No doubt many of you use or know people who use the online genealogy website Ancestry.com. Its billions of genealogy records are innocuously searched by millions looking to research their near and distant ancestors.
Ancestry.com is the largest for-profit genealogy company in the world, and the world’s largest provider of DNA testing and tracing services.
It was sold several weeks ago for US$4.7 billion to private equity fund Blackstone Group Inc. With an eye to a return on its investment, Blackstone believes Ancestry has a “significant runway for further growth”, especially as consumers “stay home during the Covid-19 pandemic”.
So, whilst companies are bought and sold every day of the week, what Blackstone aims to do is profit from the DNA and private and public records of the customers. The product is the customer.
Should we be concerned? After all, Facebook has been doing this for 15 years (and I am coming to them in a moment).
In the case of Blackstone, the bigger picture needs to be considered.
Blackstone has since 2012 owned the Motel 6 chain in the United States. In 2018 Motel 6 was found to have violated the privacy of its Hispanic guests by regularly giving (without a warrant or subpoena) detailed guest lists to US Immigration and Customs Enforcement agents. Those agents went on to target guests by nationality and arrest 20 people at Motel 6s.
The privacy breeches ended in court, and Motel 6 was ordered to pay US$7.6 million in compensation and court costs. Motel 6 issued the usual corporate faux apology and denial of unlawful conduct.
What can we make of Blackstone having the DNA records of millions of people? Will there be a clause deep in the fine print allowing Blackstone to on-sell the private data of their customers?
The gold standard for being loose with private data for its own advantage is, of course, Facebook.
Facebook morphed from CEO Mark Zuckerberg’s creation Facemash – an online programme he created at Harvard University to allow users to objectify other students by rating their ‘hotness’. Facebook regularly finds its corporate morality under fire for sharing private data of users or having insufficient safeguards to prevent data being harvested by third parties.
Barely a year goes by without a Facebook data breach, be it user data being obtained by Cambridge Analytica to create “psychographic” profiles and targeted pro-Trump advertising, to multiple Apps being able to access private Facebook data through security loopholes, to exempting its business partners Bing search engine, Netflix, Amazon and Yahoo from its usual privacy rules.
These violations of trust usually enter the public domain with an appearance by CEO Mark Zuckerberg before a government committee, and always with a hollow commitment that Facebook will do better in the future to secure the private data of its users. Scaling up enforcement and compliance measures is always promised, but evidence shows it is rarely delivered.
The billions of dollars in fines paid to American and European regulators has not been an incentive to ‘do better’ – enforcing the impression that the financial returns in selling the data continue to be more than disclosed. Furthermore, the company operates under a mantra of don’t ask for permission, ask for forgiveness if caught.
This disturbing corporate culture hides behind the façade of social interactions, shared experiences and e-commerce. If people are willing to give up a measure of personal information and privacy to be a part of it, so be it.
But it pays to remember the business model of Facebook is to monetise the private experiences of its users. They (and Blackstone) are not providing their respective platforms out of the goodness of their hearts. And past behaviour is the strongest predictor of future behaviour.
By his own admission, Greg Smart was born 40 years old and is in training to be a cranky old man. He spends his time avoiding commercial television and bad coffee.