Essays on Technology and Culture

Mindful Tech, Part 7: Our Data Trails, Ourselves

How many accounts are you signed up for across the web? In my 1Password vault, there are over 300 individual logins, and I’m almost certain that I haven’t logged in to more than half of them in at least a year. Maybe I deleted the account, wherever that’s an option, and left it in 1Password. Likely, it’s just an account I can’t be free of. It’s bothersome just how few websites that require a login don’t have a way to delete it.

All of these unused, idle accounts present a risk. They’re part of a data trail that contains Heaven knows what on me. I can measure a guess, though: contact information, work history [1], health data, financial data, and who knows what else they’re correlating any of it with. Even with good password hygiene—I do use 1Password, after all—a data breach could be devastating. I know that I have been pwned three times. At least, that’s the ones I know about…

We often don’t think about the trails we leave behind as we traverse the web, except whenever the last fiasco brews over what Facebook, Google, et. al. are doing with our data this time. Then there’s a little bit of righteous indignation, maybe updating our ad blockers, and then going back to sleep until the next outrage. Sure, we think we’re immune from whatever invasive technological development is being used to spy on us, but when was the last time you thought about the data you willingly gave up?

Getting a grasp on the data we spill out, let alone what it’s being used for, is difficult by design. It’s part of the special sauce that makes the companies money. Google, to its credit, has a page where you can see the profile it’s built on you. And, you can at least opt-out of the worst of it. Facebook, not so much. And all of this comes before the other services that track you, online and off. Companies like Acxiom, Experian, and Equifax. These don’t exist in a vacuum. Opting out of these services, too, is possible, if difficult.

Let’s bring it back to digital data trails. Jacoby Young has a small series of interviews—including one with me—where people audit how much they use the Big Five tech companies. Taking his interview gave me a chance to take stock of where I am on a process I started a year and a half ago to wean myself away from services I can no longer trust with my data. Trust, for me, is a matter of understanding what I’m getting out of the data I give up in exchange for the product. In the case of Google and Facebook, the two services I want to use least, I’m struggling. Yet, I’m still tied to both platforms for multiple reasons.

Even the services I trust can be porous. I use the Health app on my iPhone as a central depository for data on my physical body. Apple’s implementation of Health on the iPhone is extremely secure: encrypted and inaccessible to Apple in any form. Until recently, Apple didn’t even include Health data in encrypted iCloud backups, which took security a little too far. In any case, I’m happy to trust Apple with my health data. The apps that feed into it, however… I can assign and remove permissions for apps to read and write my health data, but I can’t be certain what they’re doing with it. Let alone, what they’re doing with the data I feed into the apps. Who knows where all that is going?

That’s not to say we shouldn’t surrender some data. Not only is it inevitable, when we know both what we’re giving up, and what we’re getting in return, it seems fair. As long as one is happy with the terms of that transaction, I can’t tell them to stop. Besides, the only alternative besides complete disconnection, is to invest time, money, and work into building technologies to keep your data under your control. It’s possible, but it’s not easy—certainly beyond the reach of the average person.

So, now we’re forced to either create a calculus of trust for who we share our data with, or just give up and let our data fall where it may. Easier just not to think about it. Besides, what does it matter? It’s only data. But that data is increasingly personal, increasingly specific, and increasingly identifiable as us. When Google knows more about you than you know about you, this has massive potential for abuse.

It’s important that we see the value of what we’re giving up, and decide for ourselves what we are comfortable with. Take stock of who you’ve shared your data with, what accounts you have and no longer use. See what apps are connected with your social media accounts and what data trails you’re leaving behind you. Without knowing how much you’re leaving behind, how can you possibly be comfortable with the situation? Knowledge is power. If only the companies we’re giving this data up to would be willing to share it with us.

  1. Job application sites are often the worst when it comes to not being able to delete your account.  ↩