Open Door

The de­mand for data-based ser­vice and per­son­al­ized travel can un­der­mine your e-pri­vacy

Business Traveler (USA) - - FRONT PAGE - By Jenny Southan

Shar­ing travel data can un­der­mine your pri­vacy

I was re­cently hav­ing din­ner in a ho­tel restau­rant in Italy where I was served by a slightly over-fa­mil­iar waiter. When I re­turned to my room later that evening, I found he had re­quested to be my friend on Face­book, de­spite the fact hadn’t even told him my name, let alone shown any signs of want­ing to get to know him on a per­sonal level.

I was spooked – but re­gard­less of how he found out who I was, I re­al­ized that had he typed my name into Google, he would have been able to see where I worked, my job ti­tle, which city I lived in, ar­ti­cles I had writ­ten, my ca­reer his­tory, where I went to univer­sity, what train­ing I’d re­ceived, photographs and videos I had taken, things I liked, tweets I had posted and places I had been. All in­for­ma­tion I have vol­un­tar­ily shared online – enough to al­low any­one to build a pro­file of me if they cared to do so. When was the last time you Googled your­self? Even if noth­ing much comes up, don’t imag­ine you can re­lax. Think about the in­for­ma­tion you freely give away on a daily ba­sis but that might not show up in a web search – whether it’s when book­ing a flight, sign­ing up for a loy­alty pro­gram, down­load­ing an app, fill­ing in a cus­tomer sur­vey form or send­ing an e-mail. Then con­sider how th­ese rou­tine en­tries con­trib­ute to your data shadow.

Of course, the is­sue of main­tain­ing e-pri­vacy is wor­ry­ing, but the re­al­ity is that it is al­most im­pos­si­ble to live and work in the mod­ern world with­out shar­ing per­sonal data. The ques­tions you have to ask your­self are how much is worth shar­ing, what you get in re­turn and how you can pro­tect your­self.

Dis­crete Data

Fu­tur­ist Juan En­riquez gave a TED lec­ture in Fe­bru­ary en­ti­tled “Your online life – per­ma­nent as a tat­too.” He pre­sented the idea that our dig­i­tal selves will out­live our phys­i­cal selves, and our data may re­veal more about us than we’d like to be­lieve.

“What hap­pens if Face­book, Twit­ter, Google, LinkedIn, cell phones, GPS, Foursquare, Yelp, Easy Pass, se­cu­rity cam­eras, Wikipedia, credit scores, credit cards… all th­ese things we deal with ev­ery day, turn out to be elec­tronic tat­toos?” En­riquez asks. He also posits what could

Tech­nol­ogy is har­ness­ing data in cre­ative ways – and there is plenty of po­ten­tial for ap­ply­ing it to travel

hap­pen when fa­cial recog­ni­tion gets so ac­cu­rate that you could take a photo of a man in a bar on your smart­phone and in­stantly down­load his name and records, giv­ing you his life story, be­cause he is “plas­tered by elec­tronic tat­toos.”

Think it will never hap­pen? Is­raeli fa­cial recog­ni­tion soft­ware com­pany face.com has al­ready “dis­cov­ered” 18 bil­lion faces online. And in June last year it was sold to Face­book.

“Up un­til very re­cently, ev­ery­one as­sumed data was dis­crete,” says Jane Frost, chief ex­ec­u­tive of the Mar­ket Re­search So­ci­ety. “But data al­go­rithms can ac­tu­ally put th­ese things to­gether and start to un­der­stand to an in­di­vid­ual level the per­son whose data it is.You might have thought you were just a piece of dig­i­tal data but with fa­cial match­ing, Face­book can do a hell of a lot to tell who you are. [What’s more], you can never be for­got­ten. Your mis­deeds or in­dis­cre­tions when you were young can come back to bite you when you are older.”

Cut­ting-edge tech­nol­ogy is al­ready be­gin­ning to harness data in cre­ative ways, be it through Google Glass (voice­ac­ti­vated aug­mented re­al­ity spec­ta­cles that per­form like a smart­phone), so­cial book­ing plat­forms, or RFID (ra­dio fre­quency iden­ti­fi­ca­tion) tags. And there is plenty of po­ten­tial for ap­ply­ing it to the world of travel – in fact, in­no­va­tive ho­tels and air­lines are al­ready dab­bling in it in an at­tempt to im­prove or per­son­al­ize the cus­tomer ex­pe­ri­ence.

