura Pacas referred us to Twitter’s privacy policy. Google did not respond to requests for comment.)
And focusing on the term “sell” is essentially a sleight of hand by tech giants, said Ari Ezra Waldman, a professor of law and computer science at Northeastern University.
“[Their] saying that they don’t sell data to third parties is like a yogurt company saying they’re gluten-free. Yogurt is naturally gluten-free,” Waldman said. “It’s a misdirection from all the other ways that may be more subtle but still are deep and profound invasions of privacy.”
Those other ways include everything from data collected from real-time bidding streams (more on that later), to targeted ads directing traffic to websites that collect data, to companies using the data internally.
How Is My Data at Risk if It’s Not Being Sold?
Even though companies like Facebook and Google aren’t directly selling your data, they are using it for targeted advertising, which creates plenty of opportunities for advertisers to pay and get your personal information in return.
The simplest way is through an ad that links to a website with its own trackers embedded, which can gather information on visitors including their IP address and their device IDs.
Advertising companies are quick to point out that they sell ads, not data, but don’t disclose that clicking on these ads often results in a website collecting personal data. In other words, you can easily give away your information to companies that have paid to get an ad in front of you.
If the ad is targeted toward a certain demographic, then advertisers would also be able to infer personal information about visitors who came from that ad, Bennett Cyphers, a staff technologist at the Electronic Frontier Foundation, said.
For example, if there’s an ad targeted at expectant mothers on Facebook, the advertiser can infer that everyone who came from that link is someone Facebook believes is expecting a child. Once a person clicks on that link, the website could collect device IDs and an IP address, which can be used to identify a person. Personal information like “expecting parent” could become associated with that IP address.
“You can say, ‘Hey, Google, I want a list of people ages 18–35 who watched the Super Bowl last year.’ They won’t give you that list, but they will let you serve ads to all those people,” Cyphers said. “Some of those people will click on those ads, and you can pretty easily figure out who those people are. You can buy data, in a sense, that way.”
Then there’s the complicated but much more common way that advertisers can pay for data without it being considered a sale, through a process known as “real-time bidding.”
Often, when an ad appears on your screen, it wasn’t already there waiting for you to show up. Digital auctions are happening in milliseconds before the ads load, where websites are selling screen real estate to the highest bidder in an automated process.
Visiting a page kicks off a bidding process where hundreds of advertisers are simultaneously sent data like an IP address, a device ID, the visitor’s interests, demographics, and location. The advertisers use this data to determine how much they’d like to pay to show an ad to that visitor, but even if they don’t make the winning bid, they have already captured what may be a lot of personal information.
With Google ads, for instance, the Google Ad Exchange sends data associated with your Google account during this ad auction process, which can include information like your age, location, and interests.
The advertisers aren’t paying for that data, per se; they’re paying for the right to show an advertisement on a page you visited. But they still get the data as part of the bidding process, and some advertisers compile that information and sell it, privacy advocates said.
In May, a group of Google users filed a federal class action lawsuit against Google in the U.S. District Court for the Northern District of California alleging the company is violating its claims to not sell personal information by operating its real-time bidding service.
The lawsuit argues that even though Google wasn’t directly handing over your personal data in exchange for money, its advertising services allowed hundreds of third parties to essentially pay and get access to information on millions of people. The case is ongoing.
“We never sell people’s personal information and we have strict policies specifically prohibiting personalized ads based on sensitive categories,” Google spokesperson José Castañeda told the San Francisco Chronicle in May.
Real-time bidding has also drawn scrutiny from lawmakers and watchdog organizations for its privacy implications.
In January, Simon McDougall, deputy commissioner of the United Kingdom’s Information Commissioner’s Office, announced in a statement that the agency was continuing its investigation of real-time bidding (RTB), which if not properly disclosed, may violate the European Union’s General Data Protection Regulation.
“The complex system of RTB can use people’s sensitive personal data to serve adverts and requires people’s explicit consent, which is not happening right now,” McDougall said. “Sharing people’s data with potentially hundreds of companies, without properly assessing and addressing the risk of these counterparties, also raises questions around the security and retention of this data.”
And in April, a bipartisan group of U.S. senators sent a letter to ad tech companies involved in real-time bidding, including Google. Their main concern: foreign companies and governments potentially capturing massive amounts of personal data about Americans.
“Few Americans realize that some auction participants are siphoning off and storing ‘bidstream’ data to compile exhaustive dossiers about them,” the letter said. “In turn, these dossiers are being openly sold to anyone with a credit card, including to hedge funds, political campaigns, and even to governments.”
