112
submitted 1 year ago* (last edited 1 year ago) by varsock@programming.dev to c/privacy@lemmy.ml

Below is a disturbing amount of information data brokers have ammased from buying your data from trackers in ads and apps.

"a staggering amount of sensitive and identifying information about consumers," alleging that Kochava's database includes products seemingly capable of identifying nearly every person in the United States.

... can access this data to trace individuals' movements—including to sensitive locations like hospitals, temporary shelters, and places of worship, with a promised accuracy within "a few meters"—over a day, a week, a month, or a year. Kochava's products can also provide a "360-degree perspective" on individuals, unveiling personally identifying information like their names, home addresses, phone numbers, as well as sensitive information like their race, gender, ethnicity, annual income, political affiliations, or religion, the FTC alleged.

... target customers by categories that are "often based on specific sensitive and personal characteristics or attributes identified from its massive collection of data about individual consumers." These "audience segments" allegedly allow advertisers to conduct invasive targeting by grouping people not just by common data points like age or gender, but by "places they have visited," political associations, or even their current circumstances, like whether they're expectant parents. Or advertisers can allegedly combine data points to target highly specific audience segments like "all the pregnant Muslim women in Kochava’s database," the FTC alleged, or "parents with different ages of children."

all 14 comments
sorted by: hot top controversial new old
[-] varsock@programming.dev 33 points 1 year ago* (last edited 1 year ago)

I feel so powerless, so hopeless.

Bills aren't being passed by lawmakers because like many of us who care about privacy, they have not heard about the abilities of data brokers and have no visibility into how rampant and disgusting and invasive their behavior is.

Friends and family I talk to don't care. "Oh well, what are they going to do, find me personally?"

I feel if people were able to look themselves up in these databases, they would fear it as well

[-] ACardboardRaven@lemmy.ml 12 points 1 year ago

Personally, I'm just waiting for a massive data broker leak to happen that involves politicians and other useless wanks like that. That'll really jump their bones.

[-] UberSgt@mastodon.social 7 points 1 year ago

@varsock Holy crap. I’m not the only one. Thank you! Outside of my coworkers no one seems to understand and say variations of the same think you mentioned. Scary.

[-] varsock@programming.dev 9 points 1 year ago

thanks.

The last gleam of hope I had was last year when John Oliver did an episode on data brokers. He in turn went and purchased data that would match congressmen in the D.C. area, along with their "interests." He jokingly threatened to release it (bc congressmen tend to act on an issue if it affects them personally). I thought that would be huge, everybody would see how rampant and invasive data collection would be. I was thrilled for a breakthrough.

but so far no movement, hasn't been released. I wonder if people wrote to John Oliver and his team if we will get an answer haha

[-] bobs_monkey@lemm.ee 3 points 1 year ago

More likely that the powers that be pressured HBO for him to back down.

[-] MasterBlaster@lemmy.world 4 points 1 year ago

I have the same experience. People think I'm wacko for caring about this stuff.

Bottom line: you can't fix stupid, and almost everyone is stupid.

[-] CrypticCoffee@lemmy.ml 15 points 1 year ago

Political associations is a real dangerous one. The fact the government could get access to information to who supports opposition parties in the wrong hands effectively end democracy in one term.

[-] guyrocket@kbin.social 9 points 1 year ago

Location services off. VPN on. Above average web browser.

What should I do next?

[-] venoft@lemmy.world 7 points 1 year ago* (last edited 1 year ago)

Never sign in anywhere, or at least with fake, temporary accounts.

When ordering things send it to a pickup point, not home address. Preferable by fake name, but hopefully they don't want to see your ID.

Use a privacy focused email server.

Clear cookies after you leave a website, install an addon to generate a fake random browser fingerprint.

Never go on any website where you enter your real name and address.

Be sure to renew your vpn public ip address often. Be sure you can trust your vpn provider.

Turn off WiFi and Bluetooth when going outside your house so they cant track you that way. Stores do that nowadays.

Avoid being seen by public security camera's.

Make sure your friends and family don't post and tag your face or name anywhere.

Hope your cellphone provider, isp, healthcare provider, etc don't sell your personal data.

Basically impossible to not get tracked at all, but you can get quite far.

[-] shreddy_scientist@lemmy.ml 7 points 1 year ago

Start using an encrypted DNS server! I'm a big fan of NextDNS, quad9 is solid in my book too. Above this, the next step would be to start using a degoogled mobile OS along with FOSS apps. Its a marathon, so making changes slowly but consistently is the best way to approach it 100%.

[-] Mikina@programming.dev 2 points 1 year ago

Get GrapheneOS, your mobile phone will be one of the best sources of data about you, and if you're on Googled Android or IOS, there's nothing you can do to stop google apps stalking you, which they have already had several lawsuits about doing it even when you disable it. GrapheneOS takes care of it by sandboxing google apps, so they can't do almost anything, along with really fine-grained permissiion control, i.e giving messenger access to only selected photo you want to upload, and nothing more.

As far as browser goes, I recommend Mullvad, and bundle it with their VPN. Not only can it be payed for by Crypto, it also means that almost every other VPN user will have the same browser fingerprint as you - fingerprint of the Mullvad browser, which is based on Tor browser and designed to be as unfingerprintable as possible, so it will be really hard to distinguish you using secondary fingerpriting, such as extensions or minor browser details.

Don't use Gmail or GDrive, ideally get your own NAS for file sharing and switch to something like Protonmail, which now also offers Drive. Get a domain that is vaguely company-sounding. Something like @techcorplimited.com, and create a catch-all email address, so any email sent to that domain will end up in your inbox. You can now use randomname.randomsurename@techcorplimited.com as your throwaway email address, and just randomly generate them for all services you use, while also making it believable to confuse even AIs.

Even when using VPN, don't sign into your accounts. You don't need to sign in to Youtube to tell it that it was you all the time, just remember your favorite youtubers and look for them by hand every time.

If you're really serious, look into https://www.qubes-os.org/

[-] autotldr@lemmings.world 3 points 1 year ago

This is the best summary I could come up with:


US District Judge B. Lynn Winmill recently unsealed a court filing, an amended complaint that perhaps contains the most evidence yet gathered by the FTC in its long-standing mission to crack down on data brokers allegedly "substantially" harming consumers by invading their privacy.

According to the FTC, Kochava's customers, ostensibly advertisers, can access this data to trace individuals' movements—including to sensitive locations like hospitals, temporary shelters, and places of worship, with a promised accuracy within "a few meters"—over a day, a week, a month, or a year.

Beyond that, the FTC alleged that Kochava also makes it easy for advertisers to target customers by categories that are "often based on specific sensitive and personal characteristics or attributes identified from its massive collection of data about individual consumers."

These "audience segments" allegedly allow advertisers to conduct invasive targeting by grouping people not just by common data points like age or gender, but by "places they have visited," political associations, or even their current circumstances, like whether they're expectant parents.

Instead, Kochava "actively promotes its data as a means to evade consumers’ privacy choices," the FTC alleged.

Further, the FTC alleged that there are no real ways for consumers to opt out of Kochava's data marketplace, because even resetting their mobile advertising IDs—the data point that's allegedly most commonly used to identify users in its database—won't stop Kochava customers from using its products to determine "other points to connect to and securely solve for identity.”


The original article contains 662 words, the summary contains 243 words. Saved 63%. I'm a bot and I'm open source!

this post was submitted on 08 Nov 2023
112 points (98.3% liked)

Privacy

32159 readers
621 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS