On some level, we all know that our devices are watching us. When it comes to Google Home or Amazon Echo, we embrace the fact that a giant tech company listens in on what we say. It’s transactional—they get a little personal data, and we get a little personal convenience.
But when we wrap our heads around the data that we let them harvest, we often think too big. It’s not just the obvious smart devices in our home that are learning about us in a (hopefully) benevolent way. The small, mundane and simple devices are watching us, too.
In this article, I’ll go over a few unexpected services and devices that collect your personal data. Check it out—you might be surprised.
1 – Your Internet Service Provider
We all know that browsing the web in Incognito Mode or Private Browsing Mode is a great way to shop for gifts for household members without leaving traces of your browsing history on your computer. But your ISP will always know which websites you visit. And you’d better believe they keep track of that.
In much the same way your phone company knows every single phone call you placed, your ISP gathers data on your internet activity. Typically, this is done anonymously for marketing purposes. Your ISP can use your browsing data to inject ads into web pages your looking at. Or, they can simply sell the anonymized data to a marketing company.
To protect your privacy from your ISP, choose an ISP that promises in their terms of service not to do this. LOL just kidding, I know there’s a monopoly on ISPs and you probably only have one or two to choose from that are exactly the same. To anonymize your data from your ISP, you can use a virtual private network (VPN) service.
Read our previous article to learn why Everyone Should Use a VPN to Protect Their Internet Privacy.
2 – Your VPN Service
Hey, wait didn’t I just tell you that you needed a VPN service to protect your privacy from your ISP? And now I’m telling you that your VPN service is spying on you?
I promise I’m not messing with you.
See, all VPNs are not created equally.
Some VPNs are paid.
Some VPNs are free.
Some VPNs are set up by your company’s IT department for business use only.
Some VPNs are commercial products that anyone can sign up for.
Some VPNs protect your privacy.
Some VPNs collect your data in exactly the same way your ISP does.
It’s just a matter of putting your privacy in the hands of an ISP—likely a giant telecom conglomerate–or a VPN, which could be run by two guys in a garage in Frobnia.
The takeaway: choose your VPN service wisely.
Many companies will tell you that they don’t track you or store your personal data or sell your soul to marketers. But London Trust Media, the company that runs PIA, actually had that claim put to the test. In February 2016, the FBI ordered PIA to hand over data about one of their customers who was being investigated for bomb threats. However, according to court documents, “the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States.” That’s a pretty good sign that PIA means what they say.
3 – Your Smart TV
All the privacy concerns that apply to your smartphone and your computer also apply to your smart TV. This is especially true if your smart TV comes with a camera and a voice recognition feature.
The Washington Post ran a piece on the different ways TVs can spy on you and the various ways that companies like Vizio, LG and Samsung have landed themselves in trouble. Some highlights:
- Vizio paid out a $2.2 million settlement after the government dinged it for its “automatic content recognition” features. Vizio was collecting data on what users were watching without giving them a clear enough opportunity to understand this practice and opt out of it.
- Samsung came under fire after it was revealed that conversations within earshot of the TV could be transmitted to third-parties.
- LG was criticized for sending private data to its servers even when TVs were turned off, including channel information, broadcast source data, TV platform information and even data from connected USB sticks.
The typical manufacturer response to such privacy concerns is not to remove these data collecting “features,” but to give users a more prominent opportunity to opt out.
My first advice to you would be to not buy a TV with a camera or a voice recognition microphone in it. (This especially applies to you, hotels and vacation rental units!)
If you do buy a TV with internet connectivity, take the time to read through what you’re opting in to. The names of the services and how they describe them often change and aren’t always clear. For example, Vizio’s data collection service is called “Smart Interactivity.” Samsung has a program called “SyncPlus” which basically exists to serve you ads.
So, if you can “Decline” something and still have your TV work, it’s not a bad idea.
If you’ve had your TV for a couple of years, it’s also a good idea to delve into your settings and see what’s enabled. If your TV was purchased before the manufacturer took corrective actions, you may have these data collecting services enabled by default.
4 – Windows 10
We spend a lot of time focusing on which search engines, web browsers, and apps track you. But don’t forget that your operating system can keep tabs on you, too. Even before you fire up a web browser, your Windows 10 computer collects data about you in order to serve you ads right on your desktop. There are ways to change how Windows 10 tracks you, but if you are using the default settings, it’s worth your time to understand how much Windows 10 spies on you.
