In a few cases, it is perhaps possible to discuss the 'value' of personal data in itself, e.g. data sets to train and validate ML models.

In many cases, however, the value an organization can extract from data depends on its capacity to directly or indirectly apply it to people.
I think, the value an organization can extract from personal data depends on its direct or indirect control over a sociotechnical system's capacity to *act on* individuals and groups, to decide about how to treat people, target them, mediate their choices or behaviors etc.
The most direct form of such a capacity to act on people based on personal data is the 'customer relationship', e.g. with loyalty program members, magazine subscribers, bank customers ...or users who registered at an online service, downloaded an app or bought a networked device.
The capacity to act on people depends on the scope and depth of those customer/user relationships, and the kind of 'transactions' they facilitate.

Google, for example, has constant control over many digital and physical environments in many areas of life.
An insurer may have the capacity to make huge decisions on people, but only on rare occasions.

An online streaming service may have the capacity to act on people every day to make them return more often, upsell them to a paid account or sell the capacity to better sell to them.
There are many indirect forms of providing the capacity to act on people based on personal data to others.

For example, credit reporting firms provide data to organizations with direct customer relationships, including the capability to link the provided data to those customers.
I think, in many cases discussing the 'value' that organizations can extract from personal data cannot just address the data itself, but must also address their organizational/relational/etc capacity to directly or indirectly apply it to individuals and groups.
Conversely, direct or indirect control over the capacity to act on people also facilitates *access* to personal data.

In the best case, from an organization's perspective, this allows it to operate closed feedback loops, from data collection to acting on people, and so on.
The capacity to act on people can also be facilitated in very indirect and opaque ways, for example, through synchronizing and matching pseudonymous identifiers across contexts throughout today's surveillance advertising supply chain.
Employer vs. worker data?

Value = data + capacity to apply it to workers, e.g. to get rid of 'low-performers' or make them work more efficiently.

Or, as @WiseTenderSnob put it in a reply to my thread, the 'value' of data depends on its ability to impact people and environments.
Instead of the economic term 'value' we could perhaps also use the term 'data power'.

...just some ad-hoc thoughts. I admit, my theory has still some weaknesses 🤖 #tobecontinued

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Wolfie Christl

Wolfie Christl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WolfieChristl

Feb 15
Google's "infamous 'Web & App Activity' controls for paid users of Google Workspace" is "split up into two settings" …HOWEVER, "Google is taking advantage of this settings split to re-enable some tracking features, even if users have previously opted out"
arstechnica.com/gadgets/2022/0…
"The crux of those earlier privacy lawsuits was that having privacy settings bizarrely split across two switches was unnecessarily confusing. Now, with Search History, privacy settings are split across three switches" 🤡
"Regarding the promise to not use data from 'Workspace core services', Google's statement doesn't cover Google Search ... which is the primary vector for Google ads and data for Google ads. That's right—the 'Search History' setting from Google doesn't cover Google Search history"
Read 6 tweets
Jan 31
I want to share some more details about what we found in our investigation into gambling data that are highly relevant to GDPR enforcement and privacy regulation at large.

For example, this is how companies share personal data with each other during a bunch of 'cookie syncs'. Image
I guess rarely anyone has ever analyzed the data flows during only a few 'cookie syncs' at such a level of detail.

It's not about 'cookies' but about an ongoing exchange of personal identifiers that many data companies use to recognize, track and follow everyone across websites.
The chart shows data transmissions we observed during only a few visits to skycasino.com, which initiated requests to the adtech firm MediaMath, which shared the ID it uses to recognize a user with many other firms and initiated further personal data processing by them. Image
Read 31 tweets
Jan 31
We observed that a Sky Bet gambling site transmitted extensive personal data on gambling activities to FB, Google, Microsoft, Adobe and to the TransUnion subsidiaries Signal and Iovation.

When asked about it under the GDPR, they mostly failed to disclose what data they process.
For example, when a user deposited cash at Sky Bet, the website immediately informed FB, Google, Microsoft, Adobe, MediaMath and Signal (TransUnion) about the exact amount deposited.

Several third-party data companies including Google and FB received data on almost every click.
In total, we observed 2,154 data transmissions to 44 third-party companies during only 37 visits to Sky Bet gambling sites.

The TransUnion subsidiary Signal created an extensive digital profile about a person who was a heavy Sky Bet user and lost a lot.
Read 8 tweets
Jan 27
The online gambling industry can exploit data in the most harmful way, by monitoring and manipulating the behaviours of vulnerable people.

🆕 We examined how a major UK gambling firm tracks and profiles players, and how it shares sensitive data with many other data companies ⬇️ Image
We've been working on it for more than a year, probably the most detailed investigation into data flows in the online gambling industry to date, commissioned by @cleanupgambling

You can download our report (plus a technical report) here, published today:
cleanupgambling.com/news/cracked-l… Image
"A major betting company harvested troves of data from a suicidal gambling addict to target his weaknesses and predict his losses ... [and] to groom the high-value gambler that they wanted to win back"

The Daily Mail's story about it:
thisismoney.co.uk/money/markets/…
Read 40 tweets
Jan 25
Google/FB vs. 1000s of small firms in surveillance advertising is like 2 giant retailers selling toxic food and abusing their monopoly power vs. 1000s of small firms selling toxic food.

Helping the small firms to better sell toxic food so the giants lose power is not a solution.
Yep going after the small firms' toxic food sales may further increase the power of the giants selling toxic food.

But that doesn't mean going after the small firms is bad. It just means that, at the same time, going after the giants' toxic food sales and power is required, too.
Of course, small toxic food is a part of big toxic foods' supply chain.

Now imagine a new law would make it more difficult to handle toxic food for everyone. What should big toxic food do?
Read 14 tweets
Jan 16
Just tried to help a friend who runs a very small local business that has nothing to do with online marketing but uses a popular cloud-based website system to draft a GDPR-compliant data/privacy policy that makes sense. Almost impossible.
Of course, it's not the law that is to blame, but the cloud services provider, its invasive personal data processing plus third-party embeds that cannot be turned off, as well as the lack of GDPR enforcement against such services, which is why they still exist as they exist.
It's not the first time I've been struggling with such advice. Don't wanna name the system because I spent already enough time with it on a Sunday evening, but no, building a hand-crafted website or setting up a custom CMS is not an option for many.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

:(