As the cries for greater privacy of personal data grows shrill and Governments move to capitalise on public sentiment, new tech and regulations surrounding data harvesting promises a lot but still remains light on the detail.
By Archana Khatri Das
Leaving no digital footprint is becoming virtually impossible. Even if a user selects ‘incognito’ online or deletes all social media accounts, any online or offline activity can be traceable by data harvesters.
A Digital Harvester combs through an individual’s online or offline activity and collects data for predictive analysis. Every time a user clicks or posts online, browses a website, uses an email account to run an app, swipes a loyalty card or undertakes any other activity on the internet, digital harvesters use this activity to identify patterns, which is then sold to interested buyers.
Best known for reasonably predicting future trends based on variables within an emerging pattern, data harvesting, also called data mining, helps an organisation to develop targeted market and product research.
It is particularly in demand among professional service providers, FCMG, e-commerce, genetics, cybernetics, mathematics, crime and forensics, banking and finance and hospitality industries.
Companies involved in harvesting consumers’ online data lap up personal information like gender, screen name, age, language, email address, website address (if any) phone number, the city of residence, zip code, state, country, professional history, friends and followers on social media. Some firms dive deeper for psychographic data which includes combing through social media posts, tweets, comments, video views, likes, shares, recommendations, blogging, the frequency of using social media etc. to arrive at predictive analytics.
According to research, more than 70 percent of smartphone companies are reporting personal data to third-party tracking companies, with some exporting data to countries with weak piracy laws.
IBM recently predicted that due to a rising demand for data harvesting, more than 700,000 specialised job openings are expected to take place by 2020. It has also been reported that 2.5 quintillions of bytes of data are generated from different sources every day. According to a US Federal Trade Commission’s 2014 report, big data harvesting firms were holding as much as 3,000 data points on nearly every US every consumer.
As financial and business activities increase online, the role of big data in strategic planning is becoming more prominent.
However, incidents of data breaches are also on the rise. These episodes have raised questions about consumer privacy and indicate a trend towards misuse of data for malintent.
The use of data harvested by Cambridge Analytica on 87 million Facebook profiles for allegedly micro-targeting users just before 2016 US Presidential Election and the outcome of the British Brexit Referendum is alleged to have been influenced by targeted circulation of fake news in the lead up to voting. Experts are of the opinion that the growing trend like these indicates the potential for abuse or negative implications of data harvesting. The recent Global Data Protection Regulation (GDPR) enforced by the European Union – which came into effect in May 2018, is a major step towards putting the ‘right be forgotten online’ back into the hands of consumers.
How the GDPR could be enforced outside the EU jurisdiction remains to be seen.
There are currently 126 countries with a legal framework for protecting data. However, due to vested interests’ data protection laws appear to be a toothless tiger.
Nonetheless, industry experts claim big data harvesting is growing – and is still largely unregulated; using personal information and creating a psychographic profile without the individual’s consent is considered unethical. The Data Harvesting industry currently harvests data without consumer consent – with no disclosure on how, or to whom, a consumer’s personal data will be used.
The United Nations cited in its report ‘Data Privacy, Ethics and Protection Guidance’ that securing and enforcing compliance within data collection regulation is firmly on its 2030 agenda. The report affirms that big data is considered personal and sensitive, therefore the purpose of data collection needs to be defined, and adequate consent of the individual should be taken on how personal data is used.
Experts claim that even in developed countries like the US, data protection until recently, meant protection of social security numbers, banking account numbers and medical records. The US currently lacks a federal policy that would include enabling consumers to opt in or out of data harvesting.
The rise in technology like blockchain encryption or Social Linked Data (solid), promises to give netizens better control over their data. As there is no case law and the lack of precedence in relation to enforcement of the GDPR at present, it will be interesting to see when a case is brought forward how that might shape future data harvesting practices.