Back in 1988, journalist Adam Tanner was the victim of what he calls pre-internet era, "old fashioned data gathering".
While in Dresden – then still a part of communist East Germany – spending a day researching for a Frommer travel guide, Tanner was tailed by a rotating pack of 10 Stasi secret police agents, who diligently recorded his every activity, unbeknownst to him.
Years later, after the fall of the Berlin Wall and German reunification, Tanner, out of curiosity, requested any files held on him from that era. He was stunned to find a whole dossier of observations, surreptitious photos, and interviews with chance people he’d spoken to.
“There were 60 pages just for that day,” he says.
But, as he notes in his new book, What Stays in Vegas: The World of Personal Data – Lifeblood of Big Business – and the End of Privacy as We Know It, "by contrast, in today's world, companies are gathering data on us all, and in many cases they know far more than those agents that followed me."
And that’s the starting point for a compelling read on what companies are doing, how they get our information, what they do with it, and how some business approaches are more respectful of privacy than others.
Tanner explains to The Irish Times that his idea for the book emerged out of several different personal experiences. For a start, he was struck by the ironic comparison between his East German experience and commonplace corporate data gathering.
Having served as a Reuters journalist in the Soviet Union during some of that country's greyest days, he was fascinated by the sparkle and glitz of American hard- sell culture, especially in Las Vegas. And, as bureau chief for Reuters in San Francisco, he'd become familiar with using database services to get fast, detailed contact and other personal information on individuals.
“I began to think, how is this data gathered on everyone, and no one seems exempt,” he says. “And I began to wonder, who were these people gathering the data? I wanted to look at the entrepreneurs and companies behind the collection of data.”
It turns out that Sin City – good old Las Vegas – produces a lot of information for those data dossiers. More people are married in Vegas than in any other city, and it’s also a centre for divorces, so that information goes into accessible public records, Tanner says.
Las Vegas is also home to some of the most sophisticated loyalty card schemes in the world, rewarding gamblers with free flights, free or reduced rate hotel rooms, free meals and other perks.
“It also has some distinct attributes, such as more cameras in private spaces than anywhere else,” he says.
A big casino might have 3,000 to 5,000 cameras on premises, watching employees, gamblers, hotel open spaces, restaurant kitchens, dealers and more. Some 60,000 people a day may pass through a single mega-casino, which also might have thousands of hotel rooms.
“The key thing is, a lot of this kind of data has good uses – it might help recover someone’s lost bag, for example – but it also has uses that can cause discomfort for people.”
What he hones in on in the book is the use of customer data for casino incentive programmes, where people have a loyalty swipe card they can – and do – use at every stage of their casino visit.
“At every turn you have an incentive to use that card. You can stick it into a slot machine, you can hand it to a waiter, a croupier, or to a cashier. At the end of the day they know what games you like, how long you sit, what food you like. It’s very detailed information.”
They want these details because it enables them to tailor a visit to a customer, increasing the likelihood that the gambler will remain in that one casino. For example, if they see that you’re losing more than statistically is normal at the slots, they might send a steward over with coupons for dinner, he says.
All this attention results from the insight of ex-Harvard Business School professor and statistics geek Gary Loveman, now the CEO of casino conglomerate Caesars Entertainment. He realised that the annual accumulated spend of small gamblers often exceeds what the "whales", the high rollers, drop in a year in a casino. Yet they tended to be "promiscuous", roaming around various casinos, and they were never treated like VIPs.
The loyalty card scheme enabled the precise value of a customer to be understood while encouraging each one, via rewards and recognition, to remain within the Caesar’s domain.
Tanner believes the casino loyalty programmes are an example of good data practice as, while they obtain detailed information, people have a choice of whether to participate, and the casinos do not share or sell the data (because they do not want anyone else acquiring their valuable customers, he says).
He’s not as sanguine about the companies – especially the big data brokers – that buy and sell your data. We all tend to be at least somewhat aware of the fact that social media and internet companies use our data to market to us, but we’re less aware that many sell that data – often, very sensitive and revealing information – to others, he says.
Big data broker companies – Acxiom, Experion, Epsilon – collect our data into collections of detailed information, all for sale.
“They may have hundreds and hundreds of data points on any one consumer, and they put it all into a dossier,” says Tanner.
Where do they get the data from? Some is publicly available information, some is gathered from real-world and online retailers, or from advertisers that track an individual’s web activity through the use of cookies placed on computers and devices.
Some of the more alarming lists for sale that Tanner came across included “lists of people sorted by various medical ailments. For example, you can buy a list of two million men suffering from erectile dysfunction.”
More questionable is one of 7,000 US high school students who are gay. That list was compiled from information students freely gave at a popular website that helps students – mostly still minors – find university scholarships. Tanner says students fill out highly detailed questionnaires that include a question on sexual preference. The site says it shares the information it gathers, “but it’s not really clear that this list may be sold by the second arm of the company”, a data broker.
Much data is also gathered from the “free” online services that many use.
"If the product or service is free on the internet, it's likely that data gathering is part of the company's business model. At Facebook, they make money by using data to sell advertising. At Gmail, they do it by searching keywords [IN YOUR MAIL]," he says.
As he worked on the book, he was surprised at both the extent of data gathering online, and at some of the sites that did the gathering – like former Led Zeppelin guitarist Jimmy Page's website, which requires fans to register just to get past the opening splash page.
"So, if Jimmy Page is gathering information about you, you can imagine how many businesses and industries are collecting it."
He thinks it would be interesting to see what the take-up would be like if there were two variants of a service or product - say, a Facebook that was free, but markets your data, and a subscription Facebook that does not.
“Probably very few people would go for the paid variant,” he muses.
He says companies could do much better in informing people of what they collect and how they use that data, noting that a simple panel similar to the nutrition information given on food would be far better than website privacy policy documents that run up to 5,000 words long that no one reads.
Products with better privacy protection might require a bit more work from users, and might be more unwieldy, “but a weaker approach can lead to more unfortunate consequences,” he says.
“The bottom line in the book is, people should give some thought to how they share their data, and decide how comfortable they are sharing,” Tanner advises.
“And if you’re buying a product that is more sensitive, maybe you want to go to a store and pay cash.”