The demand for data-based service and personalized travel can undermine your e-privacy
Sharing travel data can undermine your privacy
I was recently having dinner in a hotel restaurant in Italy where I was served by a slightly over-familiar waiter. When I returned to my room later that evening, I found he had requested to be my friend on Facebook, despite the fact hadn’t even told him my name, let alone shown any signs of wanting to get to know him on a personal level.
I was spooked – but regardless of how he found out who I was, I realized that had he typed my name into Google, he would have been able to see where I worked, my job title, which city I lived in, articles I had written, my career history, where I went to university, what training I’d received, photographs and videos I had taken, things I liked, tweets I had posted and places I had been. All information I have voluntarily shared online – enough to allow anyone to build a profile of me if they cared to do so. When was the last time you Googled yourself? Even if nothing much comes up, don’t imagine you can relax. Think about the information you freely give away on a daily basis but that might not show up in a web search – whether it’s when booking a flight, signing up for a loyalty program, downloading an app, filling in a customer survey form or sending an e-mail. Then consider how these routine entries contribute to your data shadow.
Of course, the issue of maintaining e-privacy is worrying, but the reality is that it is almost impossible to live and work in the modern world without sharing personal data. The questions you have to ask yourself are how much is worth sharing, what you get in return and how you can protect yourself.
Futurist Juan Enriquez gave a TED lecture in February entitled “Your online life – permanent as a tattoo.” He presented the idea that our digital selves will outlive our physical selves, and our data may reveal more about us than we’d like to believe.
“What happens if Facebook, Twitter, Google, LinkedIn, cell phones, GPS, Foursquare, Yelp, Easy Pass, security cameras, Wikipedia, credit scores, credit cards… all these things we deal with every day, turn out to be electronic tattoos?” Enriquez asks. He also posits what could
Technology is harnessing data in creative ways – and there is plenty of potential for applying it to travel
happen when facial recognition gets so accurate that you could take a photo of a man in a bar on your smartphone and instantly download his name and records, giving you his life story, because he is “plastered by electronic tattoos.”
Think it will never happen? Israeli facial recognition software company face.com has already “discovered” 18 billion faces online. And in June last year it was sold to Facebook.
“Up until very recently, everyone assumed data was discrete,” says Jane Frost, chief executive of the Market Research Society. “But data algorithms can actually put these things together and start to understand to an individual level the person whose data it is.You might have thought you were just a piece of digital data but with facial matching, Facebook can do a hell of a lot to tell who you are. [What’s more], you can never be forgotten. Your misdeeds or indiscretions when you were young can come back to bite you when you are older.”
Cutting-edge technology is already beginning to harness data in creative ways, be it through Google Glass (voiceactivated augmented reality spectacles that perform like a smartphone), social booking platforms, or RFID (radio frequency identification) tags. And there is plenty of potential for applying it to the world of travel – in fact, innovative hotels and airlines are already dabbling in it in an attempt to improve or personalize the customer experience.
In Ibiza, the Ushuaia Beach hotel enables partygoers to “socialize” their experiences on Facebook in real time by tapping RFID wristbands on special screens around the resort that automatically log them into the network. According to travel technology web site tnooz.com, “all content captured using the hotel’s swipe machines [is] also collected on the hotel’s own Facebook page” and “guests will be encouraged to tag themselves in each of their pictures.” Think that’s weird? You can also pay for food and drinks with just your fingerprints.
In Las Vegas, the Aria Resort and Casino hands out digital menus in its restaurants so, according to Paul Berry, vice-president of hotel operations, it can “understand what people like, what is popular and what is visually stimulating.” It also stores information on what temperature, lighting
levels, “curtain operations ”and wake-up alarm sounds they prefer in their room.
