The price we pay for “free” food

There’s a line that exists as a border between convenience and privacy. I’m not quite sure how thin that line is (I imagine it varies for each person), but it’s something I’ve had to start thinking about. It seems like every month, there’s a new story about a data breach at a major company. Want to see a disturbing long list of breaches? ought to sober you up a little bit.

Our personal information is a major currency. Companies vacuum up details about our lives from our browser histories, forms we fill out, items we purchase from their stores, sites we visit after visiting theirs, sites we visit where their trackers are embedded, and sometimes, from our phones after just walking into their stores.

They want to know what brands we buy, where we look at their merchandise, what paths we use to walk through their stores, whether we comparison shop with other companies. Looking for flights online? Airlines will use the cookies on your browser to see where you’ve been looking and use that information to manipulate the cost of flights. Use a store’s free Wi-Fi? They see what sites and apps you use and where you are in their building. Sign up for a perk card or other membership program? They’ll send you coupons (good) so that you spend more of your money there (bad?).

If you’re anything like me, your time, money, and attention are limited resources. I know going in that the sandwich place is using points to get me to go into their store more often and spend more money. I get more food for less money.

But, I understand that they may be selling that information to other companies so they can hone their advertising. Those companies may pass my information on. At any one of those companies, there could be a data breach, taking identifiable information about me and giving it to “bad actors”, whoever that may be. I have to make a choice. Is that “free” sandwich every other month (or so) worth the possibility of having my info get out into the world?

For me, the answer is yes. I need to make my money go as far as it can. For other people, that answer may be no, they don’t want any more of their info getting out than has to, and that’s cool too. We have made conscious decisions about our data.

The group that we need to reach is everyone else. The ones who don’t understand that they just made a choice about their data. People act surprised when they hear about a data breach at a company and don’t understand a) how that company got their information and b) what that may mean for them. They also don’t c) know how that could impact them. The problem is complex.

Not everyone wants to or can break that down for themselves (or explain it to loved ones!). We need to learn how explain this to people in a way that makes sense and doesn’t cause a panic. People need to be able to understand for themselves the potential risk involved with coupons.

Ultimately, it’s up to the companies to better police themselves or the government to create an actual police force for these (often international) companies. I have low hopes of that happening, no hope of that happening well, and no illusion that it’ll happen anytime soon, without something catastrophic happening first.

Therefore, I propose that we create a grassroots movement to teach people about data safety and personal information (and responsibility!). Companies like Vivaldi and Brave, and organizations like the Electronic Freedom Foundation (EFF) and Mozilla are good places to start. However, we need to be able to teach this information to those we care about in a way that they’ll understand… and care about. That’s the trick. Then we can start making choices intelligently for ourselves and families.

The hope, then, will be that companies will see the choices we are making and become more responsible in accordance with our actions. That they will become better stewards of our information. Because a lot of them aren’t doing it now…

I’m getting hungry. Time for a “free” sandwich.