保護隱私,用戶最信任哪家互聯(lián)網(wǎng)平臺?
Daniel Barber
2021-11-15
Robinhood對數(shù)據(jù)泄露的透明處理在很大程度上使人安心。圖片來源:SOPA IMAGES/GETTY IMAGES
2021年,數(shù)據(jù)隱私保衛(wèi)戰(zhàn)全面打響,蘋果推出數(shù)據(jù)隱私工具,卻遭到Facebook的抵制。TikTok試圖獲取用戶生物特征信息,在一起指控濫用數(shù)據(jù)的集體訴訟中以9200萬美元達成和解,WhatsApp更是在更改隱私政策后失去了大量用戶。就在上周,Robinhood公布了700萬客戶的個人信息被泄露的細節(jié)。
雖然消費者逐漸意識到,一眾公司大肆收集用戶個人信息,但并不清楚到底有多少數(shù)據(jù)被提取或作何用途。
為幫助大眾了解公司收集了多少數(shù)據(jù),Clario專門制作圖表,詳細顯示哪些公司收集的數(shù)據(jù)最多,收集了哪些類型的數(shù)據(jù),結(jié)果讓人大開眼界。但即使有了這些圖表,我們也無法真正了解公司如何使用這些數(shù)據(jù)。
你不得不授權(quán)Instagram訪問相機相冊,一旦授權(quán),Instagram實際獲得的圖庫訪問權(quán)限非你所能想象。Instagram會拿你的照片做什么?我們無從得知。
贏家:亞馬遜、蘋果和戴森
在最近的一項調(diào)查中,客戶表示在個人數(shù)據(jù)保護上,最信任的是亞馬遜,其次是Netflix。這表明,令人愉悅的定制化體驗能夠有效吸引用戶共享信息。沒有人想要從Netflix收到糟糕的劇集推薦,購物者在逛亞馬遜時,喜歡看到根據(jù)自己的偏好和興趣精心挑選的商品。這種個性化程度值得共享個人數(shù)據(jù)。從這個意義上說,可以將亞馬遜和Netflix視為贏家,因為它們的用戶享受正回報,不介意企業(yè)訪問數(shù)據(jù)。不過,將一家最近被罰的公司稱為“贏家”有點奇怪,這家公司正是亞馬遜,因為違反個人數(shù)據(jù)處理規(guī)則而被歐盟處以有史以來最高的罰款——8.866億美元。
蘋果也是一家因為保護用戶隱私而備受青睞的公司,致力于為消費者帶來數(shù)據(jù)透明度。如果消費者不喜歡企業(yè)不透明的隱私政策,信任就無從談起。相比之下,如果消費者相信蘋果的透明度,蘋果就將繼續(xù)穩(wěn)坐贏家寶座。然而,有消息稱,其他公司已經(jīng)能夠通過數(shù)據(jù)三角測量和設備指紋識別,繞過蘋果的隱私政策。這些秘密技術竊取足夠的私人信息,仍然可以識別你的手機、使用的應用程序,并有可能揭曉如何定位你,目前尚無辦法阻止這種窺探。
戴森(Dyson)等其他公司意外成為隱私保衛(wèi)戰(zhàn)中的開路先鋒。在戴森的隱私頁面上,不僅闡明戴森的隱私承諾,還以通俗易懂的語言明確指出公司收集的信息、為什么收集以及戴森如何保護消費者的權(quán)利。
還在努力:Robinhood
許多公司力圖糾正繁復的系統(tǒng),以便從數(shù)量驚人的應用程序中整合用戶信息。
以Robinhood為例。黑客入侵,竊取700萬賬戶持有人的個人信息。謝天謝地,收集到的數(shù)據(jù)大部分是姓名和電子郵件,表面看沒有什么危害。但轉(zhuǎn)念一想,既然是Robinhood賬戶持有人,就表示有一定的經(jīng)濟能力。不法分子就能夠利用用戶的姓名和電子郵件,編織各種各樣的電子郵件騙局,攻擊不知情的客戶。問題在于,企業(yè)對任何數(shù)據(jù)的依賴,甚至是看似無害的數(shù)據(jù),都會吸引黑客,后者以超乎尋常的黑客技術“磨刀霍霍”向用戶。
情況可能更糟。Robinhood似乎對最敏感的數(shù)據(jù)進行了加密,以至于客戶響應團隊都無法查看。公司也就襲擊事件發(fā)表聲明,并立即與主管部門聯(lián)系。
輸家:Facebook、Clubhouse及社交巨頭
