Shadow contact information has been a known feature of Facebook for a few years now. But most users remain unaware of its reach and power. Because shadow-profile connections happen inside Facebook's algorithmic black box, people can't see how deep the data-mining of their lives truly is, until an uncanny recommendation pops up. [...]
Facebook warns users to be judicious about using all this data. "You may have business or personal contacts in your phone," the Learn More screen admonishes the reader. "Please only send friend requests to people you know personally who would welcome the invite."
Having issued this warning, and having acknowledged that people in your address book may not necessarily want to be connected to you, Facebook will then do exactly what it warned you not to do. If you agree to share your contacts, every piece of contact data you possess will go to Facebook, and the network will then use it to try to search for connections between everyone you know, no matter how slightly -- and you won't see it happen. [...]
The existence of shadow contact information came to light in 2013 after Facebook admitted it had discovered and fixed "a bug." The bug was that when a user downloaded their Facebook file, it included not just their friends' visible contact information, but also their friends' shadow contact information.
The problem with the bug, for Facebook, was not that all the information was lumped together -- it was that it had mistakenly shown users the lump existed. The extent of the connections Facebook builds around its users is supposed to be visible only to the company itself.
If this sounds a lot like Equifax to you, then you are, like, some kind of pattern-matching machine:
3. There are thousands of data brokers with similarly intimate information, similarly at risk.
Equifax is more than a credit reporting agency. It's a data broker. It collects information about all of us, analyzes it all, and then sells those insights. It might be one of the biggest, but there are 2,500 to 4,000 other data brokers that are collecting, storing, and selling information about us -- almost all of them companies you've never heard of and have no business relationship with.
The breadth and depth of information that data brokers have is astonishing. Data brokers collect and store billions of data elements covering nearly every US consumer. Just one of the data brokers studied holds information on more than 1.4 billion consumer transactions and 700 billion data elements, and another adds more than 3 billion new data points to its database each month. [...]
4. These data brokers deliberately hide their actions, and make it difficult for consumers to learn about or control their data.
If there were a dozen people who stood behind us and took notes of everything we purchased, read, searched for, or said, we would be alarmed at the privacy invasion. But because these companies operate in secret, inside our browsers and financial transactions, we don't see them and we don't know they're there.
Regarding Equifax, few consumers have any idea what the company knows about them, who they sell personal data to or why. If anyone knows about them at all, it's about their business as a credit bureau, not their business as a data broker. Their website lists 57 different offerings for business: products for industries like automotive, education, health care, insurance, and restaurants. [...]
6. The market cannot fix this because we are not the customers of data brokers.
The customers of these companies are people and organizations who want to buy information: banks looking to lend you money, landlords deciding whether to rent you an apartment, employers deciding whether to hire you, companies trying to figure out whether you'd be a profitable customer -- everyone who wants to sell you something, even governments.
Markets work because buyers choose from a choice of sellers, and sellers compete for buyers. None of us are Equifax's customers. None of us are the customers of any of these data brokers. We can't refuse to do business with the companies. We can't remove our data from their databases. With few limited exceptions, we can't even see what data these companies have about us or correct any mistakes.
We are the product that these companies sell to their customers: those who want to use our personal information to understand us, categorize us, make decisions about us, and persuade us.
Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.