By Chris Strohm and Jordan Robertson
Dec. 23 (Bloomberg) -- Google Inc., Facebook Inc. and
other Internet companies expressing outrage over the National
Security Agency intercepting their users’ data pioneered mining
information about customers, sometimes without their knowledge.
Whether it’s Google’s Android smartphone, Apple Inc.’s
iPhone, Yahoo! Inc.’s Internet search engine or Facebook’s
social-media website, Silicon Valley now relies on capturing and
analyzing information about users’ Internet habits, locations
and social media postings, some of the very information the NSA
gathers. The companies profit by sending people information
about products they’re most likely to buy.
Companies such as Yahoo have said the NSA programs will
lead to country-by-country Internet rules and damage their
prospects abroad. The indignation isn’t credible when the
companies make money from their users’ data, said Jeffrey
Chester, executive director of the Center for Digital Democracy
“They’re the biggest bunch of hypocrites on the planet,”
Chester said in a phone interview. “It’s a brilliant PR move on
their part that they’ve been able to shift the focus away from
themselves and point to the government as creating a privacy
Each piece of data a person shares online has measurable
value to the companies that collect it and marketing firms that
use it, helping to build an industry that generated $156 billion
in revenue in 2012, according to the New York-based Direct
Marketing Association. That’s more than twice the size of the
budget for U.S. intelligence agencies.
Facebook, Google, Apple and Yahoo were among 15 technology
companies that asked President Barack Obama Dec. 17 to restrain
spy programs exposed by former NSA contractor Edward Snowden and
let them disclose the extent of government prying into their
data. The agency has defended its data gathering as essential to
The NSA has tapped fiber-optic cables abroad to siphon data
from Google and Yahoo, circumvented or cracked encryption, and
covertly introduced weaknesses and back doors into coding,
according to reports in the Washington Post, the New York Times
and the U.K.’s Guardian newspaper based on documents leaked by
The technology companies’ response to those reports
revolves around a business calculation: information they receive
for free from users has a tangible value, because targeted
advertising sells more products. They risk receiving less
information if users move elsewhere.
A presidential review panel agreed this week with the
companies’ assertions that the secrecy may cost them business if
users think their communications aren’t secure.
“Data is one of the most important assets that these
companies have, and companies protect their assets zealously,”
said Jim Brock, a former Yahoo executive and co-creator of
PrivacyFix, a program that monitors Internet tracking, in a
PrivacyFix users get real-time estimates of the monetary
value of the personal data they share, derived from factors such
as the number of searches they’ve performed on Google or the
number of ’likes’ and photos they’ve posted on Facebook.
For users of Menlo Park, California-based Facebook, the
least anyone can be worth is $1.65. That value may correspond to
a male user outside the U.S., Asia or Europe, who has few
friends and posts infrequently, according to PrivacyFix
The most a user could be worth is $27.62, which corresponds
to a female user from the U.S. who has more than 250 friends and
posts more than 150 times a month. Facebook has around 1.2
“It’s very healthy for people to understand that their
data has value and this value exchange is a two-way street,”
The hundreds of millions of people who have accounts with
Cupertino, California-based Apple generate $95 of free cash flow
per person for the company, significantly more than users of
Facebook, Amazon.com Inc. and eBay Inc., Morgan Stanley analyst
Katy Huberty wrote in a research note in June.
Some data collection happens with users’ explicit
awareness, given in such tasks as signing up for a Gmail account
or clicking on an ad in Facebook.
It also occurs in indirect ways, such as viewing pages on
websites that have no advertised connection to Internet
companies, yet share data on users’ habits with them through
profit-sharing marketing arrangements.
The use of tracking cookies -- small bits of computer code
that are implanted in people’s Internet browsers when they visit
a website -- allows companies to continuously update dossiers
of users’ behavior, even when they’re not on the companies’ own
websites or not logged in to the services.
While Mountain View, California-based Google makes more
money from ads on its own sites -- because there’s no one to
share the profits with -- ads on the Google Network of affiliate
sites brought in $12.5 billion in 2012, 29 percent of the
company’s ad revenue, according to its latest annual report.
The tracking is difficult to stop. While clearing all
cookies from a browser is easy, they’re placed again the next
time the user logs into a service such as Google or Facebook or
visits sites affiliated with them.
