2021年,数据隐私保卫战全面打响,苹果推出数据隐私工具,却遭到Facebook的抵制。TikTok试图获取用户生物特征信息,在一起指控滥用数据的集体诉讼中以9200万美元达成和解,WhatsApp更是在更改隐私政策后失去了大量用户。就在上周,Robinhood公布了700万客户的个人信息被泄露的细节。
虽然消费者逐渐意识到,一众公司大肆收集用户个人信息,但并不清楚到底有多少数据被提取或作何用途。
为帮助大众了解公司收集了多少数据,Clario专门制作图表,详细显示哪些公司收集的数据最多,收集了哪些类型的数据,结果让人大开眼界。但即使有了这些图表,我们也无法真正了解公司如何使用这些数据。
你不得不授权Instagram访问相机相册,一旦授权,Instagram实际获得的图库访问权限非你所能想象。Instagram会拿你的照片做什么?我们无从得知。
赢家:亚马逊、苹果和戴森
在最近的一项调查中,客户表示在个人数据保护上,最信任的是亚马逊,其次是Netflix。这表明,令人愉悦的定制化体验能够有效吸引用户共享信息。没有人想要从Netflix收到糟糕的剧集推荐,购物者在逛亚马逊时,喜欢看到根据自己的偏好和兴趣精心挑选的商品。这种个性化程度值得共享个人数据。从这个意义上说,可以将亚马逊和Netflix视为赢家,因为它们的用户享受正回报,不介意企业访问数据。不过,将一家最近被罚的公司称为“赢家”有点奇怪,这家公司正是亚马逊,因为违反个人数据处理规则而被欧盟处以有史以来最高的罚款——8.866亿美元。
苹果也是一家因为保护用户隐私而备受青睐的公司,致力于为消费者带来数据透明度。如果消费者不喜欢企业不透明的隐私政策,信任就无从谈起。相比之下,如果消费者相信苹果的透明度,苹果就将继续稳坐赢家宝座。然而,有消息称,其他公司已经能够通过数据三角测量和设备指纹识别,绕过苹果的隐私政策。这些秘密技术窃取足够的私人信息,仍然可以识别你的手机、使用的应用程序,并有可能揭晓如何定位你,目前尚无办法阻止这种窥探。
戴森(Dyson)等其他公司意外成为隐私保卫战中的开路先锋。在戴森的隐私页面上,不仅阐明戴森的隐私承诺,还以通俗易懂的语言明确指出公司收集的信息、为什么收集以及戴森如何保护消费者的权利。
还在努力:Robinhood
许多公司力图纠正繁复的系统,以便从数量惊人的应用程序中整合用户信息。
以Robinhood为例。黑客入侵,窃取700万账户持有人的个人信息。谢天谢地,收集到的数据大部分是姓名和电子邮件,表面看没有什么危害。但转念一想,既然是Robinhood账户持有人,就表示有一定的经济能力。不法分子就能够利用用户的姓名和电子邮件,编织各种各样的电子邮件骗局,攻击不知情的客户。问题在于,企业对任何数据的依赖,甚至是看似无害的数据,都会吸引黑客,后者以超乎寻常的黑客技术“磨刀霍霍”向用户。
情况可能更糟。Robinhood似乎对最敏感的数据进行了加密,以至于客户响应团队都无法查看。公司也就袭击事件发表声明,并立即与主管部门联系。
输家:Facebook、Clubhouse及社交巨头
Clubhouse过度收集用户数据。该软件用录制用户的声音、对话等等,但真正失败的地方是,该公司的防范措施近乎零。事实上,斯坦福互联网观察实验室(Stanford Internet Observatory)发现,Clubhouse对用户数据太过粗心,以至于“对Clubhouse的数百万用户,构成了直接的安全风险。”
可以想象,像Facebook这样社交巨头,收集的数据一旦用作非法用途,将对用户的现实生活造成伤害。Facebook等一众社交网站基本上了解你的一切:住在哪里,朋友是谁,喜欢或讨厌的产品,去哪里旅行,如何消费,如何思考,甚至从你的帖子、照片和行为模式中推演出的深层信息。
有意见认为,虽然公司依托个人信息打造看似贴心的用户体验,但会利用个人数据来策划内容,使用户处于一个影响日常现实感知的“回音室”中。如今公司正在面临最终审判,如何修改算法、改进数据隐私做法将决定其命运。
显然,仅有政策是不够的,公司还必须改变他们对用户数据的看法和经营方式。(财富中文网)
丹尼尔·巴伯是DataGrail的联合创始人及首席执行官。
译者:Transn
2021年,数据隐私保卫战全面打响,苹果推出数据隐私工具,却遭到Facebook的抵制。TikTok试图获取用户生物特征信息,在一起指控滥用数据的集体诉讼中以9200万美元达成和解,WhatsApp更是在更改隐私政策后失去了大量用户。就在上周,Robinhood公布了700万客户的个人信息被泄露的细节。
虽然消费者逐渐意识到,一众公司大肆收集用户个人信息,但并不清楚到底有多少数据被提取或作何用途。
