Last week, it was reported that a Dutch student (Shawn Buckles) held an online auction to sell a bundle of his personal information because he felt that most of his “personal” information was no longer owned by him due to his past online activities. He pointed to many online user agreements that he felt transferred his rights to various companies that collected and stored his data. Although there were more than 40 bidders, the student reportedly sold his “data soul” for about € 350 (about $485 (US)) to The Next Web, a technology news company that plans to use it at an upcoming conference on privacy. So what did The Next Web acquire? According to Mr. Buckles’ website, he sold his “personal profile; location track records; train track records; personal calendar; e-mails; online conversations; consumer preferences; thoughts; and browsing history.” This stunt does not appear to be the efforts of a starving student grasping for spending money. Rather, he appears to have an agenda as he also posted what he describes as a “Privacy Pamphlet” on his auction site in which he proclaims, among other things, that “[o]ur privacy is at stake.” While it is certainly not earthshattering that online companies routinely collect our data for various reasons, Mr. Buckles has touched on a sensitive issue. More and more generations are accessing the Internet and as such, people need to be properly informed about the amount of information that is being collected about their online activities. Privacy remains an important priority for the FTC, but the Internet is the wild west and the agency has limited resources to monitor it. While I can appreciate Mr. Buckles’ point, I don’t necessarily agree with the method in which he conveyed his message. For example, I wonder if he redacted the recipients’ contact information from his e-mails or online conversations. If not, then didn’t he commit the same sin that he complains of in his online missive- he used someone’s online information for his personal use? Hopefully, he took steps to address this concern and obtained their consent and/or redacted their identifying information.
My children often use my iPhone to ask Siri the most bizarre questions. No matter what the question, however, Siri always seems to have an immediate answer. Had I thought about it in any detail, I probably would have figured out that there was some form of back end data gathering/analysis being performed in order for this to have happened. Yet, I must confess that I had no idea that my Siri voice requests were being gathered, analyzed and more importantly, stored for any length of time. Late last week, it was reported that Apple disclosed just how long it keeps this data- 2 years. Apple allegedly anonymizes the data by assigning random numbers to represent the user and associates the voice request files with that number. After 6 months, Apple allegedly disassociates the number from the voice file. The disassociated files are allegedly kept for up to another 18 months for “testing and product improvement purposes.” If Siri is turned off, the associated data is allegedly deleted. I was so spellbound by the technology that I forgot to inquire about the related privacy issues. The ACLU is pushing for greater disclosure of Apple’s privacy practices on its Siri FAQ page. Meanwhile, hopefully Siri can keep a secret.