INTERVIEW: Andy Kahl, Senior Director of Transparency at Ghostery, on apps selling your data

Callum Tennent
June 23, 2014

Wearable tech is the fastest expanding technology in the consumer mobile sector right now. We’ve embraced it, and so have millions of other consumers worldwide. With the launch of the Motorola Moto 360  and Apple’s iWatch  set for the end of this year, the scene can only get bigger.

Fitness tracking is a big part of the wearable scene – in fact you don’t even need a special gadget to partake, with over 5,000 apps on the iOS App Store available granting you the ability to monitor your lifestyle through your smartphone alone.

It’s a great luxury to have, and a feature vastly appreciated by countless consumers. But with these abilities comes a new level of digital exposure many of us may have never been subjected to before. Think about what personal data you would put in to an ordinary online form. Name, age, address? Maybe even your bank details? Sure. But what about data a little more intimate, like your height, weight, dietary habits, even where you like to go for your weekly run. It may not be as valuable to us as our debit card number, but it’s certainly a lot more personal.

What if someone were to, unbeknownst to you, take that data? It may sound creepy, but the chances are that if you’ve used a fitness and lifestyle app before they already have.

The worst part of all is that you most likely agreed to this harvesting of your personal data. There’s more than 70 third-party companies out there who make a living out of you unintentionally surrendering your most intimate personal details and selling them on to companies that deal in pharmaceuticals, insurance and the like.

These are the claims being made by the people at  Ghostery. Ghostery is a browser extension (available on both desktop and mobile) which not only blocks third-party trackers and data miners, but also names and shames the perpetrators for you. If Edward Snowden uses it then it must be doing something right.

We spoke with Andy Kahl, Senior Director of Transparency (a much cooler title than we could ever hope to have) at Ghostery, about how you can reclaim control of your data without throwing away your smartwatch.

Ghostery - Andy Kahl

First off, though, we asked exactly how Ghostery learned that there was such a prolific industry behind mobile data-collection.

“Our lab tool scanned a set of apps for third-party stuff, and it revealed to us where data you put into the app is being sent. It turns out there was prolific data sharing with analytics companies and data collection firms. These firms then take huge samples of that data and sell them on to ad companies. There’s a whole ton of them, too many for me to list off the top of my head – Analytics Tools, Google, Tap Ad and Flurry to name a few.”

So why exactly is this whole issue so secretive? Why do more people not know about it if it can be unveiled with a simple scan of an app?

“It depends on what territory or country you’re in, but it’s not illegal. When you download one of these apps which collects your data you’re agreeing to give it away. Users need to understand that if a product is free,  you  are the product.

“There’s only really two ways in which doing this could be illegal: not asking for the data at all, or using it in violation of a discrimination law.”

You see, as it turns out, when companies take our data from apps (of all kinds, not just fitness-related) they  have asked for our permission. It just turns out that we didn’t realise. Kahl explained that the right to surrender our submitted data is usually buried away within the vast depths of the terms and conditions pages that we all so hurriedly click through every time we install something. “Comedian John Oliver put it best when he said that they could put the entire text of Mein Kampf in those agreement things, we’d still click ‘Agree’ to it!” says Kahl.

“The problem isn’t so much that we’re asked to give our data away, it’s that we don’t have the choice. That’s it. There’s no premium opt-out of data sharing – there’s not a lot of real options. Even paid products do it. Fitness and wearables is one of the more prolific genre of apps to do it, too. It’s definitely towards the top-end of the scale.

“It means that even if you’re vigilant about this sort of thing, all it takes is one unfortunate minute for you to allow yourself to hand away your data, even if you don’t want to. The wording of the agreements means that they reserve the right to do anything with it.”

So how can we say for sure if we’ve fallen into one of these traps? “Targeted ads”, says Kahl. “It’s often data on seemingly irrelevant issues, but when you combine it with other stuff – that’s what companies will pay money for.

“There’s no real  specific thing that they’re after. Your individual information is worth pennies. But broad categories like age groups, weight groups, gender, those are popular. Location is a popular one too, for the targeted ads.

“It’s funny, even I’m sometimes walking along checking my smartphone and an ad will pop up for something nearby that it thinks I’ll be interested in and I’ll think, ‘how does it know that? What did I agree to?'”

Adverts are nothing new though. We’ve been bombarded with them since the dawn of capitalism – it just so happens that in the modern age they’re now occasionally relevant to us.

“Data driven decisions are an advantage of this new world,” says Kahl, “Privacy is different for everyone. Sometimes it’s a fair tradeoff – if you’re getting this ‘free’ service.”

“We’re not here to tell people that these data selling companies are wrong. It’s reasonable not to worry – we just want to inform. Your biggest tool is awareness. The only thing wrong here is that people so often just aren’t aware. Think of data as money in your pocket, and you should try and see if it’s worth the trade.

“We want the industry to adapt to a culture of transparency, and to help the consumer adjust to a culture of education.

“The Ghostery extension is available on desktop, as well as an extension for the Chrome and Firefox mobile apps. But doing it on an app-level is challenging. Your best bet is to delete your infrequently used apps and use greater discrepancy in the future.”

Whether the glass is half empty or half full would depend on how much you value your data, it would seem. On the one hand there’s not much you can do about the inevitable harvesting of your every intimacy (if you happen to be particularly secretive about your weight). It’s a little dystopian, but it’s the way it is. On the other hand, it seems that the intentions of these ad companies are fairly benign – they exist to make money, and they’ll unreservedly sell your info to whoever wants it. And even then, the only thing those buyers want to do in turn is sell  you things. The circle of consumerism.

For those curious, Ghostery (under its former name of Evidon) has compiled a series of helpful charts to reveal exactly which companies are tracking, publishing and purchasing your data, and from which apps. Click here to take  a look.

About the Author

Callum Tennent

International playboy/tech journalist.

Share this article