In Ibiza, the Ushuaia Beach ho­tel en­ables par­ty­go­ers to “so­cial­ize” their ex­pe­ri­ences on Face­book in real time by tap­ping RFID wrist­bands on spe­cial screens around the re­sort that au­to­mat­i­cally log them into the net­work. Ac­cord­ing to travel tech­nol­ogy web site tnooz.com, “all con­tent cap­tured us­ing the ho­tel’s swipe ma­chines [is] also col­lected on the ho­tel’s own Face­book page” and “guests will be en­cour­aged to tag them­selves in each of their pic­tures.” Think that’s weird? You can also pay for food and drinks with just your fin­ger­prints.

In Las Ve­gas, the Aria Re­sort and Casino hands out dig­i­tal menus in its restau­rants so, ac­cord­ing to Paul Berry, vice-pres­i­dent of ho­tel op­er­a­tions, it can “un­der­stand what peo­ple like, what is pop­u­lar and what is visu­ally stim­u­lat­ing.” It also stores in­for­ma­tion on what tem­per­a­ture, light­ing

lev­els, “cur­tain op­er­a­tions ”and wake-up alarm sounds they pre­fer in their room.

The de­mand for per­son­al­ized ser­vice, par­tic­u­larly within the high-end mar­ket, has seen a rise in travel com­pa­nies us­ing your data to cre­ate guest pro­files. Some air­lines and ho­tels are tak­ing this fur­ther. Bri­tish Air­ways has given iPads to se­nior cabin crew so they can ac­cess im­por­tant pas­sen­gers’ Ex­ec­u­tive Club sta­tus, on­ward jour­ney, meal pref­er­ences and pre­vi­ous travel ex­pe­ri­ences, and find out what pas­sen­gers look like on Google Im­ages so they can rec­og­nize them. The ITC Grand Chola ho­tel in Chen­nai, mean­while, has placed RFID scan­ners in the cor­ri­dors that read your room key as you pass by, then send an alert to the phones of nearby staff with your name, photo and other per­sonal de­tails.

You may also be fa­mil­iar with a new breed of online so­cial seat­ing plat­form, such as KLM’s Meet and Seat, which essen­tially en­ables you to choose who you sit next to on a plane based on data from their LinkedIn or Face­book pro­file. Some will even pair you up au­to­mat­i­cally with some­one an al­go­rithm has de­cided will be a good match.

Ser­gio Mello is co-founder and chief ex­ec­u­tive of busi­ness-to-busi­ness plat­form sat­is­fly.com, which has teamed up with Air Baltic to of­fer a ser­vice for find­ing a com­pat­i­ble pas­sen­ger to sit with on the car­rier’s flights. “We can see the brands you like, the com­pa­nies you have worked for, the check-ins you have made, the peo­ple you have in com­mon, ”he said.“It is a tool to im­prove your ex­pe­ri­ence – your de­tails are not pub­lished, we just match your data with other peo­ple.”

Seat ID is a sim­i­lar B2B ser­vice that was launched ear­lier this year, and is de­signed to harness the in­for­ma­tion you share on so­cial net­works to en­hance your book­ing ex­pe­ri­ence. As well as air­lines, it also of­fers ap­pli­ca­tions for ho­tels and trains, and is in talks with “one of the big­gest train op­er­a­tors in Europe.”

Eran Savir, chief ex­ec­u­tive and cofounder, ex­plains how it works: “We have a wid­get that asks you to log in – af­ter you do this, it fol­lows you on the web and when you make a reser­va­tion we take this in­for­ma­tion – we know who you are – and show oth­ers.

“If you opt in, we get ac­cess to your pro­file, but what is vis­i­ble is de­fined by your own pri­vacy set­tings. If you are on Ex­pe­dia book­ing a ho­tel in Bangkok but are not sure which one to choose, we put a small wid­get next to each ho­tel to show you who else that you know has stayed there. All of a sud­den this is an im­por­tant fac­tor in your de­ci­sion-mak­ing process – so­cial proof­ing.”

The Way the Cookie Crum­bles

Many of th­ese data-based ser­vices are optin, so what trav­el­ers should re­ally be aware of is the per­va­sive har­vest­ing and sub­tle col­la­tion of per­sonal in­for­ma­tion that takes place online in your day-to-day life. Much of it is for your own ben­e­fit, sav­ing you time and mak­ing sites eas­ier to nav­i­gate – but you won’t al­ways be aware of what is tak­ing place be­hind the scenes or have any con­trol over what hap­pens to your data once you have shared it.

Con­sider how cook­ies store your ac­tiv­ity so that when re­turn­ing to an air­line web site, for ex­am­ple, it re­mem­bers what flight you were search­ing for or your loy­alty scheme lo­gin in­for­ma­tion, and tai­lors of­fers to suit you. This can be a use­ful fea­ture, but as soon as this in­for­ma­tion is passed on to third par­ties, it gets murky.

