Ads in My Twitter Stream – What Happened to Informed Consent Hootsuite?

A couple of days back I chose to follow my normal course of behaviour and play with any new Twitter clients for my much loved HTC Hero.  As yet there has been nothing on par with the truly awesome Gravity client on Nokia’s Series 60 by @janole so anything new gets a fair go.

I’d seen reviews of Hootsuite’s new client and after throwing a nice shiny baked ROM at the Hero I was able to download and install Hootsuite Lite.  There is a paid for version ($1.99 at time of writing) but as the only additional benefit I could see was the ability to handle more than 3 Twitter accounts (and I use but 1) there was little point in spending the cash just to see if it works.

Setup was simple enough, even though the you get hassled a couple of times to create a new Hootsuite account before being offered a connection to your Twitter account.

Now I’m not going to review the application other than to say it’s very usable, has some decent thinking around navigation and handles a Twitter account admirably – at least on par with the current leader Seesmic in my opinion.  But something odd happened after a feed refresh sometime on Saturday.

I was out and about, hit refresh and a curious new message appeared in my stream from someone I don’t follow.  This in itself given Twitter’s problems of last weeks with random tweets appearing was nothing too odd but this tweet had a different coloured background and the format of the message was odd.

I quickly sent out a tweet to the crowd asking if anyone else had seen these “ads” but everyone who responded hadn’t. Was this the first inkling of the much talked about Twitter advertising model.  If so it was pretty well exactly what I had expected it might be but had no knowledge of it having yet been enabled.

Of course being out and about research was a little hard to do.

So yesterday I sat down for half an hour and did some digging.  It turns out that Hootsuite have partnered with a third party Twitter advertising agency called 140Proof who’s model is to sell advertising messages injected directly into one’s stream by the client application.  They look and feel like tweets but they aren’t – they are put there ONLY in the application stream.

They are inoffensive and not at all obtrusive, as I said they pretty well looked and felt how I would expect a Twitter ad to be BUT I hadn’t asked for them and more importantly I couldn’t recall ever being informed that I was going to get them.  There were no signup T&C’s with the mobile app, no details easily found on Hootsuite’s web page, nothing.

A little more digging and it turns out that, according to this article on Techcrunch that,

Twitter clients pass 140 Proof a user ID list (with no names) and the public information contained in a Twitter users profile, and on the advertiser side, advertisers bid on ads to be directed toward users based on keywords in tweets, followers, as well as device, location and platform. 140 Proof’s algorithms calculates Twitterer’s “persona” based on public tweets and who they follow and serves ads to users based on this data.

YOU WHAT?  So without my permission Hootsuite passes my PI and graph to a third party who then does their thing with it, sells that bundle (anonymously granted) and throws back a targeted advert!

Now sure my stream is public and viewable by all but that doesn’t make it acceptable for a business to utilise that information for their own gain without at least first asking for permission.  What happens if you have a private non-publicly viewable Twitter stream?  Does Hootsuite not work or do they just blindly continue to pass that data on to 140 Proof?

I don’t mind the ads, they make sense, they (in theory and assuming I pay them attention) pay for Hootsuite to offer up their client for “free” (read no money there) but informed consent is required.

For the record NOT one of the adverts I  have seen over the last couple of days has been even vaguely “relevant” nor have I clicked through on any.

I’ll be having a chat with some people over just what consent they should have obtained as surely there must be a requirement in the EU but it’ll be more interesting to see just what sort of lifespan the 140 Proof model will have once Twitter actually do get their advertising live.

UPDATE: I am interested to hear from anyone who has knowledge of the BT/Phorm case being brought by the CPA;  specifically the abuse of Regulation of Investigatory Powers Act (RIPA).

If Hootsuite are intercepting my profile and tweet stream and shipping it off (hashed or not) to 140Proof for analysis and spam would this constitute a breach also?

Don’t get me wrong I don’t want Hootsuite punished I just wonder if this is/were the case what would be their knowledge of the issue and how would the choose to address it.

Are Modern HR Practices a Zero-Sum Game?

Today’s article entitled “Half of Employers Reject Potential Worker After Look at Facebook Page” In the Telegraph reports that;

Bosses are now using the popular social networking site as a tool to double check how likely it would be that their new worker would take a sick day for being hung-over or on drugs the night before.

And job seekers were being found out for lying about their qualifications, with employers checking their Facebook pages to see if their online details matched their resume.

No great surprises there.  After all background checks, references and such have been the bread and butter of the Human Resource industry for yonks and let’s be truthful here; business and HR in particular has never been great advocates of treating people as people.  Liri Anderson highlights some of the absurd thinking in her post here.

But the article had me thinking, especially in light of Mark Zuckerberg’s recent Crunchie Awards statements on privacy and sharing.  With open sharing of very personal information rapidly becoming “normal” (at least within a certain and growing portion of society) businesses are being offered up a far greater insight into who people really are, their true identity.

I recently spent a day being psychometrically tested, a practice I have had little respect for in the past.  But this time it was different.  After an hour of online tests prior to even leaving home, I spent the best part of 9 hours being subjected to a battery of tests, exams, questionings all culminating in a fairly probing interview with an industrial psychologist.

Throughout the whole process I was very conscious of the various (seeming) inconsistencies in my responses, my body language, volume, level of language – the whole performance. The psychologist then blew me away by not only articulating back to me all of those traits but painted a picture of me that was so close to my own view that I could not fail to be impressed.

And of course the whole exercise is designed to see through performance, misdirection and untruths.