Clubhouse過度收集用戶數(shù)據(jù)。該軟件用錄制用戶的聲音、對話等等,但真正失敗的地方是,該公司的防范措施近乎零。事實上,斯坦福互聯(lián)網(wǎng)觀察實驗室(Stanford Internet Observatory)發(fā)現(xiàn),Clubhouse對用戶數(shù)據(jù)太過粗心,以至于“對Clubhouse的數(shù)百萬用戶,構(gòu)成了直接的安全風險。”
可以想象,像Facebook這樣社交巨頭,收集的數(shù)據(jù)一旦用作非法用途,將對用戶的現(xiàn)實生活造成傷害。Facebook等一眾社交網(wǎng)站基本上了解你的一切:住在哪里,朋友是誰,喜歡或討厭的產(chǎn)品,去哪里旅行,如何消費,如何思考,甚至從你的帖子、照片和行為模式中推演出的深層信息。
有意見認為,雖然公司依托個人信息打造看似貼心的用戶體驗,但會利用個人數(shù)據(jù)來策劃內(nèi)容,使用戶處于一個影響日常現(xiàn)實感知的“回音室”中。如今公司正在面臨最終審判,如何修改算法、改進數(shù)據(jù)隱私做法將決定其命運。
顯然,僅有政策是不夠的,公司還必須改變他們對用戶數(shù)據(jù)的看法和經(jīng)營方式。(財富中文網(wǎng))
丹尼爾·巴伯是DataGrail的聯(lián)合創(chuàng)始人及首席執(zhí)行官。
譯者:Transn
2021年,數(shù)據(jù)隱私保衛(wèi)戰(zhàn)全面打響,蘋果推出數(shù)據(jù)隱私工具,卻遭到Facebook的抵制。TikTok試圖獲取用戶生物特征信息,在一起指控濫用數(shù)據(jù)的集體訴訟中以9200萬美元達成和解,WhatsApp更是在更改隱私政策后失去了大量用戶。就在上周,Robinhood公布了700萬客戶的個人信息被泄露的細節(jié)。
雖然消費者逐漸意識到,一眾公司大肆收集用戶個人信息,但并不清楚到底有多少數(shù)據(jù)被提取或作何用途。
為幫助大眾了解公司收集了多少數(shù)據(jù),Clario專門制作圖表,詳細顯示哪些公司收集的數(shù)據(jù)最多,收集了哪些類型的數(shù)據(jù),結(jié)果讓人大開眼界。但即使有了這些圖表,我們也無法真正了解公司如何使用這些數(shù)據(jù)。
你不得不授權(quán)Instagram訪問相機相冊,一旦授權(quán),Instagram實際獲得的圖庫訪問權(quán)限非你所能想象。Instagram會拿你的照片做什么?我們無從得知。
贏家:亞馬遜、蘋果和戴森
在最近的一項調(diào)查中,客戶表示在個人數(shù)據(jù)保護上,最信任的是亞馬遜,其次是Netflix。這表明,令人愉悅的定制化體驗能夠有效吸引用戶共享信息。沒有人想要從Netflix收到糟糕的劇集推薦,購物者在逛亞馬遜時,喜歡看到根據(jù)自己的偏好和興趣精心挑選的商品。這種個性化程度值得共享個人數(shù)據(jù)。從這個意義上說,可以將亞馬遜和Netflix視為贏家,因為它們的用戶享受正回報,不介意企業(yè)訪問數(shù)據(jù)。不過,將一家最近被罰的公司稱為“贏家”有點奇怪,這家公司正是亞馬遜,因為違反個人數(shù)據(jù)處理規(guī)則而被歐盟處以有史以來最高的罰款——8.866億美元。
蘋果也是一家因為保護用戶隱私而備受青睞的公司,致力于為消費者帶來數(shù)據(jù)透明度。如果消費者不喜歡企業(yè)不透明的隱私政策,信任就無從談起。相比之下,如果消費者相信蘋果的透明度,蘋果就將繼續(xù)穩(wěn)坐贏家寶座。然而,有消息稱,其他公司已經(jīng)能夠通過數(shù)據(jù)三角測量和設備指紋識別,繞過蘋果的隱私政策。這些秘密技術竊取足夠的私人信息,仍然可以識別你的手機、使用的應用程序,并有可能揭曉如何定位你,目前尚無辦法阻止這種窺探。
戴森(Dyson)等其他公司意外成為隱私保衛(wèi)戰(zhàn)中的開路先鋒。在戴森的隱私頁面上,不僅闡明戴森的隱私承諾,還以通俗易懂的語言明確指出公司收集的信息、為什么收集以及戴森如何保護消費者的權(quán)利。
