Annabel Rothschild

Tag: data brokers

  • Privacy Diary: 5+ months running Lineage OS

    I finally switched to Android when, in 2020, my old iPhone 5S forcibly and needlessly bit the dust at the behest of the Apple Corporation’s planned obsolesce policy.

    While in the process of moving back to Germany during the COVID-19 pandemic, my temporary housing was through a shall-not-be-named platform, whose app no longer ran on the iOS version the 5S had been limited to. In order to adhere to Germany’s (very reasonably) strict quarantine policy for new arrivals at the time, I realized I had no choice but to upgrade, seeing as making it expeditiously to my lodging was a matter of public health, and the app was the only reasonable way of communicating about my arrival with my landlady.

    My logic behind making the switch to Android was, “oh **** I need a phone that runs a newer OS” and “my budget is about 0 dollars”. In the end, I ended up with a Moto Power G (2020), which was the cheapest conventional smartphone I could find that was compatible with my current cellular plan. The fact that it was an Android was almost an after-fact, though my deep frustration with a certain company’s proclivity towards deceitful dealings with aging products did play some role, I’d like to think. While, yes, I will admit that the Moto G did seem to handle daily life better than the 5S (no, it did not lose all my texts now and then), by the time I’d had it for about two years it fared worse than the 5S did after four or five. Which, in retrospect, did make some sense — I mean, I did buy the cheapest smartphone I could.

    The idea that I had a two-year-old smartphone that was no longer functional drove me crazy though. Sure, there was the financial kicker; at this point, the Moto G was probably as expensive as if I’d just bought an iPhone and kept it for an extra year or two, which I suspect it could have probably handled (especially after those class-action lawsuits Apple ended up in). But there was also the environmental impact — I mean, good gosh, was I supposed to just dispose of a ridiculously resource-draining device after a mere two years of use? Incidentally, this coincided with a research project I was conducting about dumbphones, and the desires of many dumbphone users to keep devices that just worked for a long time. Better for the wallet, better for the environment.

    This led me down a rabbit hole of modular phones, most of which exist only in popular form with a “X Company Shuts Down Development of Planned Modular Phone”. Failing that, I figured the next best thing was a phone that would at least keep current (receive regular OS and security updates) for some time (i.e., more than two years). So obviously Apple devices were out. While Fairphone was the most reasonable dealer I could find, reviews by mainland-US users indicated that the EU-intended device barely functioned, and rarely reliably, if at all, stateside. After much searching, I realized one option would be to buy an older flagship device (easier on the wallet, and somewhat environmentally less bad?) and flash it with a mobile OS more dedicated to longer-lasting support. Which resulted in my purchasing a Google Pixel 4a (via a refurbished tech site), a device which was, approximately, ironically, the same age as my malfunctioning Moto G.

    I knew I was making a few concessions to modern ease when I switched to Lineage as a “daily driver”. First, Google would treat the bootloader as being tampered with, and some apps might be incompatible. I’d read ahead of time that many financial apps, for example, would disable sign in with finger-print ID, which was fine with me, since I’d quit using biometric login features since the 5S.

    On the plus side, it meant that I could change my relationship with Google, which was inflexible on the stock Android the Pixel 4a ran by default. Instead, I admitted to my unhealthy reliance on Google Maps (particularly when traveling) and added the Google Apps for Lineage OS (GAPPS) package. When I’m not traveling or anticipating getting lost, which is, I admit, a fairly imperfect solution, since I tend to get lost at unexpected times. Maybe the secret to personal privacy is perfecting one’s sense of location?

    I’m now about five or six months into daily life with the mostly-de-Googled, Lineage-running Pixel 4a. On the whole, I’m pleased with my experience. The actual experience of flashing Lineage to the device was much easier than with my Samsung tablet, and took about 30 minutes (though, at this point, I have some experience mucking around in adb).