With the rapid increase in sharing of personal information HR practioners now have the ability to undertake much of the due diligence that would be accurately be shown up by the above process themselves, in-house with no context, response or even the applicants knowledge.

I’m not going to argue the rights and wrongs of this surreptitious behaviour (although I give a nod towards Deep Packet Inspection) but I do want to pose a couple of points;

1) Are we going to see third party agencies now remotely scanning peoples online behaviour in order to offer up a “professional” opinion of that candidate based on nothing more than what is actually shared as opposed to that which is not expressed?  Where will the oversight come from and can these businesses build a credible model?

2) In Zuckerberg’s ideal world we all share more and share more openly.  Given this scenario when will the tipping point come where candidates are equally exposed and deemed inappropriate; what then?  Does this point surely not create a Zero-Sum game for this practice of pseudo-psychology, one where employers realise that the process will not actually highlight potentially “bad” employees but that people are just people.

Simple honest privacy for Costa Competition

In my usual daily trawl of interesting stuff I came across a competition from Costa Coffee in the UK to win a year’s free coffee and as anyone who knows me – free coffee has got to be a good thing.

The compo, it turns out, is actually just a draw, you know the sort of thing; enter your contact details, don’t win and yet still get bombarded with masses of junk marketing from all and sundry.

Well here’s the entry page and it quite clearly says Costa aren’t going to use your details for that, and the terms and conditions are equally simple, fair and honest.  A great nod to consumer privacy and not abusing it.

Simple privacy terms from Costa Coffee

A massive WELL DONE to Costa for breaking the norm and offering to play nicely. (needless to say yes I have entered)

Someone ALWAYS Pays – A Business Truism

Irrespective of whether a company’s business model is based on direct sales or pyramid schemes, personal value or freemium at their very core all business models are united in the simple premise that; someone always pays. I’ve understood this, as I am sure anyone in business has, for many years.  No matter how altruistic one may feel the process of doing business costs money, and unless someone pays for those costs that business very rapidly is going out of business.

Shelly Palmer, MD of Advanced Media Ventures Group LLC articulated this simplicity brilliantly in his recent blog;

There are only three business models: I pay, you pay or someone else pays. That’s it.

I pay means that I (the publisher of the content) am willing to fund the creation, production and distribution of the content for my own purposes.

You pay means that you are willing to pay me for my content.

Someone else [They pay] pays means that a third party is willing to pay me so that you can consume my content.

Simply no matter what the business model being adopted someone always pays. This works well for me; I’m quite simplistic in my view on the world, breaking things down into basic building blocks.

When talking about those business practices that have impacted upon consumer privacy, for me, once one can accept that really all business models are much the same and that emerging models really can’t be to blame one can move on and start to look for those areas more culpable.

What are those areas?  Well I think that the payment mechanisms that underpin business models leave an audit trail of their impact but that’s another story.

Internet Eyes is the Worst Kind of Citizen Snooping

I’m angry and I don’t like being made angry – it clouds my thinking, renders me even more ranty, more random than usual.  The intellectual side of me says “step back, take a breath and wait for the dark cloud to move on before passing comment” but honestly this CAN NOT wait.

Everyone in the UK (and to some degree around the globe) knows that the UK is the most CCTV’d nation on the planet.  Something like 3.5 – 4 million cameras and the average UK citizen being captured 300 times A DAY!  Billions of pounds of public money, and countless amounts of private sector cash has gone into recording everyone’s every move.

Last year the Government, under the watchful eye of the woefully ill-informed Jacqui Smith, launched a number of “initiatives” calling on the public at large to snoop, spy and dob-in anyone they thought was acting suspicious.  The scheme was widely reported to be another move in the combat against terrorism but honestly I just can’t see how.

Then we had an even more bold move suggesting that another £400m should be spent on 24hr in-home surveillance of the 20,000 “problem” families around the country “to ensure that children attend school, go to bed and eat proper meals.”  No, seriously that is what the Children’s Secretary Ed Balls was/is thinking.

So it’s obvious that New Labour is really about control and that state sponsored snooping is deemed not only acceptable by the Government but also (and wrongly IMO) essential.

BUT…

In the Times today is reporting on a worrying move by a company called Internet Eyes to employ a citizen human-turk to scan the obscene volume of live CCTV feeds and report suspicious behaviour and crime.  What makes this even more troubling is that they are rewarding viewers with cash for reports AND opening making the whole surveillance into a game with leader boards.  WTF!

This is so very very wrong.

And yet I am so riled by this my thoughts are not yet clear enough to define exactly how it is so wrong.

Obviously allowing anyone on the internet to watch a private citizens movements over CCTV is a terrible invasion of privacy.  If I walk down a street I accept that other people in the locality can see me, I also accept (whilst dislike) that the CCTV operator can also see me.  But at least I had some form of redress should that video footage be misused, my privacy breached.

I had some degree of limited exposure, some sense of my self not being shown to all and sundry.

No longer will it be only a “trained” professional operator observing me 300 times a day but some idle blaggard at the other end of the country with nothing better do than fulfil a sad voyeuristic fetish in the hope of instant cash and props from the other game players.

Granted that Internet Eyes are not disclosing the location of the viewed camera feed but it seems that the ONLY privacy being afforded by the system is that of the viewer, the reporting, the snooper.

WHAT TO DO

I honestly don’t know. Yet.  Spread the word, tweet it, facebook it, tell your mates, anything.

Awareness of this vile scheme must be raised.  If negative public opinion is enough to scupper perfectly privacy compliant (and potentially very useful) schemes like the recent mobile directory then surely public pressure can show up Internet Eyes for what it is; a truly terrible step towards an Orwellian reality.