還在努力:Robinhood
許多公司力圖糾正繁復的系統(tǒng),以便從數(shù)量驚人的應用程序中整合用戶信息。
以Robinhood為例。黑客入侵,竊取700萬賬戶持有人的個人信息。謝天謝地,收集到的數(shù)據(jù)大部分是姓名和電子郵件,表面看沒有什么危害。但轉(zhuǎn)念一想,既然是Robinhood賬戶持有人,就表示有一定的經(jīng)濟能力。不法分子就能夠利用用戶的姓名和電子郵件,編織各種各樣的電子郵件騙局,攻擊不知情的客戶。問題在于,企業(yè)對任何數(shù)據(jù)的依賴,甚至是看似無害的數(shù)據(jù),都會吸引黑客,后者以超乎尋常的黑客技術“磨刀霍霍”向用戶。
情況可能更糟。Robinhood似乎對最敏感的數(shù)據(jù)進行了加密,以至于客戶響應團隊都無法查看。公司也就襲擊事件發(fā)表聲明,并立即與主管部門聯(lián)系。
輸家:Facebook、Clubhouse及社交巨頭
Clubhouse過度收集用戶數(shù)據(jù)。該軟件用錄制用戶的聲音、對話等等,但真正失敗的地方是,該公司的防范措施近乎零。事實上,斯坦福互聯(lián)網(wǎng)觀察實驗室(Stanford Internet Observatory)發(fā)現(xiàn),Clubhouse對用戶數(shù)據(jù)太過粗心,以至于“對Clubhouse的數(shù)百萬用戶,構(gòu)成了直接的安全風險。”
可以想象,像Facebook這樣社交巨頭,收集的數(shù)據(jù)一旦用作非法用途,將對用戶的現(xiàn)實生活造成傷害。Facebook等一眾社交網(wǎng)站基本上了解你的一切:住在哪里,朋友是誰,喜歡或討厭的產(chǎn)品,去哪里旅行,如何消費,如何思考,甚至從你的帖子、照片和行為模式中推演出的深層信息。
有意見認為,雖然公司依托個人信息打造看似貼心的用戶體驗,但會利用個人數(shù)據(jù)來策劃內(nèi)容,使用戶處于一個影響日常現(xiàn)實感知的“回音室”中。如今公司正在面臨最終審判,如何修改算法、改進數(shù)據(jù)隱私做法將決定其命運。
顯然,僅有政策是不夠的,公司還必須改變他們對用戶數(shù)據(jù)的看法和經(jīng)營方式。(財富中文網(wǎng))
丹尼爾·巴伯是DataGrail的聯(lián)合創(chuàng)始人及首席執(zhí)行官。
譯者:Transn
2021 has been the year of data privacy headlines, thanks in large part to Apple’s data privacy tool and Facebook’s resistance to it. Think TikTok’s move to acquire users’ biometric information, its $92 million settlement in a class-action suit alleging misuse of data, or when WhatsApp lost a massive number of users upon changing its privacy policy. Just last week, Robinhood released details that the personal information of 7 million of its customers was compromised.
Consumers are waking up to the fact that companies collect a lot of personal information about them. But they may not be fully aware of exactly how much data is being pulled or how it is being used.
