This works pretty well with chambermaids and blackjack dealers, but not so much with Internet-connected PCs and smartphones. What you do online usually stays online; it’s captured not just by your computer, but by many others. And if somebody gets hold of that data, they can uncover some of your most sensitive and unlovely secrets.
An especially creepy example emerged in July in, of all places, Las Vegas. A group of researchers from Germany, appearing at the big annual hacker confab DefCon, demonstrated that it’s appallingly easy to ferret out all manner of information about our lives, ranging from the mundane to the embarrassing. The researchers simply analyzed data collected from our Internet browsing — information we probably don’t realize we’re sharing.
This data isn’t being grabbed by the NSA or FBI, but by commercial brokers who buy complete “clickstreams,” or Internet browsing records, of millions of people. Such clickstream data is collected by the browser extensions many of us install to do handy things like play games or translate foreign languages. It turns out that some of these extensions quietly record every site you visit and sell that data to brokers.
German TV reporter Svea Eckert set up a fake online marketing company, then began asking data brokers for samples of their wares. She persuaded one to lend her the clickstreams of 3 million Germans that came in the form of anonymized data, with no names attached. Even if it showed that somebody out there bought a plane ticket to Switzerland or visited a porn site, it would be impossible to know who.