Don't just fear the data hacker: Fear the data broker

Nearly 70 years after George Orwell introduced the concept ‘Big Brother is Watching You’ in the novel Nineteen Eighty-Four, the phrase remains synonymous with the idea of privacy invasion and government surveillance

In the years since Orwell’s warning, the real world has transitioned through substantial advances in information technology. In 2015, we are said to be in the era of Big Data, where data sets are so massive that traditional processing applications are outdated. Much of our personal data – email, texts, social media, mobile location data, shopping purchases, financial records, medical records – is out there, on some server, somewhere. But where is that data all stored? Who is protecting it? How is it being used or how could it be used?

A communication and digital media researcher at the University of Ontario Institute of Technology says data management and monitoring today is far more complicated than the concept of ‘Big Brother’.

“If all of our data is housed in one central location, and there is just one entity managing it and watching us, those wishing to effect change know exactly where to focus attention,” says Dr. Jonathan Obar, Assistant Professor in UOIT’s Faculty of Social Science and Humanities. “What's different about today’s state of big data, and the reputation management challenges we face, is that every sector of the global economy is now addressing big data questions, and doing so in their own way.”

If we are to protect our personal data, where do we begin? How do we manage it all?

“Within each sector of the economy, there exists a mosaic of big data approaches,” explains Dr. Obar. “Personal dossiers could be anywhere and everywhere. They could be different at one organization compared to another. As individuals, we could be on any number of data broker lists shopped all over the world. As I discuss in a working paper available on the Social Science Research Network, this makes data privacy self-management impossible.”

Take for example the activities of a group of hackers calling themselves The Impact Team, which in July 2015 claimed to have exposed millions of users of the infidelity-promoting website Ashley Madison in a bid to shut the service down. On August 19, the data (emails, credit card transactions, location information and more) was publicly released online (CBC News link). The company has called the incident a criminal act, not just an act of ‘hacktivism’.

“The Ashley Madison site hack is just one of a multitude of possible scenarios where individuals might have a reputation management emergency revealed,” says Dr. Obar. “It just so happens that the site promotes infidelity, so the general public probably looks at this and sees the result as justified. But what if hackers revealed data from another site or database that outed people in a different way that was also violating? The high profile 2014 hacking of an email server at electronics giant Sony (Reuters/CBC News link) provided yet another glimpse into how such an action can potentially ruin careers and lives.”

Dr. Obar also raises the question about how Big Data products contribute to eligibility decision-making and possible digital discrimination.

“While we sit at our computers worrying about hackers, ‘legal’ data traders known as data brokers are fuelling the Big Data boom, and contributing to data-driven decision-making at the bank, the insurance company, the supermarket, the university, the border and the police station. The next time you use your credit card or loyalty card, or allude to your sexual orientation in Google or Microsoft email, ask yourself if you would be comfortable with those data points being integrated into the Big Data mosaic. So we needn't only fear the hackers. The data brokers out there are just as, if not more, scary.”

Media contact
Bryan Oliver
Communications and Marketing
Ontario Tech University
905.721.8668 ext. 6709
289.928.3653
bryan.oliver@uoit.ca