To help people fully grasp just how much data companies have on them, Clario put together fascinating charts detailing which companies are gathering the most data and exactly what types they are collecting. It’s pretty eye-opening. But even with such information, we don’t have any real insight into how these companies use the data.
You’re going to provide Instagram access to your camera roll. By granting that permission, Instagram could gain more access to your library than you intended. What is it doing with all of your pictures? We have no idea.
Winners: Amazon, Apple, and Dyson
In a recent survey, customers said they trust Amazon most with their personal data, closely followed by Netflix. This suggests that a nice, customizable experience can go a long way in the effort to woo users to share information. No one wants bad Netflix recommendations, and shoppers love to see items curated to their tastes and interests as part of their Amazon experience. This level of personalization is worth sharing personal data. In this sense, Amazon and Netflix could be considered winners because their users don’t mind allowing access to data because of what they receive in return. Yet it feels a bit odd to call a company a privacy “winner” that was recently slapped with a record $886.6 million EU fine for violating rules on processing personal data, as Amazon was.
Apple is another company typically viewed quite favorably for its data privacy stance because it has endeavored to bring data transparency to consumers. If consumers dislike others’ opaque privacy policies, trust evaporates. But if they believe Apple, by contrast, is being transparent with them, the company will continue to be perceived as a privacy winner. However, information is surfacing which shows that companies have been able to skirt Apple’s guidelines by data triangulation and device fingerprinting. These stealthy techniques provide enough unique information to still identify your phone, what apps you use, and potentially provide insights into how to target you—and there is no way to stop it.
Other companies, such as Dyson, stand out as unexpected privacy trailblazers. On its privacy page, not only is there a message outlining Dyson’s privacy commitment, but the company also very clearly highlights what information it collects, why, and how Dyson protects consumers’ rights, in a manner that can be quickly and easily understood.
Work in progress: Robinhood
Many companies are trying hard to rectify very complex systems that integrate user information across a surprisingly high volume of applications.
Take Robinhood for example. A hacker was able to gain access to the personal information of 7 million account holders. Thankfully, data collected, for the most part, was limited to names and emails, which seems harmless enough on the surface. But hackers are smart, and knowing that these individuals are Robinhood account holders suggests a certain financial profile. Their names and emails can then be used by bad actors to target them in various email schemes that can harm unknowing customers. The problem is that hanging on to any data, even seemingly innocuous data, makes the organization enticing to hackers who are broadening their techniques with extraordinary speed and precision.
It could have been much worse. It appears Robinhood encrypted the most sensitive data to such a degree that even its customer response teams couldn’t view it. The company was also transparent about the attack and contacted authorities immediately.
Losers: Facebook, Clubhouse, and the social powerhouses
Clubhouse has very aggressive data collection practices. It’s recording your voice, your conversations, and a whole lot more, but where it really fails is that the company is taking next to zero precautions with that data. In fact, the Stanford Internet Observatory (SIO) found that Clubhouse was so careless with user data that it posed “immediate security risks to Clubhouse’s millions of users.”
Then you can look at cases like Facebook, where it’s clear that data collection practices cause another kind of real-world harm. Facebook and its other social properties know essentially everything about you: where you live, who your friends are, the products you love or hate, where you travel, how you spend, how you think, and much, much more based on your posts, pictures, and patterns.
One could argue that the company uses this information to create amazingly personal experiences, but it uses personal data to curate content, placing people in a bit of an echo chamber that affects their day-to-day perception of reality. Now the company is facing a reckoning. How it amends its algorithms and changes its data privacy practices will determine its fate.
What is clear is that just having a policy isn't enough. Organizations must change how they think about user data and how they conduct business.
Daniel Barber Is the CEO and cofounder of DataGrail.
財富中文網(wǎng)所刊載內(nèi)容之知識產(chǎn)權(quán)為財富媒體知識產(chǎn)權(quán)有限公司及/或相關權(quán)利人專屬所有或持有。未經(jīng)許可,禁止進行轉(zhuǎn)載、摘編、復制及建立鏡像等任何使用。
