Rapid Blog: Your privacy and our elections, now for sale

As the president and founder of LaFleur Marketing, a Grand Rapids-based digital marketing company, Chip LaFleur understands how data is gathered and used to influence individuals' behavior in advertising. Now, he is witnessing the same tools being used to manipulate voter behavior and other aspects of the United States' democratic processes. Here, he explains what that means for our country.

This op-ed is part of Rapid Growth's Rapid Blog series, which highlights the voices of leaders making positive change in Grand Rapids. This week's post comes from Chip LaFleur, the president and founder of LaFleur Marketing, a Grand Rapids-based digital marketing company that primarily works with law firms. Well-versed in the gathering and use of data to influence individuals' behavior in advertising, Chip has witnessed the same tools being turned toward manipulating voter behavior and other aspects of our country's democratic processes. Here, he explains what that means for our country.

As the president of a digital marketing firm, I tend to want access to as much data as possible, but recently I’ve been gravely concerned about the accessibility of data that should remain private.

Through my work in marketing, I’m familiar with the tools we use to influence end users and entice them to hire a client of ours over a competitor. We have tools to see who specifically has visited pages on our clients’ websites as well as how many times, which pages, and how long they spent on each page. We can also create audiences and target them based on minute and specific categories surrounding people’s online behavior. This gives us the ability to craft messaging that is shockingly specific to each individual user.

When people hear this the first time, they’re often surprised that this sort of data is compiled for marketing purposes — sometimes even alarmed at the notion. But the fact is that the kinds of tracking, targeting, and audience segmentation methods that companies like mine use are benign and relatively primitive compared to some other applications that we’re beginning to see.

The Death of Privacy?

On April 3, 2017, President Donald Trump signed into law a repeal of FCC regulations that protected internet users here in the United States from the sale of their browsing data as collected by their internet service providers (ISPs).

This data is markedly different than the data collected by, say, Facebook or Google. While those are powerful and popular websites, they only comprise a small fraction of your online activity; meanwhile, 100 percent of your data passes through Comcast, AT&T, Verizon, Charter, and the other corporate ISPs that control the “last mile” of cable connecting you to the internet. It’s possible to get by without using Facebook or even Google if you’re determined to do so, but cutting yourself off from the internet because your ISP is aggregating your data for the highest bidder would prove much more challenging.

So far, I’ve been talking about data usage from the perspective of advertising initiatives, but there’s a much more important aspect to consider here. Leaders on both sides of the aisle have recognized the influence that Russia exerted (or at least attempted to exert) on our recent elections. This effort has been a complex and thorough assault, using state-of-the-art technology and a combination of advertising-like tactics that effectively influenced end users to modify their behavior.

Russian Election Tampering and the Risks of Depleted Privacy Protections

In general, when you’re looking to modify user behavior, you aren’t looking convince someone that the sky is green, or that up is down. You’re looking to leverage an existing inclination that already exists and exploit that inclination just enough to make them modify their behavior.

Historically, advertisers have accomplished this by spreading messages through platforms that require at least some degree of transparency, which means spending can be monitored and entities like foreign governments can’t interfere. If you spend money on Google or Facebook ads, there’s a paper trail and the spend at least falls under election oversight.

During the past election cycle, however, we saw the emergence of a shadowy new channel for influencing people’s behavior. We know that Russian hackers were able to penetrate voter databases in at least two states, Illinois and Arizona, and download the records of up to 200,000 state voters in Illinois alone. We saw “troll” and “bot” accounts infiltrate social media and target individuals based on their historical voting positions as well as their publicly-viewable social media information, all with the end goal of modifying their behavior at the polls. This was done by presenting information that appeared to come from within or just outside of the user’s own social circle — information that specifically appealed to positions that the user already held.

That messaging existed outside of the realm of trackable advertising budgets, and that’s a big problem. What this means is that a foreign government spent an untraceable amount of money influencing the American electorate, and that’s something that Democrats, Republicans, Independents, Libertarians, and nearly every other American political party or affiliation should be concerned with.

In this case, though, the data available to these foreign entities was at least somewhat limited by privacy protections that are in place, or it had to be captured by illegal hacking. The repeal of FCC protections and the opening up of ISP data for sale to the highest bidder will likely change that in the future. Algorithms and tools like the ones used by Russian actors last year, while effective, are still in their infancy in 2017 — but with a massive infusion of data from ISPs, they may reach a frightening level of maturity before the public even has a chance to reckon with and understand them.

What Consumers Can Do

There are a few things that you can do to protect yourself. The first is to invest in a reliable virtual private network service, or VPN, which masks your data from your service provider. Hopefully, many people will take this step and prevent their personal data from being sold to the highest bidder or bidders (nothing stops your service provider from selling your data repeatedly).

Still, this step is not enough; some people can’t afford the cost of a VPN, and many others lack the technology skill set to set one up and keep it running properly. This is why I believe the repeal of FCC privacy protections may prove to be a critical mistake, and why I believe our government as well as each individual citizen bears a responsibility to address this issue.

Allowing our privacy to be violated in this way is not just a matter of exposing us to unwelcome ads; it provides an extremely powerful weapon to nations and other actors who want to undermine our democracy and are willing to use any means necessary to do it.

Enjoy this story? Sign up for free solutions-based reporting in your inbox each week.