Big brother is watching you shop

Many companies know more about your shopping habits than your family does. Sinister, or just another way of giving us more of what we want?

by Rhymer Rigby
Last Updated: 09 Oct 2013

For the past 20 years, those who say that Big Brother is watching you have tended to focus their attention on bogey men such as the ubiquitous CCTV cameras, the National DNA Database and the US and Chinese governments snooping on emails.

More recently, though, it's become clear that governments aren't alone in their interest.

Companies, particularly those with big online operations, are building up increasingly sophisticated pictures of their customers - and their model is more Brave New World than 1984.

Of course, concerns about online privacy are nothing new. They started way back in the dial-up age with worries that partners might find grubby sites in your browsing history, and then grew as knowledge of cookies spread and employers started castigating staff when they posted on Facebook that their boss was an idiot.

Over the past couple of years, as companies have learned to use everything from their consumer databases to cookies, and as commerce moves onto tablets and smartphones, whole new streams of data are appearing.

In the middle of last year, it was reported that the travel site Orbitz was showing visitors who were using Apple Macs more expensive hotels than those who were using PCs. Predictably, there was an outcry (and, perhaps equally predictably, it was mostly because people incorrectly thought the site was offering the same hotel for different prices).

But what Orbitz was actually doing made perfect sense. It recognised that, as endless market research shows, Mac users tend to be more affluent and buy more premium goods than the PC-owning masses.

As web servers can detect the operating system on visitors' computers, Orbitz was using this information to provide potential customers with offers it felt would be more in line with their likely spending habits.

In a slightly more sophisticated vein, the retailer Staples was recently shown to be varying its prices based on where it believed its customers were located; research by the Wall Street Journal suggested that physical distance to rival stores and the average affluence of the area were factors. If you were rich and far from a competitor, Staples reckoned you could pay a little bit more.

Similarly, Sky TV will shortly begin a trial of ads tailored to customers' postcodes and socio-economic group.

But perhaps the most revealing was an offline example that showed the power of mining consumer data.

An angry man visited a Target department store near Minneapolis to complain that the company was sending his daughter - who was still in high school - coupons for baby items. Target's mailshots were based on a 'pregnancy score' derived from her spending habits. The store manager apologised, but some days later it was the man who was apologising. His daughter was pregnant - and based on its data analysis, Target knew before he did.

Facebook, which also knows a thing or two about its one billion or so users, similarly caused a minor furore by targeting UK women on New Year's Day with ads for abortion providers, presumably having done the maths and figured that young women, fresh from the biggest party night of the year and what it entailed, might be interested in such services. Although, proving perhaps that online profiling has some way to go, the ads were for abortion.com, a US site.

To see how even a little information can affect the ads you view, here's an experiment you can try in the comfort of your own home.

Download a second browser such as Firefox or Google Chrome. Find a site with some advertising on it on your normal browser and then open the same site in your new browser.

Chances are, the ads on the site in your default browser will far more closely reflect your interests. This is because your old browser will be full of cookies that relate to those interests.

Many ads are now bought in a process called real-time bidding where, based on what is known about you, individual ads on your screen are auctioned off to corporate bidders live. The ad you see for a bank account or home improvements or online dating is the one that has won the auction for that 200-pixel-square space on your desktop.

But the information that sites can glean about you just from your being there is vague. For instance, I may look at numerous sites selling Ferraris without ever having the money or even the inclination to buy one - and it's not unusual for the location revealed by my IP address to be 40 miles from where I'm actually sitting.

Reehan Sheikh, co-founder of online identity and access management company Evolok, says: 'Nowadays, companies tend to collect two types of information from users: implicit information and explicit information.' The former is the stuff that is revealed about you when you go onto a site; the latter is the stuff you actually tell companies. And, he explains: 'They weight explicit information more highly.'

A simple example of how much more useful explicit data can be is provided by using the weather section of a news site. From your ISP, the site may know that you're coming from somewhere in London. But, the weather section is likely to say somewhere, 'To improve your forecast, type in your postcode.' You do this, and suddenly your location is down to a dozen houses.

But if retailers can tell quite a bit about you before they know who you are, it's when you register that things get really interesting.

Sheikh says that there are effectively four tiers of users. Ranked in terms of usefulness, these are anonymous users, registered users, social users and users who have parted with money.

Privacy concerns usually take a back seat to convenienceQuite simply, if you're prepared to sign in, an organisation can get a far better idea of who you are than if you aren't. And if you're prepared to spend money, it gets even better. 'Users don't seem to mind being asked about themselves as long as you're asking for the right reasons,' says Sheikh, although he does allow: 'Over a period of time, you may amass an amount of information you'd never get had it all been asked for at once.'

But does any of this matter? Differential pricing may be annoying, but it's hard to see what is really wrong with ads showing us things we might want to buy - or sites offering us products based on what we've shown an interest in previously.

'Things like cookies tend to get a bad press, because people fear that companies are snooping on them,' says Dan Huddart, an analytics and personalisation specialist at a major UK insurer.

'But in the EU they shouldn't capture anything personal about you and I think there are far more pros to personalisation than cons. I'm renovating a house at the moment, so if I browse around the web, based on my history, I tend to see offers for things like Victorian light fittings.'

Moreover, if you want to delete your cookies, disable them entirely, or browse the web incognito; it's not difficult - browsers will offer you options to do so.

