Yet you and I, the users who actually create this data, have little to no control over what it’s used for. Having control over our data means being able to view it in its entirety whenever we want (instead of having to file a formal request with an energy provider, for instance) and to decide if, when and how companies may use it.
“The mere fact that the data is in the cloud puts it at least one or two steps from you having control,” says Lee Tien, senior staff attorney of the Electronic Frontier Foundation, a nonprofit digital rights organization. “If you lose access to the Internet, you lose access to your data.” Ideally, Tien says, you would possess a complete copy of your data from all the services you use, downloaded to your computer — and in a perfect world, you’re the only who would have it.
New services are getting on board with that idea. From a vault for your most sensitive documents to a private browser that could one day allow you to sell your data yourself, the services below can help you reclaim control over your digital self.
Your personal encrypted cloud service
Personal is a highly encrypted cloud storage service where users are the only ones with the key necessary to decrypt their data. You can manually upload documents as well as email passwords, account numbers and addresses. Partner service Fillit can automatically save data fields to your cloud. For example, if you’re shopping for car insurance, once you fill out one application, Fillit can auto-populate others.
A link between Personal and the Department of Education allows you to import all data fields from your FAFSA application and National Student Loan records. You can also import data from Facebook and LinkedIn. In the future, says Personal’s chief policy officer Josh Galper, federal health records will also be available for import, letting you manage and share your medical history with doctors or insurance providers as you see fit.
If you want to share data with a trusted friend (for example, so that your spouse can fill in a mortgage application), you can send a key to decrypt and download a particular piece of info from your vault. You can also delete your account at any time, wiping out your virtual vault but keeping everything you’d downloaded.
Personal doesn’t store your log-in details, and since each vault is encrypted, the company itself cannot view the stored data. However, the weak link in the security chain could be devastating if broken. A Personal password that gets hacked due to lax personal security or the theft of a device that’s still logged in could give thieves access to — well, everything, ever.
Price: $29.99/year or $2.99/month with a 30-day free trial
Download social media posts to one secure location
SocialSafe saves a copy of all your social media posts and photos to a local hard drive. Currently supporting seven networks, including LinkedIn, Facebook, Twitter and Instagram, it’s searchable across all accounts for specific content such as particular friends or posts about an event. Analytics tools let you see highlights such as most popular photos and which days you’ve posted the most, over any period from a day to lifetime.
Founder Julian Ranger says that the company has no access to user data at all. “We have no servers, no central database that could be a target of a hack,” he says. Instead, users download the SocialSafe software, which connects with each account to directly download your data.
SocialSafe will become even more useful as other types of providers join its ranks. Ranger says that integration with fitness, financial and retail outlets is in the pipeline, and the coming months will see the inclusion of location check-ins, Spotify listening habits and data on the so-called quantified self (diet, fitness and sleep habits). This will allow you to obtain copies of data that’s hitherto been disparately held, and, as Ranger says, gain insight into your own behavior.
Price: $6.99/year (four linked accounts) to $27.99/year (20 linked accounts) with a 30-day free trial
Centralize your bills safely
Bill fetcher FileThis, which will be out of beta testing this year and is expected to support 1,000 services by 2015, connects with utility and financial providers to import bills and statements to your local hard drive or a cloud service like uber-secure service Personal. FileThis supports major banks, Paypal, Verizon, American Express and many energy and water companies.
Once you’ve fetched the documents you need, FileThis can recognize fields (dates, keywords and account numbers) and file various types of statements for easy searching. For example, a National Grid statement would be put in a Utilities folder, then tagged with keywords such as “Gas & Electric” and “Invoice.”
Because FileThis uses bank-level encryption standards and encrypts your log-in details as soon as they’re entered, linking accounts by giving FileThis usernames and passwords should be as secure as online banking. Documents aren’t stored on its servers but simply pass through, encrypted, so hacker breaches should not give access to your data.
Price: Free when linked to six accounts; $2/month or $20/year for up to 12 accounts; or $5/month or $50/year for up to 30 accounts
Collect and protect your browser history
The Meeco browser takes privacy one step further: It stores and encrypts your search history and so-called rich personal data (such as location, age or other info mined by website cookies) in a personal cloud, much like Personal’s model, so that data brokers can’t sell or use the data for advertising. Instead, what you do on the Internet is visible only to you. The idea is that eventually, you can allow particular companies access to particular data about you in exchange for monetary compensation.
The Meeco browser also keeps your web surfing more private by breaking down your history into individual sessions, making it much harder for websites to know who you are and where you’ve been.
Price: Free, currently in beta testing at meeco.me
Download your medical and utility records
In 2010, the U.S. government launched the Blue Button initiative to allow individuals (initially veterans) to download healthcare records. Now many more providers, including labs and pharmacies, allow patients to download medical histories and share them with hospitals, doctors and health insurance companies.
Green Button is the project’s equivalent for energy companies. At the time of posting, 67 energy companies covering 43 million households were participating, allowing customers to download their usage history.
Seeing profit in privacy
What happens if a company’s servers are hacked or a visionary startup that puts privacy first gets bought, as WhatsApp and Instagram were, by a tech giant with a more lax view on user data?
“If the encryption technology is perfectly implemented, then a data breach would be less of an issue — and even if the company is sold, its new owner should still not be able to access user data,” says EFF’s Tien. “But if tech isn’t guaranteed, then what matters is what the terms and conditions say.”
Take Personal: The bulk of its revenue is intended to come from companies, such as the businesses that pay for information on users who auto-fill online forms using the service. The for-pay model seems to assuage customers’ privacy concerns. “[In its early stages], people wanted to pay to subscribe to the service, so that they know they’re not the product,” says Personal’s Galper.
At the end of the day, as EFF’s Tien says, “Everything is all about economics.” If a company can turn a profit by tapping into a burgeoning need for privacy, it’s more likely to release a privacy-friendly product. And as Americans grow savvier about online privacy, so will the demand for services whose business models respect user data — and our right to its control.