I tried to access my secret consumer data. Their facial recognition software told me to smile.

In early November, the New York Times published an article called "I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too." Naturally, this struck my curiosity, and I decide to try and navigate the various labyrinthine processes to try and find out what kind of information the conglomerates have on me, and how I can potentially get rid of it.

One of the main databrokers featured in the article is a company named Sift. They're reportedly easy enough to get your information from, and they're said to have a lot of it, too. I sent in my initial request, and they wrote back, saying they just needed to confirm my identity. Makes sense, I guess. I clicked the link, and they asked me to upload a photo of my Driver's License and scan the barcode on the back. Okay, fine; so I did it.

The next step required me to confirm my identity with a selfie. I assume that I am giving them more data to feed their facial recognition algorithms, which in turn will be sold to other companies to use for who-knows-it. But again, I went along with it. I took my hat off, smoothed out my greasy bedhead, and took a selfie:

Notice that little red alert at the bottom of the screen: "Make sure you are looking joyful or happy and try again."

I think I look pretty "joyful" here, all things considered. Besides, I'm not smiling in my driver's license photo; in fact, I was specifically told not to smile. Read the rest

Zappos Data Breach consolation might be the most egregious one yet

Back in 2011, I signed up for a Zappos account so I could buy pants for a wedding I was in. Then I returned them because they didn't fit. I ended up buying them at the local Macy's instead (although I bought the wrong shade of grey, oops).

That should have been the end of my relationship with Zappos. Until I received this email the other day:

Zappos put me at risk by exposing my data. And the best mea culpa they can offer is "Here's a discount so you can help us to increase our Q4 revenue!" That might be even pathetic than the $125 offering from Equifax. Equifax may have exposed more personal information, but unless I plan on buying a $2,000 pair of John Lobb boots from Zappos—thus giving $1800 back to the company that just screwed over my data—then I'm basically getting nothing.

To be clear, Zappos offer here has only been preliminarily approved by the court in charge of the settlement. If enough people say, "I'm not paying you to pay me financial damages," the judge may change their mind. But I wouldn't hold my breath. If the only consequence to expose customer data is increasing Q4 revenue, then there's never going to be any incentive for any company to give a shit about the personal information of the people who keep them in business. And that's not a healthy economy.

Image: Patrick Kitely/Flickr Read the rest

"Owning your data" will not save you from data capitalism

The fight against surveillance capitalism and mass state surveillance has reached a tipping point, the peak-indifference moment, when new privacy advocates are self-radicalizing as they witness firsthand the undeniable risks of overcollection, over-retention, and secret manipulation of personal data. Read the rest