“You might click on an ad­vert and then your in­for­ma­tion is passed to other par­ties,” says Lind­sey Greig, chief ex­ec­u­tive of global e-pri­vacy con­sul­ta­tion ser­vice Data Guid­ance. “Sud­denly, your data is shared with a com­pany in the US, a com­pany in Rus­sia and a com­pany in In­dia with­out you re­ally be­ing aware that that is tak­ing place.”

Ac­cord­ing to BA’s pri­vacy pol­icy: “Cook­ies are used to en­able us to present ap­pro­pri­ate mes­sages to our cus­tomers. For ex­am­ple, to al­low [us] to serve up dif­fer­ent ver­sions of a page for mar­ket­ing pur­poses, con­trol in­vi­ta­tions for in­stant credit card of­fers, al­low third par­ties to dis­play ap­pro­pri­ate ad­ver­tis­ing and to track its ef­fec­tive­ness, and dis­play mes­sages which of­fer a se­lec­tion of prod­ucts based on what you’re view­ing, which are pre­sented to you by our agency when you visit other se­lected web sites.”

How­ever, it also says: “You can choose to opt out of this type of ad­ver­tis­ing per­ma­nently by go­ing to net­workad­ver­tis­ing.org/choices. Please note, though, that if you delete your cook­ies too, we’ll no longer know that you’ve opted out, so the ban­ners from our third-party will reap­pear when you visit other se­lected web sites.”

What else could your data be used for? Dis­con­cert­ingly, it lists: “Ac­count­ing, billing and au­dit, credit or other pay­ment card ver­i­fi­ca­tion and anti-fraud screen­ing, im­mi­gra­tion and cus­toms con­trol, safety, se­cu­rity, health, ad­min­is­tra­tive and le­gal pur­poses, sta­tis­ti­cal and mar­ket­ing anal­y­sis, op­er­a­tion of fre­quent flyer pro­grams, sys­tems test­ing, main­te­nance and de­vel­op­ment, cus­tomer sur­veys,

cus­tomer re­la­tions, and to help us in any fu­ture deal­ings with you, for ex­am­ple by iden­ti­fy­ing your re­quire­ments and pref­er­ences. ”Other ma­jor air­lines carry sim­i­lar state­ments on their web sites.

“Data is the new oil ”was a phrase coined by Bri­tish data com­mer­cial­iza­tion en­tre­pre­neur Clive Huby in 2006 to re­flect the fi­nan­cial im­por­tance this new com­mod­ity has. Ac­cord­ing to IBM, the world’s pop­u­la­tion cre­ates 2.5 quin­til­lion (one fol­lowed by 18 ze­ros) bytes of data a day. What’s more, 90 per­cent of data in ex­is­tence has been cre­ated in the past two years alone. It’s no won­der that all of this has been branded Big Data, and its per­ceived value has even led to the mind- blow­ingly Her­culean task of ar­chiv­ing the en­tire dig­i­tal universe.

In the US, the Li­brary of Congress has now archived more than 170 bil­lion tweets. (Don’t for­get just how big one bil­lion ac­tu­ally is – if one mil­lion sec­onds is 12 days, one bil­lion sec­onds is 31.7 years.) Though what use th­ese bil­lions of 140-char­ac­ter mus­ings will have is yet to be seen. In April, the Bri­tish Li­brary was granted the right to pre­serve the en­tire UK web space with about a petabyte of data stored over ten years – that’s 100 ter­abytes a year, or one bil­lion pages a day stored for all of pos­ter­ity.

“Clearly, data – the right sort of data, I would have to em­pha­size – helps busi­nesses and gov­ern­ments to un­der­stand what their cus­tomers and gen­eral pub­lic are do­ing, and help them com­mu­ni­cate in a tar­geted fash­ion, ”Frost says. “We have soft­ware that can col­lect and de­liver it al­most in­stan­ta­neously so we can use it to frame de­ci­sion-mak­ing about pric­ing.”

As we are all well aware, not all data is be­ing col­lected in eth­i­cal ways, or with noble in­ten­tions. Se­cu­rity breaches and heated de­bate over pri­vacy set­tings is com­mon­place. Face­book is rarely out of the head­lines and June bore wit­ness to a par­tic­u­larly ou­tra­geous scan­dal re­gard­ing de­tails leaked by a for­mer CIA tech­ni­cal worker claim­ing that the US Na­tional Se­cu­rity Agency had been us­ing a top--

se­cret pro­gram called Prism to col­lect cit­i­zens’ e-mails, phone calls, so­cial me­dia mes­sages, pho­tos and doc­u­ments by ac­cess­ing the su­per mega-servers of Ap­ple, Face­book, Mi­crosoft, Ya­hoo, Skype, You Tube and Google.

A num­ber of com­pa­nies were quick to is­sue de­nials but there is lit­tle doubt that many of us have been un­der sur­veil­lance, and will con­tinue to be so as gov­ern­ments con­tinue hap­haz­ardly to jug­gle civil lib­er­ties and se­cu­rity.

You Are the Prod­uct

Be­fore you panic, in the EU steps have been, and con­tinue to be, taken to safe­guard peo­ple’s e-pri­vacy, but bear in mind that leg­is­la­tion is com­plex, evolv­ing and ar­guably al­ways go­ing to be out of date as tech­nol­ogy ad­vances so fast. A spokesper­son for the Of­fice of the In­for­ma­tion Com­mis­sioner says: “Any or­ga­ni­za­tion that pro­cesses per­sonal data in the UK must com­ply with the UK Data Pro­tec­tion Act. The act places le­gal obli­ga­tions on or­ga­ni­za­tions that help to en­sure that they are look­ing af­ter peo­ple’s in­for­ma­tion cor­rectly; this in­cludes mak­ing sure that the in­for­ma­tion is se­cure and that or­ga­ni­za­tions are open with users about how their in­for­ma­tion will be used.”

At once rec­og­niz­ing that pro­tect­ing your per­sonal data is a fun­da­men­tal right, and that the free flow of per­sonal data is a com­mon good, EU law states that “per­sonal data can only be gath­ered legally un­der strict con­di­tions, for a le­git­i­mate pur­pose” and “you have the right to com­plain and ob­tain re­dress if your data is mis­used any­where in the EU.”

There is even an ini­tia­tive be­ing dis­cussed as part of the EU’s Gen­eral Data Pro­tec­tion Reg­u­la­tion that will al­low peo­ple “the right to be for­got­ten”– where all their de­tails can be deleted from cy­berspace if they so choose. This will be­come a more per­ti­nent is­sue as peo­ple be­come savvier about online rep­u­ta­tion and their “dig­i­tal tat­toos.”

In May 2012, leg­is­la­tion was passed that meant web sites had to get con­sent from users be­fore in­stalling cook­ies on their sys­tems, but it was then changed to a sim­ple warn­ing on the web­site and tacit con­sent was agreed to be enough. But this is not good enough for many peo­ple – ac­cord­ing to a 2011 sur­vey of 4,000 mo­bile phone users by Fu­ture sight for trade body GSMA, 84 per­cent wanted to be able to choose whether to re­ceive ad­ver­tis­ing based on their brows­ing be­hav­ior.

Se­lect­ing “Do Not Track ”in your browser set­tings is one so­lu­tion to this prob­lem – In­ter­net Ex­plorer, Sa­fari, Opera, Fire­fox and Google Chrome sup­port var­i­ous meth­ods of track­ing pro­tec­tion. Ac­cord­ing to Fire­fox, when the fea­ture is en­abled, it will tell ad­ver­tis­ing net­works and other web­sites that you want to opt out of track­ing for pur­poses like “be­hav­ioral ad­ver­tis­ing. ”But Do Not Track “may in­ter­fere with some per­son­al­ized ser­vices you en­joy.”

This might sound like a rea­son­able com­pro­mise, but in April, an ar­ti­cle on wired.com by Peter Swire warned: “With­out ef­fec­tive tar­get­ing and track­ing, ad­ver­tis­ers ar­gue ad rev­enue could plum­met and lead to the shut­ter­ing of many pop­u­lar web sites that rely on third-party ads as their pri­mary source of rev­enue. ”And an “arms race” could be­gin whereby “the dig­i­tal cook­ies cur­rently used to track user habits are blocked by the browsers – only to have the ad­ver­tis­ers re­spond with even more so­phis­ti­cated track­ing meth­ods like dig­i­tal fin­ger­print­ing.”

So what can you do? “Peo­ple need to be aware, ”Frost says. “They don’t need to be fright­ened, but they need to take a grownup at­ti­tude to­wards this. If you get value from giv­ing your data away, do it with care. If so­ci­ety ben­e­fits from your data, do it with care be­cause if you let your data go astray it’s very dif­fi­cult to re­trieve it.You should give it away to some­one who will re­spect it, and for some­thing that you value.”

Greig agrees: “If some­thing is free on the web, then you’re the prod­uct. Some­body’s got to be able to make money to pay for th­ese free ser­vices, and they’re do­ing it by shar­ing data with some­body else. That’s fine if peo­ple ac­cept that trade-off. Where it be­comes tricky is when peo­ple aren’t aware of what’s go­ing on.” BT

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.