Can websites know of users' identity

[WWGD]

They usually don't connect directly unless with an official partnership, but instead with data brokers. I have a friend who works for one and the dots they connect and package for companies (often marketing depts) is mind blowing.

...And, still, the general level of conversation we have about this is , for the most part along the lines of " : I like Google, it is free". Few seem to understand or be aware of the value of data EDIT: And how it can be and is assembled, creating pretty accurate profiles. I would say this demands a national conversation.

 

[StoneTemplePython]

There are spooky issues of privacy here, but also as mentioned in post #24, there's an issue of people living in there own world of curated reality, basically automated confirmation bias.

There was an book review in 25 May 2017 in The Economist of a book called Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are -- I had been thinking of picking it up and just might for my typical end of year / x-mas reading.- - - - -
edit: it seems germane to point out that the author of the book was a data scientist at Google

 

[russ_watters]

On what ground do you conclude the data belongs to the store? The store would not have access to the data without the customer's input.

The store is in total control of its own inventory. It literally owns its inventory. When you buy something, the store transfers ownership of the item to you and keeps a record of the transaction. This is a basic function of what a store is. A store cannot function without effective tracking of its own inventory and transactions. It's they only way it can effectively re-stock its own shelves. It's the only way it can provide returns and enforce payments (for delayed-failed transactions). It has to track you and what you bought. The only thing that has changed recently (if they don't sell the data) is that they are making better use of the data for marketing. It isn't fundamentally different from your bartender remembering your favorite drink; but they program a computer to track it better.

 

[WWGD]

The store is in total control of its own inventory. It literally owns its inventory. When you buy something, the store transfers ownership of the item to you and keeps a record of the transaction. This is a basic function of what a store is. A store cannot function without effective tracking of its own inventory and transactions. It's they only way it can effectively re-stock its own shelves. It's the only way it can provide returns and enforce payments (for delayed-failed transactions). It has to track you and what you bought. The only thing that has changed recently (if they don't sell the data) is that they are making better use of the data for marketing. It isn't fundamentally different from your bartender remembering your favorite drink; but they program a computer to track it better.

But the use of the data nowadays goes way beyond tracking inventory with which I have no trouble , into heavy-duty mining and integrating with other stores, ultimately resulting in profiling.

 

[russ_watters]

But the use of the data nowadays goes way beyond tracking inventory with which I have no trouble , into heavy-duty mining and integrating with other stores.

What does that mean (how is that different from "doing it better"?)?

 

[WWGD]

What does that mean (how is that different from "doing it better"?)?

Better for who, by what measure? Do I , should I get a say on whether profiles of myself are made and sold to other stores, the government, other entities?

 

[russ_watters]

Better for who, by what measure? Do I , should I get a say on whether profiles of myself are made and sold to other stores, the government, other entities?

Ok, I didn't mean "better" as in a value judgement, I meant it as in my previous characterization of "more efficiently". I'm asking for nuts and bolts, physical differences, not a vague value judgement: What is the store physically doing with its data (the store's data, not your data) that has changed in recent history to make you feel uncomfortable about it? This is so common and my main objection to such complaints: people "feel" like something bad is happening without being able to articulate exactly what the thing is.

 

[WWGD]

Ok, I didn't mean "better" as in a value judgement, I meant it as in my previous characterization of "more efficiently". I'm asking for nuts and bolts, physical differences, not a vague value judgement: What is the store physically doing with its data (the store's data, not your data) that has changed in recent history? This is so common and my main objection to such complaints: people "feel" like something bad is happening without being able to articulate exactly what the thing is.

Well, I have not yet agreed that it is data that should necessarily be owned by the store. And, why is the burden of pointing out problems with myself as a consumer, rather than having the store convincingly argue that there are no issues resulting with the store's unrestricted use of the data? Shouldn't I have the right to say: I just choose not to allow my data to be used in certain ways , whether I am somehow acting like a spoiled child or not? EDIT: Store data may be used, e.g., to deny health insurance to those who can be profiled as being unhealthy, or used to identify those who oppose the government, corporations, etc. Don't get me wrong, I am not a conspiracy theorist, but , to prevent things of this sort from hapenning, however unlikely they may be, I just choose to want to have my data kept private , and to have access to it restricted.

 

[rootone]

A website does not have a magic camera that can see you.
It can only process whatever information you have given it.
If a site requires an email address, you can avoid spam in your usual email by making another temporary address.

 

[jtbell]

AFAIK, the hits you get will depend on your previous searches, when using Google

You can circumvent this by using a "private" window in your browser (Firefox, in my case).

 

[OCR]

This is also very confusing.

Lol, it gets is even worse...

Googles Privacy Policy... HERE . . Advertising... HERE . . Google Analytics... HERE .

After logging into here, these are the cookies I've collected so far... Wikipedias GeoIP has me located within about ten miles of where I really live...

I made the big black line... . . lol

 

[russ_watters]

Well, I have not yet agreed that it is data that should necessarily be owned by the store.

Again: please stop being so vague. I described in detail what the data is and how the store gets it and needs it -- the fact that it is a fundamental function of what the store does. If you have a meaningful objection to make to that description, please make it. This "i have not agreed" thing is just a way to disagree without providing substance to defend your position.

And, why is the burden of pointing out problems with myself as a consumer...

Because you are the one complaining. Your complaints cannot be fairly addressed if you cannot even articulate what those complaints are:
1. What, specifically, are stores doing that is unfair?
2. Why, exactly is it unfair?

EDIT: Store data may be used, e.g., to deny health insurance to those who can be profiled as being unhealthy, or used to identify those who oppose the government, corporations, etc. Don't get me wrong, I am not a conspiracy theorist, but , to prevent things of this sort from hapenning, however unlikely they may be, I just choose to want to have my data kept private , and to have access to it restricted.

...um...ok, so this isn't about real/current problems/abuses but potential future abuses? If you're saying that, then sure, we're in agreement: there isn't anything currently wrong.

[Edit] Actually, I'll give one last try by rebooting:

In some countries , parts of Europe I believe, the data generated by the customer is their property, not the market's to be mined for their profit.

Can you cite any specific countries, their laws or specific pieces of data to which that applies or you believe should apply.

 

[russ_watters]

I think my other line of discussion may be at a dead end, so I'll try here:

This is also very confusing. As I mentioned in my previous posts in this thread, I opened a thread and this tool, Google Analytics determined or instantly had this info and since the question is about privacy, probably from the IP address they sent me their privacy agreement? This is too fast and very strange? Might it be an artificial intelligence? I heard they were very fast for operations in exchange market.

I think it is helpful to try to compare what is happening online to the physical world in order to define exactly how things have changed. E.G., this thing on tracking traffic online; how is it logically any different from tracking traffic in a physical store?

Perhaps one difference in efficiency of online tracking is personal identity vs general traffic...stores have tracked physical traffic for years, but personal identification in in-store browsing is not done (much) because it is difficult. But that technical roadblock is going away.

Another: In the physical world, the newspaper and store who placed the advertisement in it don't know if you are reading it. In the online world, they do.

 

[russ_watters]

No kidding: I paid with a credit card in this place I went to for the first time and somehow they sent a message to my phone.

Are you saying that you believe with your name and credit card info only, they got your email address? I don't think that's possible.

...or text message? Sometimes phone numbers are used for credit card authorization in lieu of or in addition to signatures...?
Edit: actually, I got that wrong. Zip codes, not phone numbers. When I give a phone number it is to link to my rewards accounts.

 

[OCR]

...search engines want them confirmation if they are human, not robot etc.

That's a common technique used by a lot of websites... it cuts down on the number of "spam bots" that try to can register.

I'm a member of that site...

Here's the cookie...

 

[Borg]

Are you saying that you believe with your name and credit card info only, they got your email address? I don't think that's possible.

...or text message? Sometimes phone numbers are used for credit card authorization in lieu of or in addition to signatures...?

Whenever my wife and I land in Cancun Mexico, we get a text message pushed to our phone without any action on our part. I think that there is something scanning for phones there where it figures out the cell number and automatically attempts to send a text. It's not a common practice but I think that WWGD may have had something like that happen that was unrelated to his credit card purchase.

 

[OCR]

My email address can be found, and used by the public, without loging in... right here .

Of course, you need to know who and what to look for... .

 

[Greg Bernhardt]

You can circumvent this by using a "private" window in your browser (Firefox, in my case).

As far as I know privacy modes in browsers only disable local history and caches.

 

[jtbell]

On Firefox, when I'm logged into one of my Google accounts, its avatar appears at the upper right of Google's home page:

When I now open a private window and go to Google's home page, I get the Sign In button instead:

 

[WWGD]

Are you saying that you believe with your name and credit card info only, they got your email address? I don't think that's possible.

.

How else would I have received a copy of the receipt in my phone? I did not give anyone in the store my number in anyway, I just bought a cup of coffee there. Ditto for Stack Exchange sites sending me alerts from other non-Stack sites.

 

[WWGD]

Again: please stop being so vague. I described in detail what the data is and how the store gets it and needs it -- the fact that it is a fundamental function of what the store does.
[Edit] Actually, I'll give one last try by rebooting:

Can you cite any specific countries, their laws or specific pieces of data to which that applies or you believe should apply.

Not quite. Keeping inventory is part of what the store does and needs; forming a profile of me is not an essential part of what the store does nor is about. I have been victim of online scams that resulted from someone obtaining information they should not have had access to. I think there is clear evidence that many stores are either not willing or not able ( or both) to take serious measures to protect the data they obtain from their customers. Look at all the recent scandals to see that this is not just a hypothetical.

Would the store have any problem if I were to take data on how it is laid out? Would I be allowed to take pictures, say, for my own personal research? Say I am a consumer advocate, or just someone trying to do some real data work. The answer, as I see it, is that the store is willing to make known to the public some data ( found in , e.g., business magazines or other sources) , but there is some data from these stores that is considered out-of-bounds whereby I would be prosecuted if I somehow got a hold of it. Why isn't the reverse the case? Why do I have to consent to have restricted access to the store's data, while the store has no such restrictions?
Just because the store made self-serving decisions on using data for their benefit without my ( nor anyone else's ) consent does not make it right IMO. There is clear evidence businesses are not willing to invest any reasonable resources to protect my data.

 

[russ_watters]

Whenever my wife and I land in Cancun Mexico, we get a text message pushed to our phone without any action on our part. I think that there is something scanning for phones there where it figures out the cell number and automatically attempts to send a text. It's not a common practice but I think that WWGD may have had something like that happen that was unrelated to his credit card purchase.

Pushed to your phone from where? I don't think it is possible for anyone but the phone company to find out your phone number by detecting your phone.

When I travel abroad, I get a text or push notice from the phone company regarding activation of my international roaming plan.

 

[WWGD]

Pushed to your phone from where? I don't think it is possible for anyone but the phone company to find out your phone number by detecting your phone.

.

He may have entered his phone number on some site that may have provided, say, Google with it, and this may have become part of his overall profile.

 

[jack action]

The answer, as I see it, is that the store is willing to make known to the public some data ( found in , e.g., business magazines or other sources) , but there is some data from these stores that is considered out-of-bounds whereby I would be prosecuted if I somehow got a hold of it.

It is all about consent. You can give your phone number to a person. Doing so, you should know that he can give it to someone else, anyone. And you shouldn't be surprised if he did. If you expressly told him not to share it with anyone else, then you would expect he would never do it. If he did, you could expect reparation since you had a contract, even if it is only verbal. But if it is really important that your phone number is not shared with anyone, then a contract is not enough: you need to make sure that the person will be able to fulfill his engagement. It is one thing to promise something and another to honor it. You have to established a trust relationship before engaging with someone else. If that person is a dear friend you know very well and have great confidence in him, then you may not even need to tell him not to share it: Your relationship will be so important to him that he wouldn't dare risk it. But you cannot expect such an implicit contract with a stranger.

If you took data from a store without their consent, or you use it for other purposes than what they gave you permission for, then yes they will prosecute you. But you can do the same as well. The thing is that you probably consent to a lot more than you care for, because you badly want to do business with them.

Why do I have to consent to have restricted access to the store's data, while the store has no such restrictions?

You don't have to consent to anything, nobody forces you doing business with anyone. You can also request any restriction you want from any business you want to deal with. But they also have free will and can refuse doing business with you under your terms. That is just fair.

You can bet that doctors will take great care into not revealing info from their patient records, because if they did, they would loose all their clients. The 'people' can have the power, but they need to claim it.

There is also the case where people just post things publicly, for anyone to see (like here on PF). You can't complaint afterward that someone used that info for their gain. And you can't shout to the world something, then say «Please, don't use this against me».

Amish people don't care about Google. They still have jobs, eat 3 times a day, have a place they call home, get married and have children. In short, they still live a full life.

 

[WWGD]

It is all about consent. You can give your phone number to a person. Doing so, you should know that he can give it to someone else, anyone. And you shouldn't be surprised if he did. If you expressly told him not to share it with anyone else, then you would expect he would never do it. If he did, you could expect reparation since you had a contract, even if it is only verbal. But if it is really important that your phone number is not shared with anyone, then a contract is not enough: you need to make sure that the person will be able to fulfill his engagement. It is one thing to promise something and another to honor it. You have to established a trust relationship before engaging with someone else. If that person is a dear friend you know very well and have great confidence in him, then you may not even need to tell him not to share it: Your relationship will be so important to him that he wouldn't dare risk it. But you cannot expect such an implicit contract with a stranger.

If you took data from a store without their consent, or you use it for other purposes than what they gave you permission for, then yes they will prosecute you. But you can do the same as well. The thing is that you probably consent to a lot more than you care for, because you badly want to do business with them.

You don't have to consent to anything, nobody forces you doing business with anyone. You can also request any restriction you want from any business you want to deal with. But they also have free will and can refuse doing business with you under your terms. That is just fair.

You can bet that doctors will take great care into not revealing info from their patient records, because if they did, they would loose all their clients. The 'people' can have the power, but they need to claim it.

There is also the case where people just post things publicly, for anyone to see (like here on PF). You can't complaint afterward that someone used that info for their gain. And you can't shout to the world something, then say «Please, don't use this against me».

Amish people don't care about Google. They still have jobs, eat 3 times a day, have a place they call home, get married and have children. In short, they still live a full life.

I would not consider a life where you marry at around 15 and forego College a full education.

EDIT Sounds nice in theory, but I do not have the time to go through the webpages of several stores before I chose whether I agree to a good-enough extent on the existing terms in the given context, consider the implications for myself, to buy something or not. This is why we have Consumer Protection agencies; the stores have many more resources than (most, if not all) individuals do . Besides, good luck reading through the thicket in what may be 50+ pages worth of (purposely?)legalese and general obfuscated material detailing a company's policies. I do make an effort to inform myself, but I have only so many resources to my avail to be able to determine these things. It seems like a national conversation in order to standardize practices would be more effective.
EDIT2: So, no, I am not " desperate to do business with a store". It just happens to be the case that I do not have the level of resources the store has and I cannot afford to do the needed research to determine whether I agree with their policies, nor do I have the means to exert pressure on the store so that it changes its policies to my liking, or at least accepting level each time I consider buying something. Again, this is why we have consumer protection agencies and other governmental institutions to protect consumers: to level the playing field resource-wise. Now, if you can find a reasonably objective source where I can find detailed information I need to assess whether I consider the terms reasonable , then your point will be, in my view, strengthened. Otherwise, I stand by my response.

 

[Jaccer]

Does it bother you that when you go into your bank or use your credit card at a store that the teller or cashier knows your name?

There is no doubt about it, of course,you need to prove your identity, especially if you need to handle your finances on the counter

 

[StoneTemplePython]

I'm not sure if this thread is worth pursuing but...

It occurs to me that people may not realize that Facial Recognition technology is getting extremely good, and may be ubiquitous in ~10 years in every major city in the US (and perhaps in smaller towns too). (I can source an Economist article on this for those interested.)

Barring wearing a Nixon mask and/or the veil, you can't opt out of facial recognition technology, esp. if you want to conduct normal business / social life, and especially if you're a city person. Under the current setup, if you want anonymity, you can pay in cash, and do not use credit cards / member rewards cards. If you are really worried about an employee knowing your identity for some reason, you can go to different stores. Ubiquitous facial recognition changes this everywhere and by a lot.

The local clerk knowing you argument seems kind of irrelevant though. That knowledge does not scale and scalability is a big deal, especially if you're talking about monitoring people and/or predicting human behavior.

 

[harborsparrow]

No matter what you do--even if you use a private virtual network--marketers can identify you most of the time. They can actually find out what add-ons and extensions you have installed in your browser, and from that, create a profile that helps them ID you. It's a bad world out there.

 

[mech-eng]

No matter what you do--even if you use a private virtual network--marketers can identify you most of the time. They can actually find out what add-ons and extensions you have installed in your browser, and from that, create a profile that helps them ID you. It's a bad world out there.

Why it is marketers? At basic what is marketers, are they search engines? What makes add-ons and extensions so important for them?

Thank you.

 

[harborsparrow]

It's called "browser fingerprinting" and you can read more about it here: https://www.networkworld.com/article/2884026/security0/browser-fingerprints-and-why-they-are-so-hard-to-erase.html

Or just Google "browser footprint" or "browser fingerprint".