Skip to main content

Google, Ford, Capital One and More Outrage-free, Underreported Examples of Corporate Spying

Corporations engaged in the collection of customer data are each their own NSA, without the oversight. There's no equivalent of the FISA Court; no warrants; no requirements for minimization; its not restricted to anonymous metadata; and it's everywhere. Recently a series of eye-opening examples popped up in the news with none of the accompanying public outrage that careens at hyperspeed through the discourse every time another Snowden document drops.
  • Author:
  • Updated:

Since June, when the first leaks from Edward Snowden went public and a debate about the National Security Agency's activities resumed, there's been very little if any discussion about the unchecked, unaccountable use of corporate surveillance against consumers and citizens in general.

Corporations engaged in the collection of customer data are each their own NSA, without the oversight. There's no equivalent of the FISA Court; no warrants; no requirements for minimization; it's not restricted to anonymous metadata; and it's everywhere.

Recently, a series of eye-opening examples of corporate surveillance popped up in the news with, of course, none of the accompanying public outrage that invariably careens at hyperspeed through the discourse every time another Snowden document drops. Here are just a few:

1) Google confesses to data-mining emails in its education apps.

There's an ongoing class action lawsuit in California against the tech giant for data-mining emails for purposes of delivering targeted ads to Gmail users. Not too long ago, Google revised its privacy policy in order to make this process even more effective. At the time, Google didn't expand the policy to Google Apps for Education, used by students. But it turns out Google has, in fact, been data-mining student emails via the apps, according to a court documents from the lawsuit obtained by

2) Google-Plus isn't very popular, but it helps Google build "a database of your affinities."

If you're on Google-Plus, Google can follow, collect and process your online activities on YouTube and Google Maps -- what your likes and dislikes are, your search history, as well as all of your personally identifiable information in your profile. It can track you even after you click away from its social media platform. Therefore, even though the service only has a fraction of the users of, say, Facebook, it doesn't matter because Google has determined there's a significant benefit in having access to such a broad, albeit smaller, database of user information. Your information. The New York Times:

“The database of affinity could be the holy grail for more effective brand advertising,” said Nate Elliott, an analyst at Forrester studying social media and marketing.

Google says the information it gains about people through Google Plus helps it create better products — like sending traffic updates to cellphones or knowing whether a search for “Hillary” refers to a family member or to the former secretary of state — as well as better ads. [...]

“It is literally promotion that money can’t buy,” Mr. Elliott said. “It is something that Google could make billions off of if they sell that space tomorrow, and they’re giving it away to try to get people onto the social platform.”

It's worth mentioning again that one of two web bugs on Glenn Greenwald's The Intercept website is Google Analytics.

3) Knock-knock. Who's there? Capital One. At your front door.

Not too long ago Capital One delivered policy updates to it credit card holders. Easily the most alarming change was the addition of this line: "We may contact you in any manner we choose." This includes literally driving to your house and knocking on your door. The Los Angeles Times also reported that the contract changes also included the ability to use call spoofing:

"We may modify or suppress caller ID and similar services and identify ourselves on these services in any manner we choose."

Now that's just freaky. Cap One is saying it can trick you into picking up the phone by using what looks like a local number or masquerading as something it's not, such as Save the Puppies or a similarly friendly-seeming bogus organization.

This is known as spoofing, and it's perfectly legal.

Capital One told the LA Times that it won't come to your door to collect a bill. And we should totally believe it, what with its stellar track record.

Incidentally, if you read your credit card privacy policy carefully, you'll learn that even if you opt out of allowing your card company to share your personal information, it can do it anyway. For example, Capital One's privacy policy states, "Federal law gives consumers the right to limit some but not all sharing." You can't opt out of the following forms of data-sharing:

For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus.

For our marketing purposes – to offer our products and services to you

For joint marketing with other inancial companies

For our afiliates’ everyday business purposes – information about your transactions and experiences

4) Ford knows where you're driving.

At this year's Consumer Electronics Show (CES), Ford executive Jim Farley infamously declared, "We have GPS in your car, so we know what you're doing. By the way, we don't supply that data to anyone." He later clarified, "We don’t monitor, aggregate data on how people drive. I’ve given people the wrong impression, I regret that."

That was early last month. Fast forward to last week:

Ford Motor Co. told Congress that it collects some vehicle location data, but only to help drivers and “troubleshoot and improve our products.”

The Dearborn automaker said it collects limited data only after getting permission from owners — including keeping some vehicle travel data from SYNC services for up to 60 days. Ford said the data for turn by turn navigation and other services “is used only to fulfill the customer request, to troubleshoot and to improve products.”

Also, Ford executives told Congress that it turns over tracking data to law enforcement whenever it receives a subpoena.

Some have argued that corporations can't "drone" us. That's true, but if you believe NSA might drone you, your tinfoil hat is on too tightly. That said, suggesting that corporations possess enormous power and far-reaching capabilities is a ridiculous understatement. They can absolutely have us arrested, prosecuted and our lives destroyed.

Three unaccountable, privately-owned credit ratings agencies can ruin our financial futures with the click of a mouse, while absolutely having complete and, indeed, direct access to our financial histories. The music industry and movie studios can monitor torrent users online and prosecute them for downloading a Metallica song or the latest Steven Seagal movie. (Because after all -- who pays money for a Seagal movie any more?)

To deny that corporations enjoy manipulative and even dangerous power over us is obtuse at best and puerile at worst. Now toss into the mix the recent hacking activity that managed to hork customer information from Target and Neiman Marcus. Tell me again how corporate surveillance is harmless.

There is absolutely a need for reforms at NSA, as it should be with any federal agency. But let's not pretend that this agency, with its layers of oversight and bureaucracy is the only or even the worst entity engaged in surveillance activities. Point being: if you're outraged about NSA, you really ought to be equally if not more outraged by what corporations know about you.

By the way, if you're waiting for free-market libertarian Sen. Rand Paul (R-KY) to sue corporations for doing things arguably more intrusive than NSA, don't hold your breath.