On May 4, Google responded to the letter, telling lawmakers that it doesn’t share personally identifiable information in bid requests and doesn’t share demographic information during the process.
“We never sell people’s personal information and all ad buyers using our systems are subject to stringent policies and standards, including restrictions on the use and retention of information they receive,” Mark Isakowitz, Google’s vice president of government affairs and public policy, said in the letter.
What Does It Mean to “Sell” Data?
Advocates have been trying to expand the definition of “sell” beyond a straightforward transaction.
The California Consumer Privacy Act, which went into effect in January 2020, attempted to cast a wide net when defining “sale,” beyond just exchanging data for money. The law considers it a sale if personal information is sold, rented, released, shared, transferred, or communicated (either orally or in writing) from one business to another for “monetary or other valuable consideration.”
And companies that sell such data are required to disclose that they’re doing so and allow consumers to opt out.
“We wrote the law trying to reflect how the data economy actually works, where most of the time, unless you’re a data broker, you’re not actually selling a person’s personal information,” said Mary Stone Ross, chief privacy officer at OSOM Products and a co-author of the law. “But you essentially are. If you are a social media company and you’re providing advertising and people pay you a lot of money, you are selling access to them.”
But that doesn’t mean it’s always obvious what sorts of personal data a company collects and sells.
In T-Mobile’s privacy policy, for instance, the company says it sells compiled data in bulk, which it calls “audience segments.” The policy states that audience segment data for sale doesn’t contain identifiers like your name and address but does include your mobile advertising ID.
Nevertheless, T-Mobile’s privacy policy says the company does “not sell information that directly identifies customers.”
T-Mobile spokesperson Taylor Prewitt didn’t provide an answer to why the company doesn’t consider advertising IDs to be personal information but said customers have the right to opt out of that data being sold.
So What Should I Be Looking for in a Privacy Policy?
The next time you look at a privacy policy, which few people ever really do, don’t just focus on whether or not the company says it sells your data. That’s not necessarily the best way to assess how your information is traveling and being used.
And even if a privacy policy says that it doesn’t share private information beyond company walls, the data collected can still be used for purposes you might feel uncomfortable with, like training internal algorithms and machine learning models. (See Facebook’s use of one billion pictures from Instagram, which it owns, to improve its image recognition capability.)
Consumers should look for deletion and retention policies instead, said Lindsey Barrett, a privacy expert and until recently a fellow at Georgetown Law. These are policies that spell out how long companies keep data, and how to get it removed.
She noted that these statements hold a lot more weight than companies promising not to sell your data.
“People don’t have any meaningful transparency into what companies are doing with their data, and too often, there are too few limits on what they can do with it,” Barrett said. “The whole ‘We don’t sell your data’ doesn’t say anything about what the company is doing behind closed doors.”
Millions of Chinese smart TVs were scanning users WiFi and sending personal data to a data analytics company.
According to the South China Morning Post, a user of the Chinese developer forum V2EX published a post last week detailing that his Skyworth smart TV was scanning data every 10 minutes and gathered information such as the WiFi network the TV was connected to, the user’s IP address, device names and network latency.
“I felt that the TV was a bit slow before, and I looked at what background services were turned on. I found that there is something called “GoZheng Data Service,” and I don’t know what it is,” the user wrote on the developer forum V2EX.
“The TV is an Android system. I researched the packet and found that this thing scans my family’s connected devices every 10 minutes, and sends back the hostname, mac, ip and even the network delay time. It also detects the surrounding wifi SSID names, The mac address is also packaged and sent to this domain name of gz-data.com.”
As the user’s post noted, the data collected was being sent to the Beijing-based firm Gozen Data, which is a data analytics company that collects TV viewership data.
The Gozen Data website, gz-data.com, states that its data collection service operates in 149 million households, 140 million smart TVs and covers 457 million Chinese residents. The data analytics firm has been working with smart TV manufacturers since 2014. It is unclear if Gozen Data operates on any smart TVs sold in the U.S.
Shortly after the post on the V2EX forum gained traction, the smart TV manufacturer and Gozen Data faced backlash, with users accusing the two of spying on them.
In response to the criticism, Skyworth and Gozen Data issued statements apologizing for the issue.
According to the South China Morning Post, in a post to its WeChat account, Gozen wrote that it has collected data for viewership purposes, including “television ratings for households and individuals, viewership analysis, advertising analysis and optimization.”
Gozen also apologized and said the company will “improve our user privacy policy and ensure we are collecting information with users’ consent and within the scope of legal compliance.” Gozen published a separate web page to outline 21 different data types that it collects from users.
