Thursday, July 10, 2008

Reach for the tinfoil beanie - the snoopers are out there!

A version of this piece was published in Marketing in 2008

There are, I am assured, people who walk around wearing tinfoil on their heads because they’re convinced that aliens/the CIA/the government are beaming thoughts into their heads.

They are of course, barking mad.

As, we usually assume, are all the privacy activists who go on about CCTV, oyster cards and cookies.

Two years ago I wrote about AOL, who had in a rather spectacular goof, released data they held on the search behaviour of thousands of users. They claimed it was anonymous – but it took just one day for an enterprising newspaper to track down one searcher’s identity by deducing this from her searches.

The release caused a storm, as it turned out few people were aware just how much data was routinely collected about them.

Most search engines, for instance, keep a history of every search you make, with Google only deleting records over 18 months old. Websites keep logfiles, perhaps never deleting them, of which web pages you’ve visited, what you filled in on forms, what images you view.

And it’s this that’s now got Google into trouble.

Media giant Viacom, who have been in a long term dispute with YouTube over alleged copyright infringement, got a New York judge to order that Google (YouTube’s owner) hand over internet addresses, email accounts and a history of every video ever watched on the site.

The judge, Louis Stanton, dismissed privacy concerns as ‘speculative’.

But the consequence of this is that users of YouTube, which serves over 2.5 billion videos a month to 70m users in the US alone, are now exposed. Their personal media consumption is now something for Viacom to pore over, regardless of whether they had consumed content Viacom owned the copyright for.

And as some observers have pointed out, this would never have happened if Google hadn’t collected the data in the first place.

Meanwhile back in the UK, another, connected, story has resurfaced. I wrote back in February about the BPI’s efforts to get ISPs to spy on their customers on the BPI’s behalf, punish them for infringing the law, and provide evidence to record companies.

The BPI got quite upset about this, calling my observations “quite wrong”, and claiming I’d recycled the information from the Times. They wanted to set the record straight, as they expected this story to run and run.

I had in fact got the information from the BPI’s own website.

But I quite wrongly expected this story to go away. It seemed to me that nobody would be so daft as to think they could build a business by suing their customers.

It seems though, in this I was wrong.

Last week, Virgin Media started sending out letters to customers that the BPI had identified to them, telling them that filesharing copyright files is illegal. Virgin’s view is that they’d resist cutting off consumers, preferring an education campaign.

But at the same time, the BPI sent out letters to the same users, threatening “We don’t want you to face legal action, or risk losing your internet service”.

Though I don’t download music, I do expect my ISP to guard my privacy. Moreover, I don’t think it’s any of their business what I do with my internet connection.

Just as I don’t expect the post office to read my mail or BT to listen to my phone calls, I don’t expect an ISP to snoop on my internet connection without a court order compelling them to.

Carphone Warehouse told the BPI to sling their hook – Charles Dunstone described how the fax machine in his office, unused and forgotten for over a year, ground into life to receive a fax from the BPI requesting their cooperation. Good for him.

At polar opposite ends of the modernity scale, Google and the British Phonographic Institute. One cavalier with our privacy, the other trying to get others to invade it on their behalf. I’m reaching for the tinfoil…