Anonymity vs. Privacy

The other day I was listening to an episode of Rework where they were they were talking about their decision to switch hosting providers for their podcast because their old provider, Art19, was introducing targeted advertising to the platform. Basecamp as a company is eschewing targeted ads because mass surveillance doesn’t align with their values. 👏👏👏

Don’t Worry, the Data is Anonymized

The first half of the episode is an interview with the Chief Revenue Officer of Art19. One of the defenses that he uses for their use of personal data to target listeners is that the data is anonymized; they don’t know who you are, just that you belong to some demographic that they’re targeting. Setting aside the fact that anonymized data might not be, this seems to me to miss the point. The concern is not whether or not you know that it’s me you’re targeting with these ads, the concern is that the targeting itself is an invasion of my privacy.

Privacy is about exercising control over who gets to know certain things about me and who doesn’t. This has nothing to do with anonymity. My health, my relationship status, my sexual orientation, these are all very personal bits of information that I should be able to decide whom I tell and whom I don’t. The objection to surveillance capitalism — or at least my objection — is that it takes that agency away from me and finds out this kind of information without my consent.

One of the examples they come back to frequently in the podcast is targeting parents with ads related to parenting, which perfectly illustrates my point. Whether or not I’m a parent is something that I consider to be highly personal. Typically (as I understand it) when a person becomes pregnant, they don’t tell people outside of immediate family until they’re out of their first trimester, and the circle of people who are told slowly expands as the pregnancy progresses. Some people may choose to tell everyone they meet as soon as they know, which is perfectly fine, the point is that it should be their choice whether to keep it under their hats or broadcast it to the world. Surveillance capitalism completely disregards whatever desire I may have regarding who knows whether or not I’m a parent by spying on my activity and attempting to deduce whether or not I am.

Whether you attach that information to my name or to an advertising ID is beside the point, the point is that information about me is mine to give, not yours to take.


The other piece of the privacy concern is that advertisers aren’t gathering all of this data for my benefit, they’re doing it to use my data against me, which, again, has absolutely nothing to do with anonymity. People in the advertising business will always talk about how much they want to help consumers by delivering “relevant” ads. But the only reason they care about relevance is because irrelevant ads are guaranteed, by definition, not to result in a sale, which is what they really care about.

When I was a kid watching cartoons on Saturday mornings the ads were all for toys and sugary foods. Now, arguably, ads for Cinnamon Toast Crunch were relevant to me because I like that cereal, but to pretend that just because those ads were “relevant” to me that they were for my benefit is absurd. General Mills was not advertising Cinnamon Toast Crunch because they had the best interests of American children at heart, they did it because they knew this would result in sales for them. Encouraging kids to eat sugary cereals on a daily basis is quite obviously not for the benefit of the kids, it’s for the benefit of the company selling the cereal.

So, yes, you may not attach my name to your profile of me, but you still have a profile of me, and you use that profile for your benefit, not mine. That is an invasion of my privacy.

Privacy Without Anonymity

It occurred to me while I was thinking about this that there is an example of how you can maintain privacy without anonymity, and that is medical records. My medical records are by necessity associated with me, and yet it is my feeling that these are kept private.

First, the data in my medical records are collected with my consent and not distributed without my consent. Second, anyone working with medical records are bound by laws intended to protect my privacy. Finally, these records are gathered primarily for my benefit, not the benefit of the care providers or the insurance companies.

The way this works in practice may be imperfect, but it demonstrates to me that anonymity is not even a necessary component of privacy, let alone sufficient for ensuring my privacy is protected.

So when someone excuses their surveillance by claiming the data is anonymous, that suggests to me that, at best, they don’t actually understand my concerns about privacy, or worse, they’re trying to distract me from my concerns by conflating privacy with anonymity.