No More Clear Skies? No More Privacy?
Is your campus IT department "raining on" or protecting the security of student identities?
Thinking about the growing problem of data aggregation abuse and cyberspace pollution, which impacts our daily lives on campus and off, brings to mind comparisons with other assaults on our world.
Eight days before September 11, 2001, my family moved our oldest daughter into her college dormitory in Manhattan. In the days following 9/11 the skies over North America were a constant reminder of how much things had, at least temporarily, changed. We had clear blue skies, we had partly cloudy and partly sunny skies, we had cloudy skies – but there was something missing from those skies.
It was something that drew my attention constantly, especially on any clear day with blue skies. On September 3, we had stood atop the twin towers on a bright, clear day, and watched as a team of a six computer-controlled skywriting planes puffed commercials onto the sky above New York. Then, a little more than a week later, there were no contrails anywhere. Everything we saw in the skies during those days was natural-–puffy clouds, solid clouds, but no contrails. No straight or jagged lines across the sky degrading into the usual modern art canvas that once again covers the skies every time we look up.
I couldn’t help it. It made me think, and it still makes me think, over and over again: Who gave anyone the right to take our beautiful sky and trash it with dozens of contrails zig-zagging all over the place. At some inner level I even wonder at the possible overall negative psychic effect on humans, whose brains were not evolved over millions of years to accept jagged streaks in the skies.
The headlines during the past few weeks have been full of news about a similar way the environment we live in has been despoiled – by data aggregators. I am bemused by the way that the news media, even my constant companion in the car, NPR, have handled and described the recent spate of what should be called scandals coming our way courtesy of data aggregators. Looking in that direction, the question is Who gave them permission to pollute our cyberspace in a way that means that very serious instances of identity theft are far more likely, due to their business practices?
This is an important issue on campus because our higher education institutions are data aggregators. The finance office has data, the admissions office has data, the hospital and medical school have data, some parts of auxiliary services have data. And with our brand new, sometimes working ERPs, we are busy aggregating that data. Is it secure? Who do we share it with? If I get rejected by Harvard University, I’m not going to be very happy to start getting spam like “Don’t feel bad, maybe we can help you get into Princeton or Stanford.” If you want to get really motivated by some futuristic thoughts, spend a moment thinking about how all of this relates to students’ e-portfolios!
To give NPR its due, it did give its listeners enough information that one could deduce some of the data aggregators’ business practices. But in general the news stories behind the headlines didn’t do a lot to educate us. Maybe it is that there is something sacred in our culture about whatever means someone uses to make a fortune, so long as it isn’t something we’ve previously declared to be illegal.
Here’s my understanding of the situation. Data aggregators collect information about us any way they can, and whenever they can they aggregate that data in one spot. So, my mechanic and my car dealer both know that I drive both a red Suburban and a red Aveo. My financial advisors know that I re-mortgaged my house a year and a half ago. Lowe’s knows that I have been buying drywall and flooring. A certain chain appliance store knows that I have ordered a full kitchen’s worth of new appliances. There’s a certain veteran’s information site that knows I was there looking up some disability stuff a few months ago for my brother-in-law.
What’s the first consequence of people knowing these kinds of things? Well, nowadays it is truly amazing how the frequency and content of the daily flood of spam can change in response to one’s commercial activities. A few weeks after re-mortgaging, a daily subset of mortgage and house loans spam were added to my in box. And within a week of buying those appliances, I started getting spam about appliances. I also get spam about Suburbans and accessories, although in that case I don’t know if it’s my dealer or my mechanic. And, of course, now I’m getting lots of spam about veterans, too.
So, you might ask, What? Well, a few more spam messages. Sure, that’s not a big deal. I agree. But that’s just the first step.
The data aggregators collect all of that in one spot. And then they sell it to people. They sell it to almost anyone who can pay for it. You or I could start a business and be qualified to purchase that data within a week. And that’s the dirty secret that the mainstream media dance around rather than inform us about.
In the case of the source of some of the biggest headlines in recent weeks, it appears that a group of people with initial criminal intent created false identities for themselves and over time purchased detailed personal information about thousands of people; information that could be used to steal those person’s identities and commit all sorts of crimes using them.
During that same time, thousands of legitimate companies bought the same kind of data about lots of people, too. The headlines told us that data was stolen, but they failed to note that just about anyone who wanted to could have bought that data and, in fact, the data wasn’t stolen it was purchased, fraudulently purchased. And, of course, even honestly purchased data of that sort can then be lost, stolen, or fraudulently used. Basically, the business model for data aggregators is collect data, sell it, and let the chips fall where they may.
Maybe the horse is out of the barn and closing the door is too much trouble. Data aggregation is here to stay and our lives will be forever poisoned by the fact that someone with enough money and connections can always find out about us maybe even more than we know about ourselves.
But I wonder what would have happened to our blue skies if modern communications and technology existed before they were forever ruined by contrails and their jagged, decaying remains. Picture this: It’s 2005, and until now airplanes (for some reason) had not left contrails behind in the air. A new airplane g'es into commercial usage and it leaves behind a contrail. There is a public outcry about contrails despoiling everyone’s clear blue ceiling, and citizen’s groups and governments regulate contrails out of existence, so that we can all enjoy peaceful blue skies.
After all, our technology and our understanding of the world get better and better. Throw in systems theory and a lot of understanding about the natural world and human needs, and you get –eventually–the modern sustainability movement and things like green design. Green design is now, according to my many architect friends, no longer anything so special, it’s just good design. Why, after all, would you design a building to use several times more energy than it needed to? Or one that people are uncomfortable in because the windows don’t open, d’oh?
That’s the positive view. That’s a sign that in some alternative history, it might have been possible that contrails were never imposed on all of us. And there will be future scenarios of that sort which I hope we can recognize as such when they arise. Even if the driving force has to be the need to understand who pays, and in what ways, for someone else’s wealth, knowing more about unintended consequences and protecting the world from them is a good thing.
The good news is that my daughter graduates this May with honors in English. It’s probably inevitable that her future is replete with skies full of contrails. I sure hope that she has a future with some kind of security about personal information in it. I’m not optimistic, though.