It's worth pointing out too that, although people sometimes act as if all this appeared yesterday, most of this technology isn't exactly new (cookies first appeared in the mid 1990s); it's more that businesses have learned how to put all the pieces together. 'In five years' time,' says Huddart, 'it'll seem really strange that we ever went to sites with a static (rather than bespoke, personalised) homepage.'

What, then, of consumers - should this worry them?

The answer is sort of, but not really. If you ask people whether they're concerned about privacy, they'll say yes. But these concerns usually take a back seat to convenience.

According to an Accenture Interactive survey of 2,000 US and UK consumers, conducted last November, 86% of people were concerned about having their online behaviour tracked, but 85% said they understood that it allowed businesses to tailor offers and content to their interests. And, 64% said being presented with relevant offers was more important than companies not tracking their website activity (34%).

The EU cookie law is an even starker demonstration of how convenience trumps privacy concerns.

Since last year, this has stipulated that websites in the EU must gain users' consent to serve them cookies and usually manifests itself as a small pop-up asking you to agree to the use of cookies. 'The number of people who decline consent is close to zero,' says David Fieldhouse of the Mobile Future Group, a mobile advertising software company. 'And if you do, the main effect is that you'll have a worse website experience. But it's still right to ask the question.'

This example of how consumers will give up privacy for convenience is very small beer compared with Facebook.

Before the explosion of social media, putting vast amounts of personal information online was a minority pursuit, done first by people who built their own sites and then by bloggers. But Facebook convinced people to live their lives online in exchange for a highly useful service - and as media theorist Douglas Rushkoff has observed: 'We are not the customers of Facebook, we are the product.'

Leaving aside Facebook's own ads and its selling the huge amount of data it collects on users, one of biggest changes to what consumers let businesses know about them has been the growth of the social log-in.

This is when a site asks you if you want to log in using your Facebook (or Twitter or similar) ID. 'If you log in with Facebook,' says Sheikh, 'the site will often ask if it can use your Facebook information. It's a very powerful way of collecting information about you.' Indeed, some sites, such as the Mirror newspaper, will now allow you to log in only with Facebook.

Meanwhile, others, such as Amazon, invite you to share your recent purchases via Twitter and Facebook. And although there is nothing compulsory or coercive about any of this, it is perhaps easy to see where the despair of people like the pioneering web evangelist-turned-apostate Jaron Lanier comes from. He has observed that Facebook is 'selling its users back to themselves'.

Social media is potentially a snooper's charter - tracking software is already available that can predict people's movements, based on data gleaned from social posts. Lanier's lament raises another interesting point. Like many who worry that the web is becoming some sort of commercial dystopia, he was a very early adopter - are these concerns simply a hangover from the days of 56k modems and Netscape Navigator?

The web of the late 1990s was changing from a geek utopia to a medium that promised to empower consumers and cut retailers down to size, via total price transparency - and for a while users really did have the upper hand.

But, unsurprisingly, corporations have now caught up with technology. And it's perhaps equally unsurprising that younger consumers, who have grown up in a world where privacy is starting to feel like part of history, tend to care little about the information they leave online.

All of which brings up the next big thing - whose roots are definitely not military-utopian and where commerce got in on the ground floor. 'Mobile is very much in its infancy,' says Fieldhouse. 'Desktop has been around a lot longer - and, in terms of development, mobile is probably where desktop was in 2004 or 2005.'

Moreover, he adds: 'Most desktop technologies of this sort don't work on mobile.'

There are also lots of operating systems (Android, iOS, Windows and BlackBerry are just four) and cookies can be problematic. Many companies' mobile offerings are effectively ports of their desktop offerings and don't work terribly well. But, says Fieldhouse: 'As soon as mobile becomes very, very important to a business, it tends to get it. If you look at something like hotels.com, mobile is important to it, so it is very good at it.'

Mobiles offer all sorts of exciting new kinds of information. 'For instance,' says Sheikh, 'if you have users who you know come in from a phone, a tablet and a laptop, one thing these multiple devices tell you is that they're affluent.' There are other things companies like about mobile too, 'People spend more on them,' he adds, 'they're used to the idea that you pay for mobile things such as apps, whereas they still believe the web should be free.'

Privacy advocates and regulators are looking closely at mobile devices. There have been stories of apps uploading users' entire address books - and the ability of mobiles to locate people is as attractive to advertisers as it is to the writers of Spooks. But it's going to take a while to get to grips with this new device-rich ecosystem. 'At the moment, unless users log in, the technology doesn't exist to track them from tablet to PC to mobile. That's the holy grail,' says Fieldhouse. 'Piecing together the consumer journey will be big.'

As the idea of an ad that follows you from the tablet you read at breakfast to the phone you check on your commute and to the PC on your desk has more than a whiff of techno-dystopia about it, perhaps it's worth asking again, should we worry?

Huddart thinks not. 'What you experience online is no different or more invasive than going into a shop and someone saying I've got those mirrors you were looking for last time you came or a butcher remembering your favourite cut of meat. If a high street retailer personalised itself to you, you'd be delighted. But, for some reason, on the web it's sinister.'

Sheikh adds that if these things do concern you: 'You can easily clear your history and cookies, but you'll have to spend a lot of time re-entering a lot of information. That's the value you get. I very rarely clear my cookies. They make using the web easier and more convenient.'

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events

Subscribe

Get your essential reading delivered. Subscribe to Management Today