Cracked Labs

Institute for Critical Digital Culture

Home » "Corporate Surveillance" report » Info

Report “Corporate Surveillance in Everyday Life" – Info

Links, Downloads, Summary, Author Info, Contents

Corporate Surveillance in Everyday Life. How Companies Collect, Combine, Analyze, Trade, and Use Personal Data on Billions. A Report by Cracked Labs, Vienna, June 2017. Author: Wolfie Christl. Contributors: Katharina Kopp, Patrick Urs Riechert. Illustrations: Pascale Osterwalder.

» Download full report as PDF
» Web publication with infographics

» All infographics/illustrations on one page

Contact

impact@crackedlabs.org
(phone contact on request)

Media Coverage / What Others Say

  • “How we are all pushed, filed, stamped, indexed, briefed, debriefed or numbered – by online biz all day. Cracked Labs shines light on surveillance capitalism” (The Register)
  • “Untangling the other dark web – of pervasive, inescapable, corporate surveillance” (Glyn Moody)
  • “a new, authoritative & chilling report on how big corporates track your every move” (Carole Cadwalladr, The Guardian / Observer)
  • “Ninety-three glorious pages” (Bruce Sterling on his wired.com blog)
  • “a comprehensive, must-read new report” (The Irish Times)

Summary of the Report

In recent years, a wide range of companies has started to monitor, track, and follow people in virtually all aspects of their lives. The behaviors, movements, social relationships, interests, weaknesses, and most private moments of billions are now constantly recorded, evaluated, and analyzed in real-time. The collection and exploitation of personal information has become a multi-billion industry. The pervasive surveillance machine that was developed for online advertising is now rapidly expanding into other fields, from pricing to political communication to credit scoring to risk management. At the same time, only the tip of the iceberg of data and profiling activities is visible to individuals. Much of it occurs in the background and remains opaque and barely understood by most consumers, as well as by civil society, journalists, and policymakers.

The report “Corporate Surveillance in Everyday Life” examines the inner workings of today’s personal data industry in detail. Based on years of research and the previous 2016 report „Networks of Control“, the investigation shines light on the actual practices and hidden data flows between companies. It maps the structure and scope of today’s digital tracking and profiling ecosystems and explores data-gathering technologies, platforms, devices, and business models, as well as key recent developments, placing a strong focus on elucidating its societal implications.

The report shows that a vast landscape of data companies has emerged that continuously share and trade digital profiles with one another. This landscape consists not only of large platforms such as Google and Facebook, credit reporting agencies, marketing data brokers, and digital advertising companies, but also of myriads of other businesses that sell products or services to consumers in sectors such as retail, consumer goods, media and publishing, telecommunications, and financial services. A big step into systematic consumer surveillance occurred in the 1990s through database marketing, loyalty programs, and advanced consumer credit reporting. After the rise of the Internet and online advertising in the early 2000s and the advent of social networks, smartphones, and programmatic advertising in the late 2000s, we are now witnessing a new phase defined by the traditional consumer data industries joining forces with the digital data industries.

Companies utilize data on consumers in order to take economic advantage. In particular, two – sometimes related – aspects of commercial tracking and profiling raise concerns:

  • Pervasive social sorting. A wide range of companies can now identify, categorize, assess, rate, and rank consumers across platforms and devices. Every click on a website and every swipe on a smartphone may trigger a wide variety of hidden data sharing mechanisms distributed across several companies and, as a result, directly affect a person’s available choices. In addition, behavioral data about everyday life is increasingly used to make automated decisions on groups of people in crucial areas such as finance, insurance, and healthcare. Both many trivial and single consequential outcomes of this permanent sorting may lead to cumulative disadvantage, discrimination and exclusion, and may reinforce or even worsen existing inequalities.
  • Data-driven persuasion. Digital tracking and profiling, in combination with advanced customer management technologies, personalization and testing, has become a powerful tool set to systematically influence people’s behavior. Companies optimize their modes of data-driven persuasion to make users visit a website, click on an ad, register for a service, subscribe to a newsletter, download an app, or purchase a product. They can also use their data wealth to personalize prices by predicting how valuable someone might be as customer in the long term or how much someone is probably willing to pay in a specific moment. Similarly, politicians can target voters with messages adapted to their personality and political views on certain issues.