The demand for personalized service, particularly within the high-end market, has seen a rise in travel companies using your data to create guest profiles. Some airlines and hotels are taking this further. British Airways has given iPads to senior cabin crew so they can access important passengers’ Executive Club status, onward journey, meal preferences and previous travel experiences, and find out what passengers look like on Google Images so they can recognize them. The ITC Grand Chola hotel in Chennai, meanwhile, has placed RFID scanners in the corridors that read your room key as you pass by, then send an alert to the phones of nearby staff with your name, photo and other personal details.
You may also be familiar with a new breed of online social seating platform, such as KLM’s Meet and Seat, which essentially enables you to choose who you sit next to on a plane based on data from their LinkedIn or Facebook profile. Some will even pair you up automatically with someone an algorithm has decided will be a good match.
Sergio Mello is co-founder and chief executive of business-to-business platform satisfly.com, which has teamed up with Air Baltic to offer a service for finding a compatible passenger to sit with on the carrier’s flights. “We can see the brands you like, the companies you have worked for, the check-ins you have made, the people you have in common, ”he said.“It is a tool to improve your experience – your details are not published, we just match your data with other people.”
Seat ID is a similar B2B service that was launched earlier this year, and is designed to harness the information you share on social networks to enhance your booking experience. As well as airlines, it also offers applications for hotels and trains, and is in talks with “one of the biggest train operators in Europe.”
Eran Savir, chief executive and cofounder, explains how it works: “We have a widget that asks you to log in – after you do this, it follows you on the web and when you make a reservation we take this information – we know who you are – and show others.
“If you opt in, we get access to your profile, but what is visible is defined by your own privacy settings. If you are on Expedia booking a hotel in Bangkok but are not sure which one to choose, we put a small widget next to each hotel to show you who else that you know has stayed there. All of a sudden this is an important factor in your decision-making process – social proofing.”
The Way the Cookie Crumbles
Many of these data-based services are optin, so what travelers should really be aware of is the pervasive harvesting and subtle collation of personal information that takes place online in your day-to-day life. Much of it is for your own benefit, saving you time and making sites easier to navigate – but you won’t always be aware of what is taking place behind the scenes or have any control over what happens to your data once you have shared it.
Consider how cookies store your activity so that when returning to an airline web site, for example, it remembers what flight you were searching for or your loyalty scheme login information, and tailors offers to suit you. This can be a useful feature, but as soon as this information is passed on to third parties, it gets murky.
“You might click on an advert and then your information is passed to other parties,” says Lindsey Greig, chief executive of global e-privacy consultation service Data Guidance. “Suddenly, your data is shared with a company in the US, a company in Russia and a company in India without you really being aware that that is taking place.”
However, it also says: “You can choose to opt out of this type of advertising permanently by going to networkadvertising.org/choices. Please note, though, that if you delete your cookies too, we’ll no longer know that you’ve opted out, so the banners from our third-party will reappear when you visit other selected web sites.”
What else could your data be used for? Disconcertingly, it lists: “Accounting, billing and audit, credit or other payment card verification and anti-fraud screening, immigration and customs control, safety, security, health, administrative and legal purposes, statistical and marketing analysis, operation of frequent flyer programs, systems testing, maintenance and development, customer surveys,
customer relations, and to help us in any future dealings with you, for example by identifying your requirements and preferences. ”Other major airlines carry similar statements on their web sites.
“Data is the new oil ”was a phrase coined by British data commercialization entrepreneur Clive Huby in 2006 to reflect the financial importance this new commodity has. According to IBM, the world’s population creates 2.5 quintillion (one followed by 18 zeros) bytes of data a day. What’s more, 90 percent of data in existence has been created in the past two years alone. It’s no wonder that all of this has been branded Big Data, and its perceived value has even led to the mind- blowingly Herculean task of archiving the entire digital universe.
In the US, the Library of Congress has now archived more than 170 billion tweets. (Don’t forget just how big one billion actually is – if one million seconds is 12 days, one billion seconds is 31.7 years.) Though what use these billions of 140-character musings will have is yet to be seen. In April, the British Library was granted the right to preserve the entire UK web space with about a petabyte of data stored over ten years – that’s 100 terabytes a year, or one billion pages a day stored for all of posterity.
