After his family was severely stalked using commercially available online data, a ZDNet reader emailed to ask if there's anything he can do about the lack of a legal safety net for victims.
The experience revealed to our reader just how much personal information is available to anyone and is readily used for harm, thanks to the proliferation of personal data by for-profit corporations.
He told ZDNet that his family was surprised to learn how easy -- too easy -- the personal data monetization industry makes stalking and harassment.
His unsuccessful experience trying to get help from law enforcement only compounded his family's ordeal.
I have been reading some of your articles about online privacy. My sister-in-law is a victim of extreme harassment and stalking by her ex-husband, this was an eye opener to all of us that our information was so public online.
After researching more about this, it is extremely disappointing that there are no laws being drafted or even talked about in congress for this serious privacy issue.
I was wondering if you know of any proposed bills I can support or politicians I can contact to help push for more protection of American citizens.
While researching his question further, I emailed to offer support and understanding. I also asked permission to relate his question publicly.
Our ZDNet reader responded, saying that he'd shared my email with his wife, and she was moved to tears. "She was just happy that someone would listen, as so many people in our experience, including law enforcement will not listen or act when it comes to stalking or protecting privacy."
It is such a irresponsible thing to publish public records online and terrible that people actually make big profits off of this as well.
I want people to start talking about it and if you can contribute another article at least others will be able to relate to my family's situation and know they are not alone.
I would also hope that if more people are aware, that some kind of action can be done to stop this.
Attorney Erica Johnstone, Co-Founder and Vice President of Without My Consent told ZDNet, "Once the information is out there, and the information is being misused to harass and stalk, then, the recourse will vary from state to state."
Johnstone explained that when facing online stalking and harassment,
Victims should look to state stalking and harassment laws and consider whether to file: (1) a domestic violence restraining order (if there’s a prior dating relationship between the perpetrator and the victim); or (2) a civil harassment restraining order (if not); or (3) a civil lawsuit.
Second, this strategy has the added benefit of teeing up a criminal case because law enforcement are likely to take the violation of a restraining order seriously, whereas the initial complaint might have been ignored.
It's scary to contemplate our lack of control over what happens to our personal information online. It has been literally terrifying for our reader and his family, who related that no authority seemed to understand the psychological implications of what his family is going through.
Ms. Johnstone addressed this, suggesting our reader consider work that revises abuse definitions to include emotional abuse, in light of inadequate stalking laws.
Join the teams that lobby the legislature for adequate laws. For example, if your state does not recognize emotional abuse as a form of domestic violence, then contact your state’s branch of the National Network to End Domestic Violence (NNEDV), and join the team working to revise “abuse” statutes to include emotional abuse.
If your state’s stalking law is inadequate, then contact the National Center for Victims of Crime to learn about the State Model Stalking Code, and how you can volunteer to bring those revisions to your state.
Tell your state government that the prosecution of technology-related crimes is an issue that matters to you. Contact your state’s Attorney General and let him/her know that the residents of your state believe privacy matters. Begin a dialogue in your state. There is already a model in place, developed by the state of California. In 2011, the California DOJ created an eCrime Unit that: (1) trains police and prosecutors in light of new technologies; and (2) prosecutes criminal online invasions of privacy, among other crimes.
Unfortunately, we're probably not going to get much help for our predicament on a Federal level.
The new White House Report on Big Data and Privacy, released this month, recommends that data collection be left alone in regard to policy -- that data collection should continue as-is.
The President's Council of Advisors on Science and Technology (PCAST) put the report together. PCAST is the President's handpicked consultants on technology and policy, including Google's Eric Schmidt. (Google had more people involved in the report than any other company; Google's Eric Grosse and Peter Weinberger were brought in as "additional experts.")
PCAST told the President its first recommendation is "Policy attention should focus more on the actual uses of big data and less on its collection and analysis."
From the report:
PCAST judges that alternative big‐data policies that focus on the regulation of data collection, storage, retention, a priori limitations on applications, and analysis (absent identifiable actual uses of big data or its products of analysis) are unlikely to yield effective strategies for improving privacy.
(...) The related issue is that policies limiting collection and retention are increasingly unlikely to be enforceable by other than severe and economically damaging measures.
Your privacy and personal safety hurts their bottom line
The online information used to terrorize our reader's family is the result of what many regard as the online data dealing industry spinning out of control. Monetizing user data is a business that made an estimated $40 billion in 2013, of which Google comprised 40%.
How the commercial data sellers (such as "people finder" sites) get your personal information has a methodology that exists in a legal twilight.
All the online companies we have contact with are feeding the data sales industry. Your public records are obtained and combined with your data that has been bought, sold or traded from social media sites, apps "monetizing" user information, as well as online stores and companies selling anything they can to third-parties (like ad networks). Then it's sold on any number of websites such as Spokeo -- though there are hundreds of such sites.
We're persistently tracked, bought, and sold out the back door of every social media platform as a speculative commodity. Google's majority revenue is from selling ad data, and few people ever believed that Google Plus and its role in Google's sign-in unification was anything more than a pretense to collect more of our data.
Gone is the system of public records requiring in-person access, a predication of maintaining our privacy. Also gone is the individual's ability to exercise refusal. Refusal was once a way of "staying out" -- labor strikes, product and establishment boycotts, and refusal was a functional exercise of individual rights and agency when it left critical parts of your life unaffected.
At this time, there is no way for an ordinary individual to completely refuse data collection and the sale of their information while using the Internet.
Ms. Johnstone told ZDNet that readers should engage in privacy self-defense regardless of their situation, and to consult this blurb on privacy and consumer profiling for information.
It’s with this sentiment I also sent our reader a copy of my ebook guide to online privacy self-defense. He said his family was putting it to use.
Like him, I still lie awake at night wishing there was more I could do.