Three key developments in recent years have rapidly introduced unprecedented new qualities of how data can be strategically abused against individuals and groups of people. First, companies have started to combine and link data from the web and smartphones with the customer data and offline information that they have been amassing for decades. Second, businesses in all industries can now capture and measure every interaction with a consumer in real-time, including on websites, platforms, and devices that they do not control themselves. Third, the distinction between the use of data for marketing and for risk management is blurring more and more:

  • Marketing and risk. Data that has been collected in the contexts of credit scoring, identity verification, fraud prevention, payment processing, or even healthcare increasingly find application in customer relationship management, online targeting, and other marketing purposes. Furthermore, data and analytics companies that perform risk assessments of individuals have started to provide their clients with services that integrate and unify data for risk management, customer relationship management, and marketing. Most marketing data brokers also trade many kinds of sensitive information about consumers, including about their financial situation.
  • Real-time fraud detection. Digital fraud detection services use highly invasive technologies to evaluate billions of online transactions in order to identify devices, individuals, and suspicious behaviors. They combine data collected for online fraud detection with offline identity records and information about someone’s financial situation. The two faces of real-time tracking – online advertising that constantly evaluates each individual’s economic potential and fraud detection that gauges a given person’s risk potential – are increasingly being enmeshed and integrated with one another.

While the picture is becoming clearer, large parts of the systems in place still remain in the dark. Enforcing transparency about corporate data practices remains one of several key prerequisites to resolving the massive information asymmetries and power imbalances between data companies and the people they process data on. Hopefully this report’s findings will encourage further work by scholars, journalists, and others in the fields of civil rights, data protection, consumer protection – and, ideally, also by policymakers and the companies themselves.

Author Info

The author of the report, Wolfie Christl, is a technologist, researcher, writer, and digital rights activist based in Vienna, Austria. In 2013, he co-created Data Dealer, an award-winning online game on personal data and privacy. His 2016 book Networks of Control is, according to the “International Association of Privacy Professionals”, a “slow-burning horror film”, and, according to Paul Nemitz, Director Fundamental Rights at the Directorate-General Justice of the European Commission, “a must-read for anyone who is interested in today's data-driven world”. Wolfie Christl has presented his research in the European Parliament, has contributed to TV documentaries about digital tracking, works as a trainer for employee privacy, and writes for newspapers such as the German FAZ. From 2000 to 2006 he was a part of Public Netbase, a digital art platform, non-profit ISP, and somewhat of an early hackerspace in Vienna. He and his projects have been featured in the New York Times, Forbes, and many other media outlets around the world.

Cracked Labs

Cracked Labs is an independent research institute and creative laboratory based in Vienna, Austria. It investigates the socio-cultural impacts of information technology and develops social innovations in the field of digital culture. Cracked Labs is a non-profit organization. It was established in 2012 to strengthen a participatory and self-determined use of information and communication technology as well as the free access to knowledge and information – independently from commercial or governmental interests.

Contents of the Report

Relevant players within the business of personal data:

  • Businesses in all industries
  • Media organizations and digital publishers
  • Telecom companies and Internet Service Providers
  • Devices and Internet of Things
  • Financial services and insurance
  • Public sector and key societal domains
  • Future developments?

The Risk Data Industry:

  • Rating people in finance, insurance and employment
  • Credit scoring based on digital behavioral data
  • Identity verification and fraud prevention
  • Online identity and fraud scoring in real-time
  • Investigating consumers based on digital records

The Marketing Data Industry:

  • Sorting and ranking consumers for marketing
  • The rise of programmatic advertising technology
  • Connecting offline and online data
  • Recording and managing behaviors in real-time
  • Collecting identities and identity resolution
  • Managing consumers with CRM, CIAM and MDM

Examples of Consumer Data Broker Ecosystems:

  • Acxiom, its services, data providers, and partners
  • Oracle as a consumer data platform

Key Developments in Recent Years:

  • Networks of digital tracking and profiling
  • Large-scale aggregation and linking of identifiers
  • “Anonymous” recognition
  • Analyzing, categorizing, rating and ranking people
  • Real-time monitoring of behavioral data streams
  • Mass personalization
  • Testing and experimenting on people
  • Mission creep – everyday life, risk assessment and marketing



The production of this report, web materials, and illustrations was supported by the Open Society Foundations.