    As for the experience of using Lineage, there are quirks, most often with the default phone application. I suppose I could just download the Google one. The Google Wallet feature doesn’t work with any financial details (I can still store thinks like plane e-tickets, but not credit cards). I feel like this is probably for the best, considering that lodging my credit card in my phone is just one more case of data seepage, but would be an issue for more regular users of contactless payment. In general, the Lineage default app versions sometimes just don’t work quite right, which isn’t something I can really complain about, given that Lineage doesn’t have the kind of financial and organization backing that Google’s Android OS teams have. Further, a 1-3% latency with basic applications probably helps me use my device less, since things are not quite as quick and easy as they are with flagship devices. Or maybe this is psychological. Who cares, I think my screentime is slightly down, which is all I can ask for.

    As far as hardware, the battery life is much better with Lineage than it was for the short time I ran out-of-the-box Google Android. The device I bought has been well used, and the battery life is definitely strained to last a whole day without a partial recharge, which might require use of an external battery pack for someone who doesn’t have a desk job. I’m pleased the device still has a headphone jack, so I can make use of the dozens of old Apple corded headphones that have been passed on to me by the rest of my family members, who have upgraded to jack-less iPhone versions. As someone who frequently listens to radio and music, having a dozen or so pairs of headphones makes it a whole lot easier to always have a pair within reach, something I definitely can’t say about bluetooth devices (did I mention the cord also means there’s no battery life to deal with? Wild.)

    Somewhere between hardware and software is my main gripe: dual SIM support. While back in Germany this summer, I needed to maintain both my US number and my German one, with easy access to both. Thanks to a thankfully well-timed introduction of Edeka Smart’s e-SIM option, I used my Mint Mobile (US) plan SIM in the physical SIM slot, with the Edeka as the e-SIM. My voicemail has never recovered, which, honestly, is fine since in the five or so months I’ve been using the device, I think I’ve gotten about four voicemails total. Would this be an issue for perhaps an older user more accustomed to actually speaking with people on the phone? Yes, absolutely. I’m also aware that the 4a is relatively unsophisticated in it’s dual SIM capabilities and newer versions of the Pixel might handle it better.

    On the whole, I like having my phone be my phone and not an advertising portal I carry around with me. Is it still a little bit of an advertising portal? Of course, but I feel like I’m able to make reasonable trade offs in my exposure to data collection — for example, figuring out how to navigate around a new city is worth a few breadcrumbs of location data. Do I use a different Google account with each Google app that I do have installed? Sure. Does it help minimize my exposure? Probably not?

    On the whole, I feel like this is one of the more reasonable options for a privacy-respecting smartphone. While it certainty requires an intermediate level of tech savvy, at least in getting set up, I think it could be reasonably used as a “daily driver” for anyone used to contemporary smartphones and willing to make some small sacrifices to protect their personal information, while still getting many of the benefits of a smartphone.

  • Privacy Diary: On data brokers

    By last count, I’ve lived at six addresses in the United States, with varying degrees of permanence (I’ve been an official resident of one state the entire time, but had mailing addresses at five other locations, some in-state, some out, due to temporary jobs and schooling). So, when I recently went to fill out an update renter’s insurance application, in order to confirm my identity, I had to stare long and hard at the list of alleged prior addresses.

    If you’re unfamiliar with this kind of verification system, institutions will contract with data brokers, who scrape public data (like voter registration or addresses on tax returns) and ask you to verify whether or not you’ve, for example, lived at any of the five prior addresses, or have ever owned a certain model of car. Making a mistake can send you into a long loop of escalated verification processes, some of which record your conversation with the customer service representative for “security and verification purposes”. I’m not a big fan of biometric data records and avoid them where possible, so I like to guess any prior addresses and car models correctly on the first try. However, there’s ambiguity in the questions themselves, given that I am perhaps not the default case. Having initially registered to vote, for example, at my parents’ address (I was completing high school at the time), I’ve definitely been “associated” with that address. But the question, as posed by my renter’s insurance firm, via their contracted data broker, is, “have you ever owned property” where one of the options is my parents’ address, where I have been registered. The crux of the problem is that I definitely didn’t own that property (as my parents would be quick to remind you, given my lack of contribution to their property taxes), but I don’t know if the data broker has effectively discerned that. Instead, all I know is that I, yes, have lived at that address. So I do what feels to be the reasonable thing — that is, I click “none of the above”.

