The coming era of privacy scandals

Uber is, quite rightly, finding itself in the middle of a firestorm right now surrounding the actual and proposed ways in which it treats other people’s private, personal information. Uber has behaved in an arrogant, self-entitled manner, and deserves no little measure of comeuppance. But it would be entirely wrong to think that it is some kind of isolated case. These scandals have happened before, many times, and they’re going to continue to happen, with increasing frequency, going forwards.

Information is money, and a time-tested way of making large profits is to accumulate information about individuals and then, one way or another, sell it back to them. Uber, for instance, knows who you are and where you are, and that’s great, for you, a lot of the time, because it allows Uber to send you a car in any one of more than 200 cities around the world, to know exactly how far and how fast your trip was, and then to bill you for that trip in the most seamless way possible.

That information also allows Uber employees to personally track the location of people like venture capitalist Peter Sims and BuzzFeed journalist Johana Bhuiyan. Given the freewheeling and aggressive nature of Uber, it’s no great surprise to learn that its employees have been doing exactly that.

But there are a lot of freewheeling and aggressive companies out there. Take Bloomberg, for instance. There was a scandal last year about Bloomberg’s journalists having access to the personal information of Bloomberg clients, after which such access was rescinded. But it seems that almost everybody else who works at Bloomberg – a group which comprises the vast majority of Bloomberg’s employees – still has access to that information.

In general, if an organization has access to personal information on lots of people, it will probably access certain the information of certain individuals from time to time, without their knowledge or consent, for no particularly good reason. The gossip instinct is a strong one, and we all want to know other people’s secrets. Some of us are reasonably good at suppressing such base instincts; others among us are very bad at that. (In the latter group I’d include a fair few investigative journalists.)

Meanwhile, the amount of personal information about each of us that is stored online, in various databases which are designed to be searched with great ease, is increasing at great velocity. Put aside, for one minute, the question of who exactly controls those databases, or what their privacy policies might be. Instead, just look at this statistically: with this much information in the hands of this many companies, it’s pretty much certain that hundreds of employees at dozens of companies will spend at least some of their spare time spying on thousands of individuals. That’s just the law of large numbers. If you make it illegal it will be illegal, but it won’t stop happening.

The data revolution has happened; the toothpaste can’t be put back into the tube. It’s not just the NSA which has access to enormous amounts of personal data on us; it’s any number of companies big and small, which you may or may not have ever heard of. If that data can be subpoenaed, and most of it can be, then it can also be accessed without a subpoena by people within the firm, who might have nothing better to do during their lunch hour than look up celebrities, or friends, or enemies and see what they can find. Such behavior is ignoble, to be sure – but it is going to happen.

It’s not just employees who have access to this data, either. If you’re unfortunate enough to have angered certain groups of people on the internet, then the chances are that they will be able to find out – and they will publish – some of the most private information about you that you can possibly imagine. And once again, there’s nothing you can do about it. Sure, if you’re a crypto-privacy freak, it’s possible to anonymize your life online and leave no trace. But that’s hard, and it’s entirely unreasonable to expect normal people to behave in such a manner.

The reality is that for most of us, our privacy is something we have through some combination of luck and obscurity. Chances are, you’re simply not important enough for anybody to want to hunt down lots of information about you. But as it becomes ever easier to pull up personal information on individuals, the number of people being investigated in that way is certain to increase.

In the UK, no one paid much attention to the phone-hacking scandal so long as it was “only” politicians and royals and celebrities who were being hacked. Only after news broke that a murdered schoolgirl had been hacked did the public really start revolting. Similarly, a large part of the current backlash against Uber is due to the fact that Uber is a bully, kicking down: Sarah Lacy is not a powerful celebrity, she’s just a middle-class journalist, doing her job.

So here’s my prediction: scandals like this one will recur with increasing frequency going forwards, and the biggest uproar and outrage will tend to flare up when the person being investigated is not a public figure. Normal Americans gave up their privacy long ago. But they really hate to be reminded of that fact.