This article was published in Scientific American’s former blog network and reflects the views of the author, not necessarily those of Scientific American
You’ve had that moment: You’re in conversation with a friend about a topic, and they mention a brand of car they’re thinking of buying. Then, all of a sudden, it shows up in a Facebook advertisement, and they’re convinced their phone is spying on them.
In fact, I have been having a debate with one of my best friends for six months, sending him piece after piece of evidence about how data truly get shared. No amount of proof will do, though. My friend is one of many who are passionate about the “truth” that their phones, computers, speakers and more are listening to their every word.
Why are people so convinced? Because their trust in technology companies is broken.
On supporting science journalism
If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.
In 2018, Edelman found that “trust in technology is showing a precipitous decline”—down by 19 percentage points in the U.S. compared to the previous year. Across all 28 regions surveyed, there was an 18-point drop in trust over handling consumer data, and a 15-point decline around how technology companies operate. One out of three people say technology isn’t even contributing to humanity’s greater good the way it used to.
It’s not hard to see why. After more than a dozen retailer data hacks over the past 18 months, research showed that nearly nine out of every 10 retail e-commerce logins are actually hackers trying to bust in with stolen data. Another investigation revealed that the “Location History” feature on Android phones collects and transmits much more than GPS data; for example, it tells Google whether a particular user is on a train, in a car or on a bike and what WiFi networks are nearby.
Plus, who could forget the scandal around Cambridge Analytica, which used a Facebook quiz app to collect the personal data of 87 million people, most of whom had never even used the app? The company exploited a loophole that allowed it to collect personal data from users’ friends and even their friends’ friends. The revelation of this scheme not only helped explain the epidemic of fake news but also called into question whether privacy on social sites is even a choice anymore.
Two common misconceptions underpin most people’s beliefs that their phones are spying on them:
First, you’re easier to trace, and your actions are easier to predict, than you think. Even after the advent of the EU’s General Data Protection Regulation (GDPR) in the summer of 2018, algorithms used to target advertising are still tremendously good at tracking and predicting your online behavior. While the scraping and buying of data from data vendors has been curtailed, sites can still leverage cookies and pixels not only to see how you engage with content on individual pages, but to re-target ads based on your browsing behavior and the browsing behavior of others with similar characteristics to you.
Considering that many companies also buy the bulk of their pay-per-click (PPC) ads via Google, all that information gets transferred to one of the biggest data aggregators—and technology companies—in the world, one that is constantly refining algorithms based on this learning. In the end, people are much more predictable than they would like to believe.
Second, most coincidences truly are coincidences. Marketing intelligence analysts say the average person is exposed to 5,000 ads a day, up from 2,000 just 30 years ago. Some digital marketing experts say that’s actually the low end, and for high media consumers, the exposure can be as high as 10,000. Even by the most conservative estimate, in every 24-hour period, you’re being exposed to more than triple the number of marketing messages as there are minutes in a day. With that many opportunities to target you, if technology was really listening in, every single ad message you see would be targeted to something you’d recently said out loud.
In reality, however, your phone doesn’t need to listen in to personalize ads to you. The moment you engage with any piece of content, from an e-commerce website to a news article, you can be re-targeted by sophisticated algorithms designed to predict your likes and dislikes with incredible accuracy. Plus, when you enable the GPS or Find My Phone feature on a smartphone, you’re allowing marketers that are targeting by region to reach you as well. Really, the reality is more of a selective bias; any ad message that echoes a conversation you’ve had gets logged as proof and any that doesn’t goes in one ear and out the other.
The fact remains that we often talk about our jobs, our cars, our kitchens or our pets, so our predictable habits get interpreted as the symptoms of untrustworthy tech spying. The good news? Because these companies know so much about what makes us tick, they also have the opportunity to rebuild public trust by being more transparent about the data they collect and how they use them.
GDPR has pushed many companies in the right direction, enforcing opt-ins and limiting superfluous data collection. But at this point, tech companies will need to go further than what’s legally required. There’s no A for effort these days.
Companies should make the effort to communicate clearly about their data use to consumers in terms they can understand. For example, search engine DuckDuckGo, "the search engine that doesn't track you," is a good example of this kind of transparency—one that’s driving a 50 percent increase in traffic to its site.
In the future, companies will need to make other changes. That long “terms and conditions” page with the legalese? That will need to be complemented by a clearly called-out set of permissions, with notes to users that, if data are used for things like personalization or targeting, it’s only to deliver a more relevant user experience. Organizations will also need to continue in the spirit of GDPR with easy opt-out methods and strong privacy controls to give users a way to easily select what kind of data are being tracked. Why? Seven out of 10 people want personalized content and advertising and are willing to give up data to get it, but nearly all people say that the process of collecting that data should be more transparent to users.
If building back consumer trust isn’t enough of a benefit for organizations, then maybe more business is.
Salesforce Research found people would be more loyal to companies they trusted (95 percent), were more likely to buy more from them (92 percent) and more likely to recommend the business to a friend (93 percent).
Here’s what I know for sure: Your phone isn’t spying on you, but companies are interested in what you say. So use your voice to push for more transparency—and soon you’ll find more companies explaining clearly how your data are used and why.