Data Digest № 006

Data Digest ¦ April 22nd, 2019, 11:00 pm

Hey there and welcome to the sixth edition of the Datawallet Data Digest, summarizing all the news you should be aware of in the space of data.

Even data on new mothers and babies is now being sold

Becoming a parent is certainly one of the most intimate experiences anyone can have. At these times, a young family is looking for trusted sources of information, baby supplies and more — one of which has been Bounty, a company that has been providing information packs and baby goody-bags to pregnant women in the UK since 1959.

But why would you waste the opportunity to take part in the billion dollar data brokerage market if you’re already sitting on such valuable, sensitive, and highly informative data, such as birth dates, gender and addresses of infants, as well as names, addresses, pregnancy status, and other details? So Bounty, which operates as part of National Health Service hospitals in the UK, shared millions of records with 39 different credit reference and marketing groups over a 10 months period with more than 30 million records shared with Acxiom, Equifax (remember them? Great at keeping records secure), Indicia, and Sky alone. Individual records were frequently sold to multiple customers, in some cases up to 17 times.

For this, the Information Commissioner’s Office now handed Bounty a £400,000 fine. As Steve Eckersley, the director of investigation put it:

The number of personal records and people affected in this case is unprecedented in the history of the ICO’s investigations into data broking industry and organisations linked to this.”

If you think your most intimate data is secure, think again.

Personal data on new mothers and babies sold to third parties

Baby ‘goody bag’ provider Bounty fined for sharing records gleaned on NHS wards

NY Times’ amazingly creepy experiment

“The accuracy and speed of modern facial recognition technology means that building a dragnet surveillance system is now feasible.”

The NY Times ran an incredibly creepy, yet incredibly legal experiment: they used public video data of Bryant Park, ran it through Amazon’s commercial facial recognition service, and were able to identify 2,750 people, all for about $60. The article discusses the current video surveillance in NYC and the lag between facial recognition tech and regulations and/or bans of its use.

Opinion | We Built an ‘Unbelievable’ (but Legal) Facial Recognition Machine

What we found shows the technology’s promise — and perils.

US Senate goes after “Dark Patterns”

Dark Patterns are “manipulative user interfaces [that] intentionally limit understanding and undermine consumer choice,” most commonly found on social media platforms, but can also be found on a wide range of websites and services. If it sounds bad, consider that it’s such a contentious issue that Republican and Democratic Senators are actually working together on a bill to restrict such practices. Regardless of whether that bill passes or not, we urge you to be mindful of the annoying prompts and convoluted practices used to get at your data.

Senators Introduce Bipartisan Legislation to Ban Manipulative 'Dark Patterns'

U.S. Senator Mark R. Warner

Multiple apps from Google’s Play Store steal data and defraud advertisers

Apps that request access to data they don’t need are not new, but the scale of this recent discovery is a little scary. More than 90,000,000 downloads between six apps, from Chinese developer DO Global, that committed ad fraud (faking clicks and engagement) and received ridiculous levels of access into people’s phones like recording other app downloads and constant microphone access while in use. Google has since removed these apps from the Play Store, but in many cases the damage is already done — user data has been collected and stored in servers around the world. Be careful with your data folks.

Popular Android Apps From A Major Chinese Developer Were Caught Committing Ad Fraud

Following a BuzzFeed News investigation, Google removed six apps from the Play store that belonged to a major Chinese developer.

City of Los Angeles is buying your cell phone data to build a new public transport system

How the data you produce is constantly being used (with or without your knowledge and with your live improving because of it or not) shows another example from LA. With ridership on the city’s bus system plummeting, the transit agency is looking to redesign it — with the help of location data from about 5 million cell phones.

Now, a city wanting to provide a better transit system to its inhabitants and using technology (not only surveys and ticket data) to research where the biggest need is doesn’t sound too bad. But if they use the data of 5 millions cell phones from the area it starts to get a little creepy. Now, don’t get me wrong, the city did a lot of things right handling that data:

Cambridge Systematics, a transportation consultancy, acquired the kind of location information your phone continuously produces — from every app you didn’t say “no” to. The data was “hashed” so that researchers could connect geolocations (at a resolution of about 300 meters) to a device but couldn’t link the device to a phone number or a number to a person.

But, this is just another case of the data we all produce being scooped up by centralized data brokers, repackaged and sold without our knowledge. With these data brokers not having the best track record of keeping our data secure…

LA’s Plan to Reboot Its Bus System—Using Cell Phone Data

Ridership on the city's bus system is plummeting, so the transit agency is redesigning it—with the help of location data from about 5 million cell phones.

Top EU official urging the US to adopt strict data privacy laws

Finishing with some positive news: After EUs “adequacy” agreement with Japan, which allows businesses to freely transfer data of European citizens to Japan since there is a similar robust legal privacy system in place, Europe’s top privacy official has urged Donald Trump’s administration for similar laws.

With US lawmakers debating plans for a federal privacy law, following California’s passing of their own landmark digital privacy regulation (that followed a many scandals of the Facebook), EU commissioner for justice Vera Jourova, said: “A fully fledged federal law would enable us to see things which are hardly seen now. For instance, the clear recognition of the protection of privacy as a fundamental right [in the US], the categorisation of sensitive data, and a more comprehensive approach to privacy.”

Amongst the high profile advocates for a GDPR-like regulation in the US are Apple’s CEO Tim Cook and also nowadays Mark Zuckerberg (we know why). So here’s to hoping digital rights will improve for all US citizens soon.

Subscribe to read | Financial Times

News, analysis and comment from the Financial Times, the worldʼs leading global business publication

That wraps this edition of the Data Digest. See you next week.


Get the Data Digest in your inbox