/ Andreas Grote

Data leeches

When we are active online, we leave behind a data trail. There is a lack of transparency on which data social media companies collect. Cybersecurity expert Isabel Wagner explains the mechanisms and highlights areas where we should exercise caution.

The Swiss love social media: According to a survey conducted by Basel-based online marketing agency onlineKarma in April 2022, two out of every three people use social media daily or multiple times a day, and almost all teens fall into that category. Among the most popular services are WhatsApp Messenger as well as the social media platforms Facebook, Instagram, YouTube and LinkedIn; TikTok and Snapchat are very popular among younger users. Most users simply accept the fact that they are handing over data, preferences and background information about themselves and their friends and family to the platforms, which sell this valuable information at a profit.

I can see for myself what data I share.

No. Users see only what they post. But they also generate what is known as metadata. Service providers log when and how long individual users are active on their platforms, which devices they use to access the platform and the locations of those devices, what users read and click while on the platform, and what websites they visit before or after they log on. So, even users who do not post anything still produce metadata. These portals also evaluate the content of the text and images each user posts and reads. This generates a user profile, which is how the companies ultimately make their money.

But I don't even notice that they're using my data.

Yes, you do, but just not immediately. Users are conscious of the short-term benefits of social networks. But the user profile can have negative consequences in the long term. First, these platforms show users targeted advertisements based on their interests. In addition, they sell the information they collect to data brokers that, in turn, sell it on to companies, for example insurance providers or banks. These companies tailor their advertisement to target the specific user profile.

Sure, but I don't have to respond to the advert.

That’s true, but it does not protect you from negative consequences. The companies want users to remain on their platforms for as long as possible so they can continue to collect user data. To achieve this, they curate the posts that each user sees. For example, Facebook used to display newsfeed posts in chronological order, but now an algorithm determines who sees what based on their user profile to draw users’ attention to more monetizable content.

Privacy is a human right, but I still don't have control over my data?

It’s very difficult to control data. Too much privacy conflicts with the interests of the large social media platforms on a fundamental level. Their privacy policies provide only a vague description of what they do with the data they collect. Even deleting your account does not ensure that your data have actually been removed. Their overseas headquarters and the hype surrounding social networks play right into the companies’ hands. They can change their privacy policies to benefit themselves without having to worry about losing a significant number of users. If a particular platform goes bankrupt, users have almost no rights in the matter, as their data are considered company assets.

I can accept that – it's just my own data, after all.

No. Your friends and acquaintances are unwittingly affected, too. More and more platforms are now asking to upload users’ contacts to their servers after users join the platform. If I opt in, the company receives data about my contacts. When I tag someone I know in a picture I have posted or allow automatic facial recognition, I am giving away their data without their consent.

How can I protect myself against data theft?

There is no perfect solution. Open instant messaging services and social media platforms on a browser rather than using the mobile apps. This produces less metadata and you can install an adblocker. Ask for permission before posting pictures of others and tagging them in the photo. Reject cookies on websites or accept only necessary cookies. Change your browser settings to block third parties from placing cookies on your devices. Prevent hackers from stealing your data by using a different password for each of your accounts (and organizing your passwords using a password manager). Use alternative instant messaging services like Wire or Signal; these providers are transparent, secure and they save no user data (or anonymized data only) on their servers.

 

More articles in the current issue of UNI NOVA.