为帮助大众了解公司收集了多少数据,Clario专门制作图表,详细显示哪些公司收集的数据最多,收集了哪些类型的数据,结果让人大开眼界。但即使有了这些图表,我们也无法真正了解公司如何使用这些数据。
你不得不授权Instagram访问相机相册,一旦授权,Instagram实际获得的图库访问权限非你所能想象。Instagram会拿你的照片做什么?我们无从得知。
赢家:亚马逊、苹果和戴森
在最近的一项调查中,客户表示在个人数据保护上,最信任的是亚马逊,其次是Netflix。这表明,令人愉悦的定制化体验能够有效吸引用户共享信息。没有人想要从Netflix收到糟糕的剧集推荐,购物者在逛亚马逊时,喜欢看到根据自己的偏好和兴趣精心挑选的商品。这种个性化程度值得共享个人数据。从这个意义上说,可以将亚马逊和Netflix视为赢家,因为它们的用户享受正回报,不介意企业访问数据。不过,将一家最近被罚的公司称为“赢家”有点奇怪,这家公司正是亚马逊,因为违反个人数据处理规则而被欧盟处以有史以来最高的罚款——8.866亿美元。
苹果也是一家因为保护用户隐私而备受青睐的公司,致力于为消费者带来数据透明度。如果消费者不喜欢企业不透明的隐私政策,信任就无从谈起。相比之下,如果消费者相信苹果的透明度,苹果就将继续稳坐赢家宝座。然而,有消息称,其他公司已经能够通过数据三角测量和设备指纹识别,绕过苹果的隐私政策。这些秘密技术窃取足够的私人信息,仍然可以识别你的手机、使用的应用程序,并有可能揭晓如何定位你,目前尚无办法阻止这种窥探。
戴森(Dyson)等其他公司意外成为隐私保卫战中的开路先锋。在戴森的隐私页面上,不仅阐明戴森的隐私承诺,还以通俗易懂的语言明确指出公司收集的信息、为什么收集以及戴森如何保护消费者的权利。
还在努力:Robinhood
许多公司力图纠正繁复的系统,以便从数量惊人的应用程序中整合用户信息。
以Robinhood为例。黑客入侵,窃取700万账户持有人的个人信息。谢天谢地,收集到的数据大部分是姓名和电子邮件,表面看没有什么危害。但转念一想,既然是Robinhood账户持有人,就表示有一定的经济能力。不法分子就能够利用用户的姓名和电子邮件,编织各种各样的电子邮件骗局,攻击不知情的客户。问题在于,企业对任何数据的依赖,甚至是看似无害的数据,都会吸引黑客,后者以超乎寻常的黑客技术“磨刀霍霍”向用户。
情况可能更糟。Robinhood似乎对最敏感的数据进行了加密,以至于客户响应团队都无法查看。公司也就袭击事件发表声明,并立即与主管部门联系。
输家:Facebook、Clubhouse及社交巨头
Clubhouse过度收集用户数据。该软件用录制用户的声音、对话等等,但真正失败的地方是,该公司的防范措施近乎零。事实上,斯坦福互联网观察实验室(Stanford Internet Observatory)发现,Clubhouse对用户数据太过粗心,以至于“对Clubhouse的数百万用户,构成了直接的安全风险。”
可以想象,像Facebook这样社交巨头,收集的数据一旦用作非法用途,将对用户的现实生活造成伤害。Facebook等一众社交网站基本上了解你的一切:住在哪里,朋友是谁,喜欢或讨厌的产品,去哪里旅行,如何消费,如何思考,甚至从你的帖子、照片和行为模式中推演出的深层信息。
有意见认为,虽然公司依托个人信息打造看似贴心的用户体验,但会利用个人数据来策划内容,使用户处于一个影响日常现实感知的“回音室”中。如今公司正在面临最终审判,如何修改算法、改进数据隐私做法将决定其命运。
显然,仅有政策是不够的,公司还必须改变他们对用户数据的看法和经营方式。(财富中文网)
丹尼尔·巴伯是DataGrail的联合创始人及首席执行官。
译者:Transn
2021 has been the year of data privacy headlines, thanks in large part to Apple’s data privacy tool and Facebook’s resistance to it. Think TikTok’s move to acquire users’ biometric information, its $92 million settlement in a class-action suit alleging misuse of data, or when WhatsApp lost a massive number of users upon changing its privacy policy. Just last week, Robinhood released details that the personal information of 7 million of its customers was compromised.
