17
AI messing around with our data
(lemmy.world)
"We did it, Patrick! We made a technological breakthrough!"
A place for all those who loathe AI to discuss things, post articles, and ridicule the AI hype. Proud supporter of working people. And proud booer of SXSW 2024.
So, if your phone has ever connected to the work wifi or your laptop to tour home wifi, IP address can be used to de anonymize you. Additionally, stuff like typing characteristics, browser add-ons, and your search history can be used to correlate two "unconnected" accounts. From the point of view of the advertisers, they don't really need to know that you're the same person-- that's totally irrelevant. They just need to know that the person receiving the ad is more likely to buy a product than a random person, so these correlation models are sufficient and they don't even need to know those two devices belong to one person.
I would also guess that you saw dozens if not hundreds of other ads that did not provoke the same response. So, the eerie feeling of this being too specific is just a statistical bias that ignores the many uninteresting ads you didn't engage with.
Also, depending on how you took the screenshot, they know that too. Even if you didn't use the browser, they can probably see that you spent more time than average looking at it, hovering your cursor over it, etc. Now they have more evidence that you have been "engaged" by this content. And, again, they don't care or need to know that you have two devices, just that the user of either device might buy some Hyde stuff.
Furthermore, most people search for things after hearing about them IRL. It's totally possible that someone you know googled something similar and Bing knows that you're associated with that other person. This social graph data can come from any number of social Media Sites or by tracking location or by tracking IP address or when Facebook was pre installed on Android devices a decade ago and mined your contacts without consent or or or...
It's really not magic, but, yeah, it's horrifying how predictable people are.
You do not have to connect to the WIFI
https://www.crowdconnected.com/blog/people-counting-customer-tracking-counters-vs-wifi-vs-apps/
While I know this is specific to tracking location at a specific venue, if this venue shares its data, you will be associated.
While that's true, modern versions of android/ios require you to enable location permissions for the app in question, so it's probably not true in general.
This is why you get weird prompts from apps needing to know your location when that's not really a functionality of the app. If the app can see the network name or Bluetooth hardware address, then it's considered personally identifiable location information and would be covered under something like GDPR, which is why they eventually implemented these features globally.
This is not about apps or permissions. This is your WIFI radio being unique.
Edit: This is not personally identifiable, but every little bit if data is getting analyzed nowadays.
Mac address absolutely falls under PII in my jurisdiction. I can't even use Google docs to take notes at work without violating a dozen laws. Granted this isn't the US, but it seems like the defaults have been moving towards the EU standards, especially after California vowed to write their own version of GDPR.
yeah. I misread your comment. You're very right about that and Google has "wifi hotspots" to track users around NYC. https://theintercept.com/2018/09/08/linknyc-free-wifi-kiosks/
however, modern android iOS also have Mac address randomization on by default, so google has that data but I highly doubt random retailers do. Unless you install an app or connect to the network wherein they do the other fingerprinting I mentioned.