In a statement sent to the South China Morning Post, Skyworth wrote: “Data security and user privacy are our highest priorities … we will continue to safeguard our users’ privacy, data, rights and interests.” According to the Post, the statement also noted that Skyworth’s TVs sold in Hong Kong were never pre-installed with the Gozen Data application.
Take back control of your information with these easy steps.
Google, just like Facebook, collects a lot of personal data about its users. While many of us might have put that thought to the back of our minds, this week one web developer reminded us of the true extent of Google’s great data grab with this eye-opening Twitter thread.
The post went viral, unsurprisingly, given that the details it contained: Google tracks every journey you make, it logs every video you watch on YouTube, and it even knows your tastes.
It doesn’t actually send any of this data outside of its own four walls. Instead, Google hordes it all so it can learn more about you, and better target the adverts you see and the services you use.
If the thought of a single company having all that information in one place makes you uncomfortable, then not only can you stop Google from tracking your every move, but you can also delete all the previous data it has been collecting on you. (Alternatively, you could download it (although we wouldn’t recommend it).
How to see everything Google collects on you
Since 2016, Google has allowed every user to see all of this information through a privacy website called My Activity. This will show you a timeline of every interaction you’ve made through one of Google’s apps – whether it’s watching a video on YouTube or asking for directions through Google Maps. Prepare yourself, it’s a bit scary.
Google uses a lot of the data it collects to help it work faster – that’s why when you start typing in Google Search, it seems to instinctively know what you’re looking for. This can be useful, but comes with a tradeoff: Google records and remembers every search you make through Google, Google Now or even Google Maps. It doesn’t share this with anyone, but stores it for its own services.
To stop Google recording every search head to My Activity by clicking here. Now click on Activity Controls on the left-hand side of the screen.
You’re now in the main settings screen. The first setting is called Web & App Activity. Turn this off and then click on the word Pause. Also untick the box below that says Include Chrome browsing history and activity from websites and apps that use Google services.
Stop Google tracking your location
Google tracks everywhere you’ve been either from devices where you’ve signed in to Google Maps or through an Android device. Users with iPhones or Apple devices will find that Apple automatically limits this tracking considerably so you won’t have the same terrifying map of locations as Android users.
Head to My Activity by clicking here. Now click on Activity Controls on the left-hand side of the screen. Scroll down and you’ll find Location History. Turn this off and then click on the word Pause.
Stop Google tracking which smartphones you use
Google stores information about every Android device that you sign into, the idea being that it can better recommend apps and services the next time you have a new device.
Head to My Activity by clicking here. Now click on Activity Controls on the left-hand side of the screen. Scroll down and you’ll find Device Information. Turn this off and then click the word Pause.
Stop Google recording your voice
Every time you say ‘Ok Google’ to your phone or smart speaker Google saves that request so you can go back and review it or delete it. Google says that it saves these in order to improve the way your devices respond to you.
Head to My Activity by clicking here. Now click on Activity Controls on the left-hand side of the screen. Scroll down and you’ll see Voice and Audio Activity. Turn this off and click Pause.
Stop Google tracking every YouTube video you watch
When you’re using YouTube Google is recording every search and every video that you watch. The idea being that it can better recommend videos you might enjoy watching.
Head to My Activity by clicking here. Now click on Activity Controls on the left-hand side of the screen. Scroll down and you’ll see YouTube Search History and YouTube Watch History. Untick both of these boxes and click Pause when each box appears.
Stop Google creating a profile of you for advertisers
Google shares surprisingly little with advertisers in terms of your personal information. Rather it uses all of that information to create a rough anonymous profile of your interests. It is this info that is then used to target ads for products you might like. To see your advertising profile click here.
You can also turn off ad personalisation or tweak your own interests if you’re not happy with the adverts that you see. You can also scroll down and change your profile which will usually be a gender and a rough age range.
Download all your Google data
Soon to be everyone in the EU’s legal right, Google already lets you download all the data about you that it currently holds. While this might make interesting reading, once the data is on your computer it is now arguably less secure than it was before, so treat it with care.
You can now pick and choose the type of data you want to download and in what format.
Delete all the data Google currently has on you
This is, remarkably, pretty easy.
Head to My Activity by clicking here. Now head to Delete activity by. Simply click on the date range and select All time. Now click Delete.
To delete all the location data Google has on you head to your Timeline by clicking here. In the bottom right-hand side you’ll find a rubbish bin, click on it and then click I understand and want to delete all location history.
To delete all the device information being collected on you click here. Now on the right-hand side click Delete All.