“Clearly, data – the right sort of data, I would have to emphasize – helps businesses and governments to understand what their customers and general public are doing, and help them communicate in a targeted fashion, ”Frost says. “We have software that can collect and deliver it almost instantaneously so we can use it to frame decision-making about pricing.”
As we are all well aware, not all data is being collected in ethical ways, or with noble intentions. Security breaches and heated debate over privacy settings is commonplace. Facebook is rarely out of the headlines and June bore witness to a particularly outrageous scandal regarding details leaked by a former CIA technical worker claiming that the US National Security Agency had been using a top--
secret program called Prism to collect citizens’ e-mails, phone calls, social media messages, photos and documents by accessing the super mega-servers of Apple, Facebook, Microsoft, Yahoo, Skype, You Tube and Google.
A number of companies were quick to issue denials but there is little doubt that many of us have been under surveillance, and will continue to be so as governments continue haphazardly to juggle civil liberties and security.
You Are the Product
Before you panic, in the EU steps have been, and continue to be, taken to safeguard people’s e-privacy, but bear in mind that legislation is complex, evolving and arguably always going to be out of date as technology advances so fast. A spokesperson for the Office of the Information Commissioner says: “Any organization that processes personal data in the UK must comply with the UK Data Protection Act. The act places legal obligations on organizations that help to ensure that they are looking after people’s information correctly; this includes making sure that the information is secure and that organizations are open with users about how their information will be used.”
At once recognizing that protecting your personal data is a fundamental right, and that the free flow of personal data is a common good, EU law states that “personal data can only be gathered legally under strict conditions, for a legitimate purpose” and “you have the right to complain and obtain redress if your data is misused anywhere in the EU.”
There is even an initiative being discussed as part of the EU’s General Data Protection Regulation that will allow people “the right to be forgotten”– where all their details can be deleted from cyberspace if they so choose. This will become a more pertinent issue as people become savvier about online reputation and their “digital tattoos.”
In May 2012, legislation was passed that meant web sites had to get consent from users before installing cookies on their systems, but it was then changed to a simple warning on the website and tacit consent was agreed to be enough. But this is not good enough for many people – according to a 2011 survey of 4,000 mobile phone users by Future sight for trade body GSMA, 84 percent wanted to be able to choose whether to receive advertising based on their browsing behavior.
Selecting “Do Not Track ”in your browser settings is one solution to this problem – Internet Explorer, Safari, Opera, Firefox and Google Chrome support various methods of tracking protection. According to Firefox, when the feature is enabled, it will tell advertising networks and other websites that you want to opt out of tracking for purposes like “behavioral advertising. ”But Do Not Track “may interfere with some personalized services you enjoy.”
This might sound like a reasonable compromise, but in April, an article on wired.com by Peter Swire warned: “Without effective targeting and tracking, advertisers argue ad revenue could plummet and lead to the shuttering of many popular web sites that rely on third-party ads as their primary source of revenue. ”And an “arms race” could begin whereby “the digital cookies currently used to track user habits are blocked by the browsers – only to have the advertisers respond with even more sophisticated tracking methods like digital fingerprinting.”
So what can you do? “People need to be aware, ”Frost says. “They don’t need to be frightened, but they need to take a grownup attitude towards this. If you get value from giving your data away, do it with care. If society benefits from your data, do it with care because if you let your data go astray it’s very difficult to retrieve it.You should give it away to someone who will respect it, and for something that you value.”
Greig agrees: “If something is free on the web, then you’re the product. Somebody’s got to be able to make money to pay for these free services, and they’re doing it by sharing data with somebody else. That’s fine if people accept that trade-off. Where it becomes tricky is when people aren’t aware of what’s going on.” BT