Many websites require Internet users to have cookies
enabled to access their pages. “One cannot really opt out,”
Chester said. “Are you going to use the highway or rely on dirt
The companies say their privacy policies tell users what
data is collected and how it’s used. They say they allow users
to opt out from being tracked by disabling cookies that monitor
“Our privacy statements and principles demonstrate how we
strive to use people’s data responsibly, be transparent about
our privacy practices and offer meaningful privacy choices,”
Adrienne Hall, general manager for trustworthy computing at
Redmond, Washington-based Microsoft Corp., said in an e-mailed
name, e-mail address, birth date, gender, ZIP code, occupation,
industry, and personal interests of users, as well as
automatically receive and record “information from your
computer and browser, including your IP address, Yahoo cookie
information, software and hardware attributes, and the page you
Uses for the information include customizing advertising
and content, fulfilling requests for products and services, and
providing “anonymous reporting for internal and external
clients,” the policy states.
Sarah Meron, spokeswoman for Sunnyvale, California-based
Yahoo, declined to comment other than to refer to the privacy
Studies published this year and last year by researchers at
Carnegie Mellon University in Pittsburgh found users may not be
considering all privacy implications when they download
applications on their smartphones.
“Alarmingly, we find that people are unaware of the
security risks associated with mobile apps and believe that app
marketplaces test and reject applications,” according to one of
the studies. “In sum, users are not currently well prepared to
make informed privacy and security decisions around installing
The value of the data transcends what the Internet
companies by themselves can do with it.
Acxiom Corp., a data brokerage company based in Little
Rock, Arkansas, works with companies including Facebook to match
user data with offline information such as retail loyalty-card
purchases, to analyze ads’ effectiveness.
“Large technology firms are a key client industry for
Acxiom,” Jennifer Barrett Glasgow, global privacy and public
policy executive for the company, said in an e-mail. “We sell
them our products and services and partner to help advertisers
place ads on their sites, but we don’t get any of their data for
our own use.”
Glasgow said she takes issue with accusations that the
technology companies erode privacy.
“Tech companies work very hard at offering consumers all
kinds of choices to satisfy all views on privacy, not just the
most conservative,” she said.
Consumers probably have little understanding about how
their information is used by data brokerages like Acxiom, said
Adi Kamdar, a privacy activist with the digital rights group
Electronic Frontier Foundation in San Francisco.
“Data aggregators have large profiles of individuals and
yet consumers have no idea they exist,” Kamdar said.
Data brokers segment Americans into categories based on
their incomes, including categories labeled as “Rural and
Barely Making It,” and “Ethnic Second-City Strugglers,”
according to the findings of an investigation released Dec. 18
by the Senate Commerce Committee.
Google’s acquisition of flight-information firm ITA
Software Inc. in 2011 gave it a trove of travel data to
incorporate into users’ profiles. When Facebook more than $700
million for Instagram Inc. last year, it got access to 55
million posted images a day. That may allow it to sharpen
facial-recognition technology for future use in developing
Even Apple, while saying it doesn’t amass personal
information about its customers, is intensifying its data-mining
efforts. The company’s purchase of social-media analytics firm
Topsy earlier this year gave the iPhone and iPad maker a trove
of Twitter-feed information that can be used to improve the
targeting of ads on mobile phones.
Kristin Huguet, an Apple spokeswoman, referred to a company
report in November about government information requests. It
said Apple considers privacy from the early stages of product
design and one policy covers every product.
“Perhaps most important, our business does not depend on
collecting personal data,” the report said. “We do not store
location data, Maps searches, or Siri requests in any
Spokeswomen Niki Fenwick of Google and Jodi Seth of
Facebook said their companies had no comment for this story.
The NSA revelations have presented an opportunity for
privacy watchdogs to push for changes in how consumers’ data is
used, said Chris Jay Hoofnagle, director of information privacy
programs at the Berkeley Center for Law and Technology.
The U.S. Federal Trade Commission should be more aggressive
in monitoring whether companies are complying with their privacy
policies, and fining or taking other action against those that
don’t, said Kamdar, the privacy activist.
“Strategically, the privacy advocates can get a great deal
done when consumer privacy interests align with the agenda of
businesses,” Hoofnagle wrote in an e-mail. “That said, the
underlying motivation of the Silicon Valley companies is to
protect the Internet from feeling creepy.”
For Related News and Information:
Yahoo to Facebook Get What They Wanted From NSA Review Group
Forget the NSA. That Smartphone Snooper May Be Your Spouse
Silicon Valley Nerds Seek Revenge on NSA Spies With Coding
Computer security news: NI ITSECURE
Top technology stories: TOP TECH
Internet news: NI INTERNET
--Editors: Bernard Kohn, Pui-Wing Tam
To contact the reporters on this story:
Chris Strohm in Washington at +1-202-654-7350 or
Jordan Robertson in San Francisco at +1-415-617-7102 or
To contact the editor responsible for this story:
Bernard Kohn at +1-202-654-7361 or email@example.com