If you’re one of the millions of people whose data was illicitly used by Cambridge Analytica, you may be wondering how much of your digital footprint is available to Big Brother. According to our panel of NewtonX data privacy experts with experience at companies such as Facebook, McaFee, Palantir and government agencies, the answer is: all of it.
The emails you send, the people you message, the incognito tabs you open, and pretty much all of your demographic data (geographic location, age, gender, income, etc.) can be made readily available to various government agencies, privately held analytics companies, and even your boss.
At the government level, a large proportion of this spying is directly or indirectly done using Palantir technology — the Peter Thiel and CIA-backed analytics company that was originally developed for use by the government in counterterrorism efforts. The company overtook incumbent analytics giant, 12 Inc, after appropriating 12 Inc’s code over the course of four years (the case was settled for $10M, and 12 was sold to IBM in 2011). Today, Palantir is being used by the U.S. Department of Health and Human Services to detect Medicare fraud; the FBI to do criminal probes; the Department of Homeland Security to screen air travelers and monitor immigrants; and yes, most recently by Cambridge Analytica to harvest Facebook data in order to create targeted advertising campaigns for the Trump 2016 election.
Does this mean that privacy is dead? According to NewtonX experts, it’s a bit more complicated than that. While surveillance is par for the course in our modern life, the reality is most citizens are not being actively surveilled — until they do something that raises alarm bells.
The Perfect Storm of Three Factors Gave Big Brother Everything He Needed
According to a former senior level operations employee at Facebook, most people have a digital footprint that consists of thousands, if not millions of data points. This data is not relegated to the individual — any one person has a “web” of interconnected relations and histories with others, much of which can be easily gleaned through powerful analytics tools like Palantir.
Three factors influenced this: the proliferation of individual data (through social media, communication platforms, etc.), the reduction in cost of data storage, and the reduction in cost of computing data. This perfect storm allowed companies and government entities to surveil on large scales, and interpret massive swaths of data on any given individual.
This wealth of information, and of our ability to process this information, has contributed to widespread intelligence gathering. It’s not just the government doing the spying, either. According to a former insider threat team member at a global financial services firm, heavy workplace surveillance is employed to ensure compliance in most financial services firms. Analytics platforms surface unusual or suspect behavior by crawling a wide array of personal data including:
- Browser histories
- FOB or swipe used for building entry
- GPS locations from company-issued smartphones
- Camera footage
- Printer activity
- Download activity
- Transcripts of digitally recorded phone conversations
- Transcripts of messaging platform history (Slack, Hipchat, etc.)
The system can identify problems through keyword recognition or “at-risk” behavior, such as leaving for long periods in the middle of the day, or having a high volume of unread emails.
“If you’re willing to invest $5,000+ a day in surveillance, you can get pretty much anything on your employees,” explained the former insider threat team member. “But at most companies, the question is — why would you care about all that information?”
How much does big brother care? We ask the experts.
Sure, your data is out there for the taking — but who really wants it?
The NewtonX panel of experts agreed unanimously that while it may sound dystopian that authorities can collect such robust data on normal people, the reality is most authorities never look at your data. When it comes to workplace surveillance, enterprises are less concerned with spying on their own employees and creating robust profiles of all their users, than they are with business-specific problems. Even Palantir isn’t just for spying: Airbus uses it to track usage and maintenance and anticipate repair problems, while Merck KGaA, the pharmaceutical giant, uses Palantir to manage its drug development and supply chain.
There are only so many hours in a day, and only so much that any company wants to invest in surveillance. If you’re wondering if your boss is spying on you, the answer is almost certainly not. If you’re wondering if your boss could spy on you, the answer is almost certainly. For now, the question of legality around government and workplace surveillance as it relates to digital profiles is still unsettled — law enforcement officials tend to side with making it legal, while civil rights advocates argue that without a warrant tools like Palantir are an unlawful invasion of privacy.
For most people, the effects of surveillance are not tangible in everyday life, though. The NewtonX expert who previously did cybersecurity with McAfee put it this way: “The person who is tasked with analyzing employee data is always the bottleneck. There’s just too much information, and too many people, for it to really pay off in contexts other than, for instance, counter terrorism or predictive policing.”
That said, you may want to think twice before breaking the rules around anything digital — even Alexa has been contentiously called on for evidence in a murder trial. Is someone sitting around reading your iMessage group chat about where to go for dinner on Friday? No. But if you’re texting with them all day on your work computer and don’t meet a deadline, your boss very well could take a look.