Advertisement

How much should we trust tech companies?

Engadget
Updated
0

Last week, the internet was awash with journalists' interpretations of Spotify's new privacy policy. Depending on whom you ask, the policy was eerie, creepy or just downright atrocious. While Spotify scrambled to reassure us that it wasn't really interested in snooping through your photos or tracking your every move, people publicly quit the service, argued with its CEO and generally hated on the company. Such public outcries are now commonplace. But what is it about the industry that evokes such an endemic distrust? Why are we so quick to believe they're out to do us harm? Aaron Souppouris and Devindra Hardawar try to get the bottom of the matter. Or at least argue about it.

Aaron Souppouris

Our opinion of the tech industry has been like a sine wave over the past decade, oscillating between "good" and "evil." Something shocking happens, there's an outcry, we accept it and then something shocking happens again. Rinse, repeat.

I think you can pinpoint the exact date when this wave entered the public conscience: April 1st, 2004. That's the day Google announced Gmail, the email service that offered a then-unheard-of 1GB of storage and threaded emails in exchange for serving contextually relevant ads. Many were worried that the company was "reading" through private communications, a process that Google assured was automated and anonymized. Privacy advocates, however, pointed to Google's data-retention policies and use of cookies to show that Gmail was the key for the company to learn more and more about you.

"While Google brags that no humans will read your emails, the entire Gmail program will involve extensive automated profiling of you as an individual," archivist Daniel Brandt told The Register two days after the service launched. "Google will be sharing the non-identifiable portions of your profile with anyone they choose. If the ownership of Google changes, or there is a merger, the entire personally identifiable profile will be available to the new owners or partners." Of course, this data collection was only ever for one reason: ads. Companies followed Google; advertising rapidly replaced purchases as the primary form of income for the tech industry; and we slowly got used to the idea that "we are the product."

Devindra Hardawar

I don't think it's too surprising why people freak out about these sorts of privacy violations. Technology companies are becoming more than mere brands; they're a part of our lives. So if they mishandle the trust we give them in any way, a bit of outrage seems warranted. I realize it's beginning to seem a bit much -- both the consumer and press reaction to privacy concerns can be overdramatic -- but ultimately I think it's a good thing.

As much as today's companies preach about trying to change the world, they're still ultimately concerned with revenues. And for ad-supported outfits like Google, Facebook and Twitter, that also means getting as many people as possible on your platform, and learning as much about them as you can. If we don't pay attention and call them out on bad behavior, then they'll just push even harder to take advantage of us (remember the outcry around Facebook's Beacon, which was its first attempt at broadening its influence across the web).

Of course, there's a danger with "crying wolf." If we freak out about every minor issue, most people will eventually just stop caring about the controversy. But for now, I think it's worth that risk to bring issues to light immediately. It would certainly be better though if journalists did more research before they start spreading FUD (Fear, uncertainty and doubt) -- consumers can do enough of that on their own.

Aaron Souppouris

I totally agree with you. There are so many misreadings and knee-jerk reactions to privacy policies that are borderline reckless. I guess that's the price you pay. If you want to be a multi-billion-dollar company, you need to get used to the scrutiny: Corporate distrust is a widely studied phenomena, and tech companies are the new financial superstars. But the fourth estate needs to pick its battles, and it needs to do its research.

There's also been a shift toward greater skepticism since the 2013 Edward Snowden leaks. There was that one slide, the PRISM one, that said Facebook, Google, Microsoft, AOL, Apple, et al. are handing all your personal information to the government. The program was supposed to be targeting non-US citizens, of course, but as a Brit using a lot of the affected services, that's not really much of a consolation. It's hard to come back from that. It's hard to get used to the idea that these basically faceless corporations have the potential to be so reckless with your data.