    Sure enough, I am immediately informed that my verification process has failed, which is deeply ironic, given that the data broker has actually misidentified me as a homeowner. I am then routed to a dreaded customer service interaction, where sure enough, I am given no option but to consent to my voice (as part of the entire conversation) being recorded, subject to a privacy policy “available on the firm’s website”. I need renter’s insurance, so I give in. Of course a lengthy wait time is required and I am forced to give a variety of identifying information, including my social security number, via audio call.

    Reflecting later on the incident, it bothers me. Why did it fall to me to go out ofย my way to correct misleading (in fact, incorrect) data? Why are data brokers allowed to sell faulty systems that could lead, in fact, to false verification of identity? After some Web searches, I find out that there are a few key data brokerage firms in the US, including three big ones: Acxiom, Experian, and Epsilon. If there’s a category of business I hate to support more than credit report firms, there’s only the American tax return preparation services lobby…

    Now, I have a few options. First, I can request to have a copy of all my data pulled. There appear to be some options for correcting the data found on that report, but I have little to negative interest in giving these firms better records on me. Second, I can opt to have all my data deleted. Depending on the firm, there are additional options. No service (of the three aforementioned) will let me complete multiple steps at once, leading to 10-minute per brokerage firm submissions (and yes, I have to verify my identity to perform these tasks) for each desired goal, i.e. getting a copy of my report, and coming back later to request deletion.

    Radio button menu, with note that can only submit one request per application. There are eight options.
    From the Epsilon privacy center application page. Note that I can only select one privacy measure per application, requiring 8x the work to fully remove my data and Epsilon’s use of it.

    Oh what fun! After about an hour of time, I submit three basic applications, to get a copy of “my” data (or data on the person these sites seem to think I am) from each of the three firms. I receive those reports each about a month after filling. The data inside those reports deserves a much longer post, but suffice it to say, there are plenty of errors. For example, my dad’s name shows up under one of my legal aliases. I’m pretty sure I know how it got there, as he’s listed as a legal custodian on my first bank account, and our motor vehicle registrations are intertwined.

    I can easily imagine a situation where this quickly becomes a serious problem. For example, would my dad’s property ownership records then get mixed up with mine, since our “legal aliases” are? I suspect that’s exactly what happened to me in the case that launched this entire rambling post. This is yet another case of the fallacy of data as truth, and it makes me consider attempting to track down the personal phone number of the CEOs of these firms and deliver a message about the importance of personal privacy. But, unlike these firms,ย I respect personal privacy.

    For the immediate now, I tell each firm (well, I take 10 minutes to submit a new privacy application, since opt-out culture is alive and thriving) they can’t use “my personal information”.

    To see the effects, I try to open a new checking account a few weeks later, at a bank I know uses these data brokerage firms to verify customer identity. Sure enough, where I should hit a “just verify a few basic facts for us by selecting from the following…” page, I get an error code! They are unable to verify my identity at this time! I am always so happy to see when the most fundamental errors go unhandled — for example, an API request returning a “no one with that profile in our system”. I am instead given a phone number to call, and it is the general number for the bank. I am reconnected three or four times before I make it to someone who can actually verify my identity. Interestingly, they ask only for a recording of the call for security purposes, and insist that it will not be used for any marketing ones (do we believe them? I sniff a future class-action lawsuit.) It takes the representative a few minutes to verify my basic information, including social security number (which I could have typed online anyway), and then I am told a decision will be made in a few days. While I am never notified of a decision, a few days later I do receive login information for my shiny new checking account.

    I’m not sure what the concrete results of my opting-out are yet. I know that it led to a long phone call and some honestly horrific hold music (banks should be ranked not by interest rate, but by hold music, hear me out), which isn’t ideal. At the same time, the information I had to provide this time was easy for me to provide since it was basic information that I, you know, am actually associated with. I am still curious how the final verification happened — was it even a full employee of the bank, or a contract worker? Who signed off on what disclosure of data? I was never asked to consent to any information sharing outside of the bank itself.

    I am also aware that, besides burning some time that I should probably be using to do other things, I am yet to encounter the more concerning implications of refusal. For example, with these “informal” tenant screening tools used by plenty of landlords, if I have no profile, will that count against me? I guess time will tell, but I am not entirely optimistic. To future me, I do apologize, but it was for the best (I hope).

    Notes: 

    I found the following site deeply helpful: https://privacyrights.org/data-brokers