“Octopus sold personal data of customers for HK$44”’ was the headline in the South China Morning Post, 27th July 2010. Octopus is the name of the extraordinarily successful stored-value chip-based card in Hong Kong that is used by just about everyone for a broad range of services such as transport services, retail shop purchases, library services such as photocopying, as an entry key to apartments, and many more. It can be linked to your bank account such that it automatically tops-up when down to the last few dollars. The possibilities are endless. Like all smart cards, it could be programmed to hold public or private information, for example, essential health information such as blood type, allergies, etc. And that’s where the problems begin.
The personal data, even when stripped of identification, can give vital signs of gender, shopping routines and routes, expenditure items, and so on. If the health data was available, it could feed the health insurance industry. To gather shopping routines and expenditure data, Octopus offered discounts to card holders who signed authorization forms allowing their data to be stored by Octopus in their database. What Octopus did not do was to ask card holders for permission to sell their collective data. The subsequent scandal forced the CEO to stand down.
But the moral of the story is not that selling data is wrong, only doing it without consent is wrong. And the reason why it is wrong is not only because each individual should have the option to ‘opt in’ or ‘opt out’ (modern ‘nudge’ theory would point out – the obvious – that the ‘opt in’ option will make people think more carefully) but because even aggregated or ‘anonymised’ data can quite easily be unwound using Big Data and analytics software to identify individuals. Thank personal websites, blogs, Facebook, Twitter and the rest of social media for that. So unless an individual has ‘opted out’ or not ‘opted in’, their data is already in the mix somewhere ready to be separated out.
In this regard we have to thank hackers, and of course the likes of Mr Edward Snowden for warning everyone that cyber space, and especially cyber sex, is often like Hollywood – rarely real and frequently compromised. The Ashley Madison cheating spouses website is an excellent example. Forget the morality issue, that’s beyond this discussion. Gizmodo writer Annalee Newlitz,[1] analysed the data made available by the hackers and two discoveries are particularly interesting. First, less than 10,000 women had ever responded to a message from another person on the site, against almost 6 million men, so the balance of ‘cheating’, at least on this site, was male-dominated in the extreme, although the site operators dispute the figures. Second, there were 80,805 profiles that ended in ‘ashleymadison.com’ and that 90% of these were assigned to women, implying they were fakes made up by the site itself. This issue is not a recent one according to Ms Newlitz. “A few years ago, a former employee of Ashley Madison sued the company in Canada over her terrible work conditions. She claimed that she’d gotten repetitive stress injuries in her hands after the company hired her to create 1,000 fake profiles of women in three months, written in Portuguese, to attract a Brazilian audience. The case was settled out of court, and Ashley Madison claimed that the woman never made any fake profiles.”
The ‘outing’ of users of the Ashley Madison website is having tragic consequences, resulting in some suicides and no doubt many broken relationships. But to avoid moral humbug, the reality is that everyone can be stupid or unaware of the dangers that lurk in a data-dominated Internet world. By selling data, whether legitimately or not, we all enjoy “free” services, and selling data is rivalling the selling of ads as a source of revenue. Indeed, the selling of data makes the selling of ads more focused. It’s the harsh reality. Equally sex sells and society does not know how to cope with the consequences. Could it be that like ‘open source’ and ‘open data’, ‘open relationships’ will become ‘trending’ – relationships where both partners ‘opt in’ without guilt. Is that in the post ‘Sex and the City’ / the Miley Cyrus generation; will they become inured to the Brave New World of data. [2]
[1] https://gizmodo.com/almost-none-of-the-women-in-the-ashley-madison-database-1725558944
[2] Maybe, maybe not. According to a recent survey by KMPG Media Tracker in the UK, 97% of 18-24 year olds say they would not share their personal data with third parties “no matter what the potential benefits of doing so might be.” Cited by Disruptive Views https://disruptiveviews.com/oh-oh-almost-no-one-wants-to-share-their-data/?ct=t%28DisruptiveVIews_Daily_Update2_17_2015%29
