What if there was a database that had records such as the
following:
There is a user, known only as #2348585 who is male, 45
years old, and lives in zip code 30443.
He uses anti-depressants, prefers ibuprofen as a pain reliever, likes
the color blue and the band Ben Folds Five.
When eating out, he likes steak but doesn’t buy it at the grocery store
where he buys lots of prepared meals and store brands.
As a result, this user gets served with very targeted ads
while online. The ads are for steak
restaurants, depression-related medications and treatments, grocery store
private labels. All of the ads have lots
of blue colors and Ben Folds Five music often plays when the ad appears.
But the database doesn’t actually know who this user is. It doesn’t have his name, social security
number, address, or any individually personally identifying information. A dedicated hacker could probably figure out
who this is, but the opposite direction would be almost impossible – his worst
enemy who doesn’t know these things about him and so probably couldn’t find this particular record
in the database. And if the super hacker
already knew enough of these to find the unique record, he probably wouldn’t
need to. Unless he wanted to play some
practical jokes and have him served with totally untargeted ads, with lots of
red and playing Beethoven.
This is not far off from what Google, Facebook, Amazon, and
other ad serving systems do to you already.
Does this feel like a violation of your privacy? If you like steak restaurants, is it worth
giving up this amount of privacy to get steak restaurant ads instead of the Red
Lobster ads? Is the inclusion of
depression treatments a step too far or just another benefit you appreciate
getting?