Devindra Hardawar

The Snowden/NSA revelations basically proved every conspiracy theorist right, at least when it came to government invasions of our privacy. As a society, we're now going through a strange period where the internet and the rise of smartphones has embedded tech in our lives far faster than many have predicted, and we're all trying to get used to the new state of things, even techies. But I also think that means now, more than ever, we should be holding these companies' feet to the fire whenever possible. What happens over the next decade will likely shape our society for much of the next century, so it's worth raising questions over things like Facebook's lackadaisical relationship with privacy, the viability of the "gig economy" enabled by companies like Uber and [Engadget owner] Verizon's troubling fight against net neutrality.

That's not to say we shouldn't be prudent about how we deal with ever-powerful tech companies. An example of a bad response: NYC Mayor Bill de Blasio tried to slow down Uber's growth in the city forcefully, arguing in part that Uber's cars adversely affected traffic in Manhattan. That prompted a snarky response from Uber and plenty of criticism against de Blasio by the tech community. The mayor ultimately backed down from that effort. (The city instead decided to conduct a four-month long research campaign on the effect of Uber and other on-demand car services on NYC traffic.)

The result of that whole fiasco? Uber ended up looking more like an embattled upstart rather than the $50 billion corporation it's become so quickly. And it'll be even harder for NYC to call the company out for legitimate issues, like the transparency around surge pricing, or the amount of taxes it pays to help support the city's mass transit system. De Blasio would have been better off focusing on those real issues with Uber, rather than something amorphous like New York traffic (which is crummy for all sorts of reasons).

Sloppy startups

Aaron Souppouris

Uber has also had more than a few privacy issues of its own. It's representative of startup culture in general, which is definitely not helping the situation. How many companies do we see launch on an idea, rather than a business plan? The venture capital system encourages startups to grow at any cost. The Instagrams, the Twitters of the world, they were only ever about building a user base. They launch with little-to-no idea how they'll make money, and similarly, they seem to work out both security and privacy policies as they go along. While neither Instagram nor Twitter has given us much cause for concern, there are plenty that have.

It's easy to forget that established names like LinkedIn have been truly reckless with our information. In 2012, the business-focused social network was hacked to the tune of 6.5 million passwords. While it's virtually impossible to create a foolproof guard against hacks, it quickly became clear that LinkedIn had some lax security policies, such as storing passwords without salting them, making decoding the hashes a fairly trivial task.

Likewise, while I was quick to defend Spotify's new privacy policy, it's the epitome of a startup working out its shit after the fact. For example, the company added a section about what it will and won't do with your location and motion information... months after it introduced a feature that tracked your location and motion. What's interesting is that no one questioned the collection of that data when the feature came out, but half the internet lost its mind when Spotify explained it in its privacy policy.

Devindra Hardawar

We're definitely coming out of a period where startups, and tech companies in general, felt they could use personal data in all sorts of ways without much consequence. That's changing, though -- especially now that iOS and Android do a much better job of alerting you of what information and resources apps are actually using. I'm hoping some of the bigger recent hacks also give these companies pause about how they're managing data.

Aaron Souppouris

The Ashley Madison hack and the Snowden leaks are perfect examples of how at risk our personal data is. Tech companies need to make clear what data they have, how long they keep it and why they need it. If a company isn't being clear, the press should do its job and find out what the truth is. Spreading FUD about a company's privacy policy isn't shining a light on the problem; it's just shining a light on the publication that's overreacting. If we carry on complaining about the wrong things -- if we carry on just asking questions instead of finding answers -- the real issues will continue to be left by the wayside.

Devindra Hardawar

Ultimately I think you and I agree Aaron; we're just frustrated by different elements of the dialog. I'd love for the press and consumers to be more educated about the issues they freak out about, so that they know precisely how much outrage they'll need to dial in. But I don't have much sympathy for tech companies today, which often seem to exist in their own bubble, unaware of how their innovations might sometimes affect normal people. For now, shouting may be the default approach, but I hope we find more constructive ways to keep tech companies accountable.