These days, you need a healthy dose of naiveté to think that your personal data isn't routinely bought, sold or tracked online. Tracking cookies are the norm on popular websites, and tech giants such as Google and Facebook have a reputation for mishandling and/or overcollecting users' personal data.
But while those issues receive lots of attention, corporations and governments may keep an eye on you in other, lesser-known ways. Here are five online privacy intrusions that you might not know about.
The Government Might Be Building a File on You
The idea that government agents are reading your email messages and listening to your phone calls sounds like the stuff of conspiracy theorists, but saner minds claim that it's possible. According to several former National Security Agency employees-turned-whistleblowers, the government is building a dossier on practically every U.S. citizen, drawing on information from e-mails and phone calls. And as Wired has reported, the NSA is building a massive spy center to sift through all the data and figure out who's a threat.
But good luck getting the government to be at all transparent on the issue. The NSA denies that it has the ability to spy on people's email, but also says it would violate people's privacy to say whether they've been spied on. The agency's verbal contortions are vaguely amusing, but mostly just frightening.
What You Can Do: Of course, you can't opt out of this type of data collection, but you can hope that Congress doesn't renew the FISA Amendments Act, which would renew a Bush administration law that allows the government to collect large amounts of information from the "international communications" of American citizens. The Electronic Freedom Foundation is imploring citizens to write their members of Congress about the issue.
Ebooks Know What Kind of Reader You Are
In the digital age, your reading habits are an open book to companies like Amazon, Barnes & Noble, and Apple. As The Wall Street Journal reports, ebook sellers can easily track reading data--data such as how long you spend reading, how far you get in a book, what text you search for, and what you read next. Not all companies are open about what they collect, but Barnes & Noble's vice president of ebooks, Jim Hilt, confirmed to the Journal that the bookseller is "in the earliest stages of deep analytics," and uses the data to determine which books to sell on its Nook ebook reader products.
There's no evidence that booksellers use reading data for nefarious purposes, such as sharing your habits with marketers or government agencies. The bigger concern, for the moment, is that authors and publishers may tailor the content they create or publish to sync with the reading tastes of the mainstream, which would discourage creative risk-taking and diminish the variety of available content.
What You Can Do: If you're uncomfortable having your reading habits collected, your only option is to shut off your device's Internet connection whenever you're about to open an ebook.
Offline Retailers May Know What You're Doing Online
For retailers, learning as much as possible about customers' buying habits doesn't stop when you leave the store. Last February, The New York Times reported that Target assigns every shopper a "Guest ID" number when possible. This code links the shopper's offline purchases to their online activity, which according to the Times includes Web history and the shopper's responses to promotional emails. Target uses this data to predict what customers want and figure out how and when best to pitch to them.
Although targeted marketing isn't the most evil offense, it can occasionally create some messy situations. The Times relates a story where a Target store inadvertently revealed a teenage girl's pregnancy to her father by mailing coupons for baby-related products, based on the retailer's prediction algorithms. (It's unclear whether the girl's Web history played a role in this case.)
What You Can Do: Installing a Do Not Track add-on for your Web browser will reduce your chances of being followed around the Web by marketers. This prevents many data collection firms, who provide users' browsing habits to retailers, from following you. My colleague Ian Paul has rounded up some third-party options, though many browsers now have a Do Not Track preference built in.
Wireless Carriers Sell User Info for Big Bucks
The wireless carriers have a knack for extracting more and more money out of their subscribers--or, it turns out, from their subscribers' data. One lucrative gig involves retrieving users' locations on behalf of law enforcement, in many cases without warrants. AT&T, just one of the participating carriers, reportedly received $8.2 million in 2011 for providing this service, so it works out pretty well for all involved--except those users who don't want to be followed, that is.
That's not the only example of wireless carriers profiting from user data. As CNN reported last year, all four of the major wireless carriers use aggregated, anonymous customer data to target ads. Verizon even sells that data to third parties. The amount of data each carrier collects varies, but Sprint is the worst offender, using mobile Web browsing and app download history to help its clients target ads.
What You Can Do: To opt out of targeted marketing from wireless carriers, you must visit their websites (AT&T, Sprint, T-Mobile, and Verizon). Unfortunately, the only way to prevent law enforcement from finding you is to stop using location-based services on your phone.
Debt Collectors Turn to Facebook to Stalk Debtors
Debt collectors on Facebook aren't a new trend, but reports on the phenomenon keep popping up, so this creepy invasion of privacy is obviously still news to some people. We've heard horror stories of debt collectors who not only stalk the debtor, but harass friends and family as well. In the physical world, the Fair Debt Collection Practices Act places restrictions on how collectors can contact debtors, but online, the rules aren't as clearly defined.
What You Can Do: The first priority is to adjust your Facebook privacy settings, so strangers can't contact you. Facebook also doesn't take kindly to debt collection on its network, and recommends that users report such behavior to the company, the Federal Trade Commission, and the user's state attorney general.