Part 1 of 3 Just because a technology or capability is possible, doesn’t necessarily mean that it should be done.
I wish more technologists and software firms heeded this maxim. Why? I’m seeing too many technologies that take advantage of others – often in ways that users are unaware of or fail to properly understand.
Let’s look at a few examples of technologies that already exist.
Discriminating HR solutions – Suppose you applied for a job but didn’t get it. In your mind, you might imagine a number of reasons why that happened. But, interestingly, you might have been dropped from consideration because the potential employer used a service to vacuum all sorts of data about you on the web. They may have gotten what they thought was your photo off of a social network site. From that picture, they may have decided that you are overweight, participate in dangerous activities, are promiscuous, are of a particular gender, color or sexual preference. The reliance on such information could be unfortunate or discriminatory but you’ll never know as the provider of such information is under no obligation to notify you of what they are sending and sharing with others. They don’t even have to guarantee that this information is even accurate. There are five people in the Chicago area that share my name. Is this firm sure they have the right one of me?
How bad can this be? It can be pretty bad as the data they collect is not verified and it may be out of context. For example, if someone reported that you were a participant in an online support group for Alzheimers, a prospective employer or insurer may decide to not hire or insure you as you may be a sufferer of this disease. In reality, you may be a kind-hearted volunteer helping people with this condition or maybe this is a disease that an in-law is suffering from. Either way, you got burned and you shouldn’t have. Companies that infer your future health from such data may not know that you're adopted and not prone to the genetically driven diseases of your parents.
Some vendors like to provide others with your Amazon Wish Lists and pages from social network sites. What is on my Wish List also includes things some Internet challenged neighbors and relatives want me to buy for them. How else could I explain that Willie Nelson CD-set? Social networks that let recruiters and others farm their data without disclosing this access to users should be flogged. Yes, people need to expect others will see what they post online but when access to third parties is opened up, shouldn’t users get a period of time to remove prior postings to prevent unintended access?
Many readers may have a PC at home that’s used by many people in the household as well as house guests. Advertising and web-tracking software cannot determine who is actually on the machine at any given time but that doesn’t stop tracking cookie technology from trying to identify consumers in your home. Frankly, anyone trying to make sense of things being viewed from our IP address would be wrong probably 99% of the time. Yet, this data is being sold to advertisers all of the time.
I know information of the web is inaccurate because I leave all sorts of inaccuracies out there. Just the other day, I received an email addressed to a non-existent person who supposedly lives at our home. A web service is scouring public data as well as mailing lists to find out who lives where in America. I laughed when three non-existent people were listed as living in our home. Incidentally, I created these personas just to see if Marketers would sell this information. They did and I should bust them for it.
I’m also aware of firms who trade in the prescription data space. This area is especially gray to me as many insureds have no idea that their prescription data is being sold to third parties unless they actively opt-out of this. Worse, this data can be used by health insurance firms to deny coverage to persons that are mistakenly presumed to have certain diseases. If you have restless leg syndrome, for example, you might take the same medicine for someone with Parkinson’s Disease. A person with Parkinson’s is virtually uninsurable but someone with restless leg syndrome should be eligible. When I first became aware of this practice, I spent a lot of time trying to find out what if anything any of these firms had on me. I still don’t know as these firms, unlike credit reporting agencies, are under no obligation to share with you the information they have on you or to make sure it is accurate.
Recently, I applied for replacement life insurance and was repulsed to learn that virtually every life insurer utilizes a co-operative data sharing organization that stores your medical information. The purpose of this is help insurers prevent you from disclosing a different medical condition story to a different potential insurer. However, you can’t opt out of this. You can’t stop them from putting this information out there and you can’t stop some neer-do-well from hacking their data base.
HIPAA is no help in protecting your health information as virtually any insurer or health care provider discloses that they share your information with all kinds of third parties. Once this data gets to those firms, you have no protection and no recourse. Once it’s out there, it can’t be clawed back.
My good friend Vinnie Mirchandani frequently tells me that privacy is non-existent in the Internet Age and I should get on with it. I would rebut that we only lose our privacy, our rights, etc. when we cease to fight for them.