Earlier this week, the Washington Post published a report detailing the widespread use of surveillance software by governments to track the movements of cellphone users both within and outside their borders. The news highlights yet another example of a dangerous schism developing in a data-driven mobile industry between the reasons consumers share data and the way it is eventually used.
Technologies such as contextual computing that draw on “big data” represent a huge opportunity for the local tech sector. They will open new markets, and shake up old ones. But they also will put even more consumer information in the hands of technology companies. Opaque data practices only undermine the trust needed to build these services, and threaten to slow the voracious appetite which consumers have shown for mobile applications over the past half-decade.
The changing economics of the data play
The surveillance software highlighted in the Post article exploits a problematic necessity of cellular networks: in order to route a call, or data, to the nearest tower, a device needs to share its location with the network. What’s left is binary residue — bits of latitudes and longitudes paired with a timestamp and user ID — that software can weave together into a map of a user’s day-to-day activities.
Until recently, these bits of data were difficult to manage, expensive to store, and relatively inert in the marketplace. But the economics of the data play are changing, allowing companies and governments alike to turn this residue into valuable information.
For one, distributed computing projects such as Hadoop now allow companies to make sense of enormous amounts of information in matters of seconds rather than days. More importantly, the cost of storage has declined remarkably in the past few years. In July, Amazon cut the price of its cloud services by up to 50% overnight.
In the private sector, these trends have helped to tip a financial formula that has governed the way many businesses handle data. The potential value of data generated as a byproduct of another activity — say, locating a user to connect a call — now exceeds costs of storing said information. For many companies, it’s a bigger risk to let go of data and miss the next big business than to hold on to it for a rainy data and never see it used.
For cellular carriers, the promise of a data business has largely netted underwhelming results. Earlier this year, I spoke with Evan Conway, VP of strategy & monetization at Pingsight Media, a division of Sprint tasked with turning the terabytes of data flowing through the company’s network — mostly, aggregated location and mobile web activity — into a business.
Conway, who joined Sprint in 2011 after the carrier acquired a mobile development shop he founded to buttress its data efforts, said that the advertising market remains a relatively small part of the divisions business. Instead, the company has built a much larger business selling location data in aggregate to city engineers, financial services and other verticals interested in broader movement trends.
In many ways, the advertising industry is in a much stronger position to build a location data business than carriers. Whereas Sprint and others need to protect a core subscription business, the advertising industry is already steeped in a culture of data mining and implicit exchange of value. In addition, the advertising firms have access to the GPS-driven location data generated from the device rather than the triangulated estimates available to the networks.
The mobile advertising exchanges already play an important role as a data resource. Over the past 18 months, a number of mobile advertising firms have developed programs to mine the location data attached to the billions of ad requests passed on by publishers. They take that data, originally intended to target an ad to a user as he used a given app, to create profiles that can be used to target users on mobile, desktop or tablet media. Michael Lieberman, chief executive North America at Joule, told me recently that nearly every brand uses some form of this location-driven profiling today.
What’s more concerning is that the data could eventually provide insights for other more remote constituencies. Earlier this year, Two Sigma Investments, a hedge fund specializing in computer-driven trading, led a $10 million round in Placed, with the intention of using the company’s data to influence investments. Placed sources data directly from a large panel of opted-in users with the express intent of selling it, but the interest of a large hedge fund points to the demand.
The need to opt-out of opt-in
As the market for data proliferates, the advertising and tech community needs to address the way it communicates policies around consumer information. The opt in — long a catch-all for consumer protection — no longer provides the necessary transparency and power to accommodate an data industry in which nearly every industry has a stake and seemingly innocuous data can provide.
“Business models and technologies have jumped forward allowing for more granular types of data to be collected and shared, and now the privacy controls need to catch up,” Jules Polonetsky, executive director and co-chair of the Future of Privacy Forum, told me earlier this month, speaking about the passive location of data by app developers. “[Technology companies] are used to saying it’s opt-in — and that’s it. But today, when saying yes means interacting with beacons or sharing location history with an ad network, that’s a lot for one opt-in.”
Polonetsky, formerly the chief privacy officer at AOL, says that the stakeholders in the technology industry have started to confront the problem. In September, Apple is expected to revise its opt-in procedures for location sharing, allowing users only share location data with application developers while the app is open.
But the moves by Apple and others still fail to provide consumers with transparency and control over the multitude of ways their information is used throughout its lifetime. Outside of certain types of health or financial information, the U.S. does not have a general privacy law that extends beyond standard consumer protection laws, says Polonetsky.
The industry needs a clear delineation between data used for operations — say, a cell network finding the nearest tower or a search application personalization results — and information collected in order to be sold or used by a third-party. Without it, innovation will face the concerns and mistrusts of a skeptical consumer.
Steven Jacobs is Street Fight’s deputy editor.