from the Atlanta Fed
— this post authored by David Lott
I recently became intrigued with a reality network television show that pitted teams of two everyday people (the “fugitives”) against a diverse and highly experienced team of former law enforcement, military, and intelligence investigators (the “hunters”).
The goal of the contest was for the fugitive team, given a one-hour head start, to elude capture for 28 days so they could collect a prize of $250,000 in the end. The fugitives were given a pot of $500, available only from an ATM, that they could use over the 28 days. But they had a $100 daily limit – and the knowledge that the hunters would be notified of the ATM location immediately. My interest was increased by the location: the fugitives’ geographic boundaries were in the Southeast, with Atlanta as the hub, so there were frequent shots of local places that I recognized and had visited.
Underneath the entertainment value was a demonstration of the classic conflict between personal privacy and big-data analytics. This issue has become increasingly complicated as data collection, storage, and analytics have advanced and become less expensive, faster, and more sophisticated. At the same time, people are participating more in electronic communications, transactions, and other activities that create electronic footprints that can be tracked and analyzed. The show demonstrated these collection capabilities numerous times as the investigators poured over bank account transactions, phone records, social media, property and vehicle databases, and other information to identify clues as to the team’s location or the people that might be assisting them.
Two of the nine fugitive teams were successful. In subsequent interviews, both teams cited a key factor they believed was critical to their success. They minimized or eliminated their use of cell phones, email, and social media – going off the grid – to avoid giving hints about their location. Knowing that their location would be signaled whenever they used an ATM to get money, they would have already made arrangements to leave the area immediately, before the hunters closed in. Several of the unsuccessful contestants remarked how amazed they were to discover the wide range of information the investigators were able to access about them, their family, and their friends. Some didn’t know their location could be tracked through a cell phone or a photograph posted on social media.
Of course, these contestants, as well as any families and friends who might help them, had to sign numerous waivers to allow the investigators to access and collect much of this information. But how much information would be available without such a waiver or court order? In 2015, the European Union adopted an information privacy directive that is generally viewed as highly protective of an individual’s privacy. In the United States, there have been discussions over recent years about similar legislation without much headway, mostly because of differences between there and here about data collection as well as First Amendment infringement.
Does there need to be increased transparency by companies that collect data for marketing purposes? Would clearer disclosures make consumers less likely to participate in rewards programs and other activities that involve data collection, to closely guard their personal information and interests? As always, we welcome your feedback.
Source
http://takeonpayments.frbatlanta.org/2017/04/catch-me-if-you-can.html
About the Author
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed