iPhone Life magazine

Opinion: Snowden Leak about App Data Collection Leads to Question: 'What? Me Worry?'

Purported Hack of Rovio Angry Birds Website (listed on Google as unverified)

Every week now there seems to be some new revelation about how our information is being collected by U.S. Government agencies for reasons that range from vague to useless to nefarious.  In late January, former NSA Edward Snowden suggested that Angry Birds, along with a number of mobile apps, were the source of intelligence information.

As with previous documents provided by Snowden, the NSA did not deny or confirm what information sources they use, but rather said that any communications they did collect not associated with “valid foreign intelligence targets” was not of interest.

Both statements are very likely true. Rovio, Google, and a number of other app suppliers integrate with a wide range of advertising platforms and also opt-in information sharing that could be used to track things like people’s locations. If I tweet a picture of my steak from my iGrill Bluetooth thermometer, then people will know the coordinate of the steak, and presumably, me. I have never had a drone swoop down upon me or my steak as a result of this opt-in location revelation. Think about all of the activity on FourSquare or Facebook check-ins. There is some evidence that burglars are using social media to plan robberies, such as a case in Nashua, New Hampshire (reported by Mashable), where burglars may have used a friend's post about being out of town to target them for a robbery. The use of twitter, Facebook, or FourSquare check ins to plan robberies, even in this case, is apocryphal.

Thieves Might Be Interested in Your Daily Activities; The NSA? Not So Much

The NSA, is not interested in details until the details matter. They are interested in patterns, and those patterns do not include you grilling a steak, going to a movie, or attending a school play. The complex algorithms used to sort this information are finely turned to identify potential threats and only when a potential threat is identified, does anybody look into personal information of people related to that threat (and from what I know of investigations, many threat identifications reinforce existing suspicions rather than revealing new ones). And believe them or not, the NSA is not targeting U.S. nationals unless they have clear ties to activity originating outside of the United States, or activity that will threaten the U.S. directly, or its assets or citizens in other countries. There is simply too much activity and too few people in response roles to target information that does not directly relate to the mission of the intelligence agencies.

What those missions are, and how they are carried out, are political and well within the purview of U.S. citizens to help shape through political action and elections.

In Fact, You're Probably Irrelevant

From a technical perspective, however, it is very difficult to form patterns with data that is “preconsidered.” In other words, if an analyst decides some data isn’t relevant ahead of time, then they may miss something crucial. Marketing organizations regularly look at too little data when creating what they call “customer segmentations.” From many studies I’ve seen, the “customer segments” look more like caricatures than real people because they have very limited attributes and few correlations to data that reflect the complexity of a real customer.

So on one hand, you have companies like Amazon, who may look scarily accurate when suggesting music or books or toys. Amazon, however, would be much less accurate in helping you select draperies or diagnosing a lawn ailment, because its data about you has sharp edges that when asked the wrong question, result in irrelevancy. We also saw this with IBM’s Watson when it won Jeopardy.  It could answer trivia questions, but Watson couldn’t hold a conversation about its background. The same is true of the NSA; although they admittedly have huge amounts of information, they only process that information using algorithms seeking specific types of activities that imply certain types of behaviors. They are not in the business of suggesting reading to you, so they wouldn’t be profiling the reading habits of all Americans (though Amazon would do that). Amazon, on the other hand, isn’t looking for bomb makers so they can't suggest the latest in bomb-making materials. If the NSA gets any data from Amazon, they are looking for patterns Amazon isn’t looking for and again, only acting on that data as it relates to their mission.

So does the NSA need to know anything about your Angry Birds scores or activities? Absolutely not. Does it mine data from some third-party advertisers? Perhaps, as implied by Rovio Entertainment CEO Mikael Hed in his statement:

“Our fans’ trust is the most important thing for us and we take privacy extremely seriously. We do not collaborate, collude, or share data with spy agencies anywhere in the world.  As the alleged surveillance might be happening through third party advertising networks, the most important conversation to be had is how to ensure user privacy is protected while preventing the negative impact on the whole advertising industry and the countless mobile apps that rely on ad networks.”

So Just How Worried Should You Be?

Should U.S. citizens be concerned about domestic spying? Perhaps. But again, that is a political question that speaks to how individuals think about their privacy, and the balance between privacy and national and personal security. To worry that an agency like the NSA is using phone information to track individual Americans not connected to suspicious foreign-related activity stretches the imagination and the credibility to those who profess it.

There is a huge difference between collecting data for pattern recognition and spying. If the government was constantly deploying hordes of mysterious operatives into suburban neighborhoods to pick-up people suspected of doing untoward things, however they mysteriously define “untoward,” then we should be concerned. People who lived in Nazi occupied Europe and under the former Soviet Union know what domestic spying looks like, and the U.S. government doesn’t behave like either of those regimes. The collection of data is only a problem if the intent is to spy on people for things other than what the U.S. government has, since 9/11, been very open about: who it is spying on and what types of activities it is trying to prevent.

If U.S. citizens were living under an oppressive blanket of domestic spying would two states have legalized marijuana? Would same-sex marriage be legal in many states and nationally recognized? Would the Seahawks have won the Super Bowl? The bottom line, the NSA and other agencies are too busy with their limited resources to spy on Americans just because they want to (not to say that individuals won't occasionally act beyond the bounds of propriety or authority). Even if they NSA does have your data somewhere in the big secured government cloud, the odds that anyone of any importance knows that, or that you’ve shown up as an output to any pattern search, is extremely minuscule. 

The real issue underlying this is a lack of trust not in the current state of the U.S. democracy, but some future state in which people in power redirect the mission of those holding the data. For that to happen, a majority of Americans would have to condone the election and the government would have to systematically dismantle checks-and-balances and silence the press. That we continue to have this discussion in public, that we get more data regularly, is an indication that it would be very hard to pull off a major conspiracy in the United States that involved all citizens. Something will leak. People will get incensed and policy will change. That we elect people, and that elected officials know their power derives from them being elected, means they want to remain elected. That is powerful leverage for the average American, and good reason not to piss off citizens by spying on them. And even if the NSA isn’t really spying, that a lot of people think they are spying is probably enough to eventually make them stop gathering data.  All sides will claim a victory in that, even the terrorists whom the data collection was really trying to identify. This debate is not exposing weakness in America’s democracy, but rather highlighting its unique ability to openly debate policy in a way that  ultimately reflects the values of its citizens.

Email icon
Want more? Get our weekly newsletter:
Daniel Rasmus's picture

Daniel W. Rasmus, the author of Listening to the Future and Management by Design, is a strategist, industry analyst, and business correspondent for iPhone Life magazine. Prior to starting his own consulting practice, Rasmus was the Director of Business Insights at Microsoft Corporation, where he helped the company envision how people will work in the future.

Before joining Microsoft, Rasmus was Research Vice President at the Giga Information Group and Forrester Research Inc. Rasmus also is an internationally recognized speaker. He blogs regularly for Fast Company and on his own blog, Your Future in Context. His education-related work can be found at Learning Reimagined.