5 – Fitness Trackers
My company-sponsored health care plan offers me cash incentives for taking steps towards overall fitness and health. One of the ways to “earn points” in this program is to link a fitness tracker to my profile. I went ahead and did this with my FitBit. But there’s part of me that wonders if this was a bad idea.
This means that the institution that determines whether or not I have health coverage, how much my rates should be, and whether or not certain claims will be covered now has detailed information on how much I exercise, how much I sleep, and, if I were to use the feature, how much I eat and drink.
The hypothetical concern is that my insurance company could use this information to deny me coverage. Seems crazy, but I’m not the first to consider this possibility.
Right now, my insurance plan is positively incentivizing me to exercise and eat right on mostly an honors system. But what if it goes the other way?
What if they were to charge an exorbitant starting rate, and only reduce it if I could prove I was getting eight hours of sleep and exercising 20 minutes a day?
Or what if they denied my claim for blood pressure medicine because I admitted that I had eaten McDonald’s three times a week?
6 – Your Shopping Loyalty Cards
It seems like every brick-and-mortar store and restaurant has some sort of loyalty program you can sign up for. In exchange for creating an account and getting endless junk emails from them, they toss you a free drink or a couple cents off your gas every now and then. And what do they get in return? A detailed record of everything you buy. They get to see how influential their little emails and targeted Facebook ads are. They can see what kind of Ben and Jerry’s you buy to soothe your seasonal affective disorder. They can take all this data and use it for their own purposes or sell it to the highest bidder.
And that can all be done with something as low tech as a barcode you scan on your phone or a tag you attach to your keychain.
Even if you don’t sign up for the little key tag, they can sometimes track you by tying your purchases to your credit card.
That may not seem like a big deal, but once you aggregate all this information with all the other data that’s floating around out there about you, it can paint a surprisingly accurate picture of you, your household, your eating and health habits, your income level, etc.
For further reading, check out this article: Are Supermarket Loyalty Programs Worth Your Privacy?
7 – Any and All Appliances that Require an Account
A few years ago, you wouldn’t find a following more evangelical than Apple’s fanboys. Sous vide cooker maker Anova almost gave Apple a run for its money in terms of rabid customer loyalty, until they made a huge mistake. They rolled out an update to their app that required users to create an account with their personal information just to use the cooking appliance. The fans turned quickly. Anova quickly corrected course, but it raises awareness about overbearing, seemingly simple appliances that have no business knowing your business.
Think about your smart thermostat, your WiFi connected washers and dryers, your Ring video doorbells, and your internet-enabled refrigerator. If you’ve ever logged in to interact with these devices, then they could be collecting data about you. Again, while it may seem innocuous on its own, the aggregate data could amount to something more. Your thermostat will know when you’re home and when you’re away. Your doorbell can see you come and go. Your fridge, well I still really don’t know what the point of that is…
So, why am I telling you about all of this? I’m not making the case that you should unplug entirely from technology. Nor am I saying that companies should never collect personal data about their users.
The point is simply to make you aware of all the different ways that your devices are collecting your data. From the seemingly simple to the obviously high tech, the devices that inhabit your home, your car, your workplace, or your coat pocket are always gathering little bits of information about you. The fact that this cloud of information about you exists out there may not be immediately harmful to you right now. But as technology improves and the risk of the data falling into the wrong hands increases, that may change.
Consider the paper shredder. Once upon a time, you would rip up a credit card bill and throw it in the trash. But then dumpster divers could easily piece it back together with some tape and about five minutes of effort. Then we got the straight cut shredders, which slowed them down a little. Now, we have cross-cut shredders which are great, but with a scanner and some software, thieves can piece that together now, too.
The tiny bits of data floating around are much like those ever-smaller shreds of paper we try to obfuscate from prying eyes. With enough shreds, the right algorithm, and all the time in the world, there’s hardly anything a determined data miner can’t know about you. And there are companies that are doing this right now, on a big, big scale. Think of it like Equifax, TransUnion, and Experian, but not just for your credit report—for everything. You may remember a company called ChoicePoint in the news awhile back, that got fined by the FTC for selling in-depth consumer dossiers to shady businesses. And the only reason we really know about ChoicePoint is because of this scandal.
Okay, I think I ended this on a low note. Let’s perk things up in the comments!
How do you react to the realities of data collection? Do you take action? Or do you feel powerless? Share your thoughts in the comments.