Those headlines simply write themselves. If you claim to be concerned about data privacy and still largely relying on web services by tech giants (that’s Google, Microsoft, Apple, Facebook and Amazon) and social media platforms (X, TikTok, Meta and so on), your approach needs a rework. We seem to have reached a point where it is clear big tech doesn’t care about lawsuits, the settlements it has to dish out and the regular grilling sessions with regulators in the US, EU and other countries. Your web browser history, photos and documents stored on the cloud, the apps on your phone and how you use them or quite simply your message conversations, nothing is as private as you expect it to be. Some online services are better than others, but that’s the only silver lining to a dark, very dark cloud.
Here’s a snapshot I’d like you to contemplate. In December 2022, Facebook parent Meta agreed to a $725 million privacy lawsuit settlement for giving third parties access to data without user consent. This sounds similar to 2019, when Google and YouTube agreed to pay $70 million to settle a lawsuit by the US Federal Trade Commission (FTC) for collecting personal information of children using the services, without the consent of their parents.
Data irrespective of the user, weighed against millions of dollars.
In June last year, Microsoft settled a lawsuit for illegally collecting the personal information of children using the Xbox services without any consent from the parents, for $20 million. In July, another lawsuit for collecting user information even in Edge browser’s “private” mode. In January this year, OpenAI and Microsoft were sued by authors Nicholas Basbanes and Nicholas Gage for using their work to train artificial intelligence (AI) models without their permission. American author and comedian Sarah Silverman joined later.
In case you are wondering, Microsoft Edge’s web browser has a private browsing mode that, as the name suggests, shouldn’t be retaining any data that can be tracked. It is the same with Google’s Chrome browser too. Numbers by research firm TechMonitor indicate that between the years 2015 and 2021, $30 billion worth of antitrust fines too have been imposed on big tech companies.
The craving for data is relentless. Do you think that’s all for today? Just this week, a class action lawsuit filed against Google by users in 2020 accusing the tech giant of illegally collecting user data on the Chrome web browser in Incognito Mode, is nearing settlement: Google has agreed to destroy the data it had wrongfully collected.
Just when will this stop? Attempts have been made by regulators globally, in the US and now in an even stricter avatar, in the EU. Your answer perhaps is best summarised by American Senator Thom Tillis (R-NC) who said in January that these hearings have been happening for years, but nothing’s changed. And it won’t because the foundations of most popular web services (free to use too) rely on data you share, which is then monetized in different ways to serve you targeted advertisements. Remember Gmail, which wasn’t joking when launched on April 1, 2004? Fast email and 1GB cloud storage (then 100 times more than its rivals Hotmail and Yahoo), for free.
The caveat? Email scanning to serve you ads. There wasn’t an opt-out then, and there isn’t a true opt-out now, though methods have evolved across more services. Ecosystems, rather. Even if you pay every month (or annually) for a Google One subscription, the basics don’t really change. And it isn’t just Google or its broad range of services. Those uncannily precise advertisements on Facebook and Instagram about something you browsed on Amazon a few moments ago? That’s you being tracked.
Where we are, and where we’re headed
There have been some solutions incoming, such as Apple’s App Tracking Transparency across iOS for iPhone, iPadOS for iPad and macOS for Mac computing devices, that requires a user’s explicit permission to allow an app to track the user’s browsing and data across other apps and websites — if you don’t give that consent, the app is largely locked down. Those ads become less targeted. Google responded with Privacy Sandbox for Android last year, though the mileage you get will vary.
The occasion for Senator Tillis’ observation was a US Senate Judiciary Committee hearing at the turn of the year, summoning CEOs of social media platforms including TikTok, Snap, Meta, X. They had been called to testify on each company’s failure to protect children using their platforms. Meta’s Mark Zuckerberg apologised and confirmed an Instagram version for children isn’t in the works. Snapchat’s Evan Spiegel offered condolences to parents whose children were believed to have obtained deadly illegal drugs via the platform. TikTok CEO Shou Zi Chew pointed out that keeping teens safe online requires a collaborative effort and collective action.
Companies such as Proton are trying to create a privacy-focused ecosystem, complete with Mail, Drive, Calendar and a VPN, to give Google, Microsoft and Apple users an alternative. There’s also the DuckDuckGo app tracking protection available on Android phones, which blocks trackers on apps, to get a fair idea of what you’re up to. And for individual services, such as a VPN or virtual private network to keep encrypt your web activities to lock out snooping, there are worthy examples such as the ExpressVPN app that’s available across devices including smartphones, Mac, Windows, Linux and even installable directly on Wi-Fi routers.
A research by Security.org in February this year caught my attention. Web platforms try and collect your activity data such as search terms, browsing history, purchase activity online, videos watched, articles read and so on, which are then paired with unique identifiers including internet protocol (IP) addresses, device type, date and time as well as location, and often personal information such as name, username, email address and payment information. All this helps in creating an individual’s virtual profile.
If nothing else, the data privacy problem is only about to get worse. Generative AI tools, including chatbots such as OpenAI’s ChatGPT, Microsoft’s Copilot and Google’s Gemini are gaining rapid traction, and therefore by definition, the next hotbeds for data collection. It is not surprising that many organisations globally are restricting the use of generative AI tools on work machines, with the fear data may be leaked in some form to the cloud. When the US Congress stepped in late last week to ban the use of Microsoft’s Copilot on government-issued devices citing the threat of House data leaking online, you know things are serious.
Vishal Mathur is the technology editor for the Hindustan Times. Tech Tonic is a weekly column that looks at the impact of personal technology on the way we live, and vice-versa. The views expressed are personal.