Consumers are waking up to the fact that companies collect a lot of personal information about them. But they may not be fully aware of exactly how much data is being pulled or how it is being used.
To help people fully grasp just how much data companies have on them, Clario put together fascinating charts detailing which companies are gathering the most data and exactly what types they are collecting. It’s pretty eye-opening. But even with such information, we don’t have any real insight into how these companies use the data.
You’re going to provide Instagram access to your camera roll. By granting that permission, Instagram could gain more access to your library than you intended. What is it doing with all of your pictures? We have no idea.
Winners: Amazon, Apple, and Dyson
In a recent survey, customers said they trust Amazon most with their personal data, closely followed by Netflix. This suggests that a nice, customizable experience can go a long way in the effort to woo users to share information. No one wants bad Netflix recommendations, and shoppers love to see items curated to their tastes and interests as part of their Amazon experience. This level of personalization is worth sharing personal data. In this sense, Amazon and Netflix could be considered winners because their users don’t mind allowing access to data because of what they receive in return. Yet it feels a bit odd to call a company a privacy “winner” that was recently slapped with a record $886.6 million EU fine for violating rules on processing personal data, as Amazon was.
Apple is another company typically viewed quite favorably for its data privacy stance because it has endeavored to bring data transparency to consumers. If consumers dislike others’ opaque privacy policies, trust evaporates. But if they believe Apple, by contrast, is being transparent with them, the company will continue to be perceived as a privacy winner. However, information is surfacing which shows that companies have been able to skirt Apple’s guidelines by data triangulation and device fingerprinting. These stealthy techniques provide enough unique information to still identify your phone, what apps you use, and potentially provide insights into how to target you—and there is no way to stop it.
Other companies, such as Dyson, stand out as unexpected privacy trailblazers. On its privacy page, not only is there a message outlining Dyson’s privacy commitment, but the company also very clearly highlights what information it collects, why, and how Dyson protects consumers’ rights, in a manner that can be quickly and easily understood.
Work in progress: Robinhood
Many companies are trying hard to rectify very complex systems that integrate user information across a surprisingly high volume of applications.
Take Robinhood for example. A hacker was able to gain access to the personal information of 7 million account holders. Thankfully, data collected, for the most part, was limited to names and emails, which seems harmless enough on the surface. But hackers are smart, and knowing that these individuals are Robinhood account holders suggests a certain financial profile. Their names and emails can then be used by bad actors to target them in various email schemes that can harm unknowing customers. The problem is that hanging on to any data, even seemingly innocuous data, makes the organization enticing to hackers who are broadening their techniques with extraordinary speed and precision.
It could have been much worse. It appears Robinhood encrypted the most sensitive data to such a degree that even its customer response teams couldn’t view it. The company was also transparent about the attack and contacted authorities immediately.
Losers: Facebook, Clubhouse, and the social powerhouses
Clubhouse has very aggressive data collection practices. It’s recording your voice, your conversations, and a whole lot more, but where it really fails is that the company is taking next to zero precautions with that data. In fact, the Stanford Internet Observatory (SIO) found that Clubhouse was so careless with user data that it posed “immediate security risks to Clubhouse’s millions of users.”
Then you can look at cases like Facebook, where it’s clear that data collection practices cause another kind of real-world harm. Facebook and its other social properties know essentially everything about you: where you live, who your friends are, the products you love or hate, where you travel, how you spend, how you think, and much, much more based on your posts, pictures, and patterns.
One could argue that the company uses this information to create amazingly personal experiences, but it uses personal data to curate content, placing people in a bit of an echo chamber that affects their day-to-day perception of reality. Now the company is facing a reckoning. How it amends its algorithms and changes its data privacy practices will determine its fate.
What is clear is that just having a policy isn't enough. Organizations must change how they think about user data and how they conduct business.
Daniel Barber Is the CEO and cofounder of DataGrail.