What Are Apps Doing With Your Data?

Five Things To Know About Data Privacy And Security.

Earlier this month, the New York Times published an opinion piece titled “It’s Time To Break Up Facebook.” The title itself is not necessarily provocative — voices have been calling for the disbandment of the social media conglomerate in greater and greater numbers — but the by-line is. The article is authored by Chris Hughes, co-founder of Facebook.

Hughes’ claim that Facebook poses a “threat to democracy” is grounded in the social media’s access to an incredible amount of raw data. Facebook and its affiliates, Instagram and Whatsapp, aggregate data such as likes and dislikes, engagements, time spent watching a video, etc.; and encourage users to share even more personal information; ostensibly to improve their targeted ad services. However, as Hughes points out and the Cambridge Analytica scandal confirmed, such unfettered access to data can lead to more concerning problems than targeted ads that seem to read your mind.

Hughes is neither the first nor the only tech entrepreneur to blow the whistle over data privacy concerns, and the problems he identifies are not limited to social media. The current generation, fueled by smartphones, smart speakers, smart homes — smart everything —  is waking up to the serious challenges to privacy that these technological efficiencies are potentially introducing, driving policies like the EU’s General Data Protection Regulation (GDPR).

For companies that deal with special categories of sensitive data — like medical information — the stakes are much higher, as publications like the Washington Post and Vox have enumerated. Access to information such as mental health, sex life, family planning, history of disease, physical wellness, etc. could potentially jeopardize users’ job opportunities, promotions, and may even engender or perpetuate discrimination in the workplace.

While the increased awareness of data privacy and security issues is forcing companies to take a second look at their protection policies, there are steps that consumers can and should take on their own to keep themselves informed — a “know before you go” approach.

As an executive at a data tech company, here are my five top tips for consumers to keep data private and safe:

Ask yourself: how do they make money?

If an app or tool is “free,” it’s likely collecting revenue from advertising rather than sales, which means that your data — everything from number of logins to location to the number of times you visit the app in a day —  is potentially being shared with third-party sites, either in a direct or de-identified form

Look for the company message and prioritization of security.

If a company has a chief information security officer, that likely means that data is being monitored 24/7, making it a critical part of a cybersecurity system. If the company has any users in the EU, or does any business with the EU (and this is the case with many companies), they may need to be GDPR-compliant. While there is a long list of requirements for GDPR compliance, one of the most significant is that a company must inform its consumers of a data breach without undue delay and in many circumstances within 72 hours.

Is there a consent process?

Is the app or tool upfront and transparent about data use and policies? Do you have a good understanding of how your data will be used after you have been given access to the App?  Apps or tools that do not ask for permission at set up, or mask their data sharing practices in complicated language are suspect. Pay special attention to third party data sharing, including services like Apple, Alexa, and others; and make sure you are okay with this before you sign up.

Check the fine print.

Not all data use and sharing is equal. Sharing data in a de-identified and legally-compliant manner can have the positive effect of improving outcomes or performance for the benefit of all users without compromising user privacy. Check the fine print to determine what type of data sharing a company is performing.

Do your Research!

It is always a good idea to do your own research. Take the time to do a simple Google search on a company’s privacy and security policies. Look up the third-party sites that are sharing their data. Determine whether you can delete your own data from a site should you choose to. Companies may or may not adhere to regulations of data, but the consumer has the power to hold them accountable.

Anish Sebastian

Anish Sebastian co-founded Babyscripts in 2013 with the vision that internet enabled medical devices and big data would transform the delivery of pregnancy care. Since the company’s inception, they have raised over $15M and gathered the support of more than 40 health systems around the country to further their vision of a data centric model in prenatal care. As the CEO of BabyScripts, Anish has focused his efforts on product and software development, as well as research validation of their product. Under his leadership, the Babyscripts product development team has refined the product offering, enhanced the product market fit, and commercialized their product suite in multiple markets. Anish has also focused his attention on leading evidence-based research endeavors that have resulted in multiple first-in-kind publications and white papers, further quantifying and validating the benefits of their product.