Your tweets and online habits could soon take their place alongside resumes, rental histories, credit scores, and the like, as a means of determining your suitability for renting an apartment, getting a job, and who knows what else.
A British data-mining startup called Score Assured has developed a system that it claims can dig up and analyze people’s social media content and history, in order to measure to their worthiness—financial and otherwise. The company plans to market its system to employers and even dating services but, for the time being, has only implemented it for landlords.
Tenant Assured is a web-based service first made available two weeks ago to landlords around the world. The service essentially forces people to open up their social media accounts to the prying eyes of landlords as part of the process of applying to rent an apartment.
The service immediately attracted a heap of negative feedback and this week the website says that the Tenant Assured is “coming soon”. This may mean that Score Assured has temporarily pulled the plug, at least on the front end of the website. Whether this affects the back end, where landlords direct prospective tenants, is not known.
This is how Tenant Assured works:
A landlord who's signed-up with Tenant Assured sends all of their rental applicants to a special link on the Tenant Assured website. They are then asked to provide full access to up to four of their social media profiles—on Facebook, Instagram, LinkedIn and Twitter. These are then thoroughly crawled, scraped, and analyzed by Score Assured. The scrutiny includes conversation threads, private messages, and contact lists.
A report based on the contents is then produced and delivered to the landlord.
Washington Post reporter Caitlin Dewey submitted to the Tenant Assured process and described the resulting report as “creepy”, to say the least.
Dewey says that her “personal tenant report” included a list of her closest friends and interests, a percentage breakdown of her personality traits, a count of the times that she tweeted the words “loan” and “pregnant”, and a prediction that she would pay her rent consistently. Dewey said that the Tenant Assured algorithm counted any references that she made about shopping and going out on weekends against her credit-worthiness.
Concerns that the service is a gross violation of personal privacy were brushed off by the company, which trotted out the oldest authoritarian assurance about surveillance in the book, namely, "If you’ve got nothing to hide, you’ve got nothing to fear". Or, as Score Assured’s cofounder Steve Thornhill put it to reporter Dewey:
“If you’re living a normal life then, frankly, you have nothing to worry about.”
Thornhill further pointed out that people had to give their consent to the Tenant Assured process and that it was really not much different from a background check or credit rating.
Of course it’s very different, as Dewey points out. There are long-standing laws governing credit and background checks and there are processes in place to allow people to see their credit reports and correct inaccuracies.
Unfortunately, unless you’re a Washington Post reporter, you will not get the chance to see the report that Tenant Assured produces on you, which is too bad because, as Dewey says, it will likely paint a misleading picture of you.
Although landlords anywhere in the world can sign up for the service—including right here in Vancouver—it’s is not clear what laws in any given jurisdiction could hold such an online service to account.
It’s also unclear what’s to stop Score Assured from utilizing the collected data in other, unspecified ways. Just because the service is called “Tenant Assured” shouldn’t assure anyone that Score Assured isn’t playing a longer game.
Just to be clear, the Tenant Assured business model is based on the coercive taking of people’s personal information.
Far from giving people a real choice to say yes or no, if enough landlords in any given area sign up to Tenant Assured, then prospective renters will have no choice at all but to say yes to having their social media accounts analyzed. That is, if they want to get an apartment.
Too much latitude with the longitude
All the old privacy concerns over the collection of big data by governments and a handful of the largest commercial institutions have shifted in recent years to what’s happening on the wild west of the Internet. But the collection and monetization of personal information, that most people are vaguely aware of—by the likes of Google, Facebook and Twitter—is only the tip of a growing iceberg.
The Internet, the largest computer network in the world, has also become, by far, the largest “longitudinal” database in the world, containing years-worth of personal information of every sort, on millions of Internet users.
Historically, only the largest public and commercial institutions in society, such as governments, insurers and medical providers, have had the scale, the resources or the need to track the activities of millions of people systematically, or longitudinally (a longitudinal database being one that tracks information on a group of subjects over a period of time).
For example, Statistics Canada maintains the Longitudinal Immigration Database (IMDB), which is designed to track the economic progress of immigrants to Canada. This database keeps tabs on on all tax-filing immigrants landed in Canada since 1980. It combines landing information from Citizenship and Immigration Canada with annual tax return data from the Canada Revenue Agency.
Under years of scrutiny and advocacy by privacy watchdogs, government agencies like Statistics Canada have evolved degrees of safeguards on their large longitudinal databases and there is, at least, an expressed culture of responsibility over the inviolability of the data that these agencies hold.
The same cannot be said of the Internet, which is just one big free-for-all. However, for better or worse, this largest (and largely unregulated) repository of information on Earth, that billions of people access each day, has, due to its unintentional latency, also become the largest longitudinal database in history and a veritable Klondike Gold Rush for data miners.
Another unintended consequence of the Internet
Not always for any particular reason, the Internet retains meaningful digital traces of literally trillions of personal interactions going back over 20 years. (I can still find traces of my activity on Usenet group threads going back to 1995!)
Information privacy laws are nationalistic and territorial, while the years-worth of personal information that floats around on the Internet, like digital flotsam and jetsam, is in international waters, so to speak. This leftover information has largely been seen as junk and fair game for anyone who can figure out how to salvage it for a profit.
Data mining of social media is nearly 18 years old, or as old as social media itself. At least it is when you count that Web 2.0 social media platforms, such as Facebook, Google search, and Twitter, were all purpose-built from the beginning to collect and sell user metadata.
Otherwise, the aggregation and collection of all latent social media data for sale is a somewhat newer phenomenon, made real by the increasing sophistication of data-mining techniques, coupled with the exponentially growing quantity of valuable personal data just waiting to be hoovered up on the Internet.
Creepy is as creepy does
The data-mining/brokering/aggregation sector is large, hugely profitable, and very difficult to sort out. It’s largely made up of companies with generic names like Acxiom (which owns TowerData), Neustar Localeze, and TARGYSInfo (bought by Neustar in 2011). All these companies try hard to keep out of the public eye. And yes, there seems to be a lot of consolidation.
Rapleaf, to take a fairly prominent example, was the original name of TowerData, a pioneer social media data miner, or “aggregator”, founded in 2005. The company keeps a low profile now but its data-collection habits, including profiling Internet users by name, made it quite controversial for years.
Back in 2011, the obsessively detailed “anonymized” reports that Rapleaf compiled on Internet users, were branded as “creepy”. Again in 2014, when it was called LiveRamp, its habit of selling people’s data under their real names (called “customer onboarding”) was considered creepier still.
To close, an open source developer, of all things, caused a stir in privacy and security circles in 2011 when he released a geolocation aggregator designed to pinpoint a people’s locations on a map, based solely on an analysis of their publicly available tweets, Facebook posts, and Flickr streams. Appropriately he called his app Creepy.