Five years ago, around the time that big data became a thing — when the “big data” meme made its way into the business news — I heard about a stealth start-up on the West Coast that was assembling “the data of the 300 million most valuable people on the planet.” The business goal was to become the “capo di tutti capi” — the biggest badass data broker in the world.

That was back in the days when possession of the data was ten-tenths of the law, no matter how you got hold of it. (I was wandering down a dark alley in a shady part of the web when I suddenly heard this whisper in my ear, “You looking for personal data, Bud?”). Facebook’s thoughtless and foolhardy behavior changed the game and GDPR (coming next month) will have further impact.

I never heard much more about that start-up, so I guess she ain’t going nowhere.

The Facebook Thing

Let’s add some perspective to Facebook. Sure it exploits your personal data so that advertisers can better target you with their ads. And far worse, they allowed apps to scrape all your data to the point where they could acquire thousands of your personal data items. And some apps did that. So basically your Facebook data was scooped up and may have made its way onto a thousand databases. So Facebook became a data broker, but more by incompetence than by intent. Mark Zuckerberg has earned whatever insults you throw at him, but he is not alone in his contempt for your data rights.

Sometimes the exposure of your data can be put down to lousy IT. If you want a good example, read this tale of woe about Emirates.com (a case study). It will give you another cut on the dereliction of duty of care. Here Emirates.com exposed personal data persistently, but accidentally. And it’s not unusual; personal data is often exposed that way. In 2017 about 5.3 billion records were released by accident. That’s more than twice the 2.6 billion records known to have been harvested by hackers.

The Dirty Data Brokers

The real data pirates are the dirty data brokers like Cambridge Analytica (the real villain of the Facebook scandal). They make it their business beg, steal or borrow personal data, and then they weaponize it. Many people were incensed by Cambridge Analytica’s only because they may have strongly influenced the US 2016 election and the UK Brexit election. But before they did any of those things, they stole personal data with intent. We should be furious because they filched our data AND we should be furious because they used it against us.

There’s Gold in Them Thar Data

And we will be even more furious when we appreciate how valuable that data is.

It has long been known that personal data can be very predictive. (See Your Data, Red Shoes and Black Leather Furniture.) Back in 2007 two Cambridge University academics (Dr Michal Kosinski and Dr David Stillwell) discovered that with knowledge of about 68 Facebook “likes,” they could predict with reasonable accuracy a Facebook user’s:

1. skin color
2. sexual orientation
3. political affiliation
4. intelligence
5. alcohol use
6. cigarette use
7. drug use

and even whether a user’s parents were divorced.

During a public presentation in September 2016, Alexander Nix, Cambridge Analytica CEO boasted that the company possessed four to five thousand data points on every adult in the United States and could model the personality of each one.

So what should we think of Palantir?

Palantir Technologies Inc. was founded in 2005 and was soon mining data for the Pentagon and the CIA in Afghanistan and Iraq. It is an algorithm company that does data diagnosis — tell me where it hurts you honey, and I’ll tell you who to call. But in doing such work, a vast amount of personal data passes through their hands and finds its way onto their storage devices.

And that’s perhaps a good thing if you are hunting down Osama bin Laden and it may also be a good thing when you’re discovering Medicare fraud for the U.S. Department of Health and Human Services.

Nevertheless, the fact is that Palantir has got (probably) the most complete and up-to-date pool of personal data about US citizens outside of the NSA, and it has algorithms to go.

Get Your Dirty Hands Off My Data

The question Palantir raises, which will soon require an answer, is whether the compilation of a digital dossier of your data is legal without some kind of court warrant.

That’s a civil liberties issue perhaps, but it’s not just that, it’s also a commercial issue.

Dastardly data brokers and diabolical data scientists are pillaging our personal data without our permission. They are mining our resources. They are stealing from us.