You're not imagining it. Advertisers can now show us what we want before we know we want it.

In recent years, a disconcerting experience has been spreading among Internet users. The specifics of each anecdote differ, but the contours of the story are the same: someone has a conversation about a given topic. The topic could be anything from jewelry to travel destinations -- regardless, within hours the person sees a targeted ad on the Internet or a social media app for exactly that item. This has led to a suspicion -- that our phones are actually listening to us -- so widespread that it has become something of a meme. But what's really going on? Are our phones listening to us? Have we been searching for these items and simply forgetting? Are we all just imagining it?

The short answer is: no, we're not imagining it and no, our phones are not (as far as we know) eavesdropping on our conversations. But what's really behind all these stories is, in some ways, more disconcerting. And it has a fitting moniker: data creep. Understanding this phenomenon, and how to use online privacy tools like Orchid to protect yourself from the risks it poses, looks to be increasingly important as ever more of life moves online.

What is data creep?

Simply put, data creep is the collection of many data points about an individual over time. The accumulation of this data paints an increasingly detailed and extensive profile -- not unlike a credit report or medical file -- about that person's life. Over time -- eventually, years or decades -- every website you visit, online purchase you make, link you click, post you like, rideshare you hail, flight you take, Airbnb you book, and (if your GPS is on) street you walk down becomes a data point in this master profile.

No one will be surprised to receive targeted ads from websites they've visited, or for things they've actively searched on the web. The more observant will notice that these can change based on more subtle information -- for example, you might receive solicitations for different local businesses when you travel to a new city. But this sort of targeting is only scratching the surface.

Once a record exists cataloguing your online activities with the granularity detailed above, advertisers are able to extrapolate and draw second-order conclusions. For example, they can make relatively reliable assumptions about a person's demographic profile based on where they live, what videos they watch, and the sorts of things they shop for. If they then see that the same person was, based on their smartphone data, in proximity to a jeweler, they may surmise with some level of confidence that this person is in the market for an engagement ring. This is known as function creep. When this person subsequently sees a digital ad for a diamond ring, it will feel uncanny -- like someone has been eavesdropping. In a way that's true -- their data has been following them.

How much of a problem is data creep?

The uneasy feeling that we are being spied on by our devices is in some ways an indicator that data creep has missed its mark. But what about the many daily instances of data creep that don't set off alarm bells? After all, nearly everyone on the Internet is bombarded with dozens, or hundreds, of targeted ads every day, and most are simply ignored. And data creep undoubtedly offers us convenience, curating our online experiences to make our browsing, our purchasing, and our travel more seamless.

Pssst! You can get privacy news delivered to your inbox.

Subscribe

Your privacy is important to us. We will never share your information.

Outside of the occasional startling "coincidence," is there really a risk to this profile-building?

The answer is yes, for a number of reasons. From a fundamental standpoint, the practice of compiling entire dossiers of information on people without their knowledge or consent for commercial purposes is dubious at best. But having so much of our personal information out there on the Internet creates concrete risks. Most people are acutely aware of the threat posed by increasingly common online data breaches, in which people's sensitive data is stolen by hackers to be shared or sold. The problem is only accelerating: in the first nine months of 2019, more than 7.9 billion data records were exposed through leaks and breaches, and 2020 is on pace to far surpass this number.

Data creep also underscores one of the greatest threats posed in our online age. The accumulation of large amounts of data based on our online activities invites the risk of intensive surveillance of online activity for political purposes. The threat is straightforward: websites, Internet Service Providers, and any third parties they provide their information to can see everything we do online (unless use a privacy solution). But the ability to monitor online activity also opens up the possibility of further threats. If businesses and governments can see everything we do, it's not a big leap to imagine them using this power to control behavior and limit personal freedom. Governments around the world already collect vast amounts of data on their citizens -- including those not suspected of any wrongdoing. If unchecked, this risk is only likely to grow in the future.

How to minimize the risks of data creep

Fortunately, individuals are not powerless against the perils of data creep. With the right combination of tools, we can go a long way toward protecting ourselves from the risk, and the invasiveness, of data creep. This starts with always using a privacy solution when we go online, whether we're remote working or learning from home. Orchid, a decentralized privacy marketplace, brings together some of the leading VPN providers in a unique blockchain-based network. Users can configure multiple "hops" for increased privacy, and payments are obfuscated through our unique system of probabilistic nanopayments. And don't worry -- while Orchid uses a digital asset known as OXT, setting up an Orchid account and getting started is a simple two-step process requiring nothing more than an ordinary credit card. With Orchid, people can reclaim their privacy from third party surveillance and data creep.

Download the Orchid app to start exploring the Internet freely.