Future Tense Newsletter: The Privacy Naughty List
Reading Time: 7 minutesIs Your Secret Santa App on the Privacy Naughty List?, Secret Santa: Which gift exchange site is best for privacy?
Sign up to receive the Future Tense newsletter every other Saturday.
It’s a busy time to run a Secret Santa site. For Elfster, one such site, the normal staff of around 20 elves (yes, they call themselves elves) balloons to a team of about 55. ‘We need a million servers, we need tons of support people—it’s just off the hook for the holidays,’ Peter Imburg, the company’s CEO, told me recently on Zoom. (In the far corner of his Zoom square, an elf costume hung on the wall.) More than 21 million people have used Elfster for exchanges, and Imburg said the biggest group he’s seen participate in an exchange on the platform was about 5,000 people.
It wasn’t always this way. Imburg started Elfster in 2004 (the time of Friendster and Napster, hence the name) as a way to solve a personal problem: How to coordinate a family gift exchange when not everyone was in the same place, and with certain conditions, like not selecting yourself or your spouse? He bought some servers on eBay, rented rack space, and figured out how to pay for Google ads. Things puttered along until Elfster’s big break, which came in 2009: Claire’s hired the company for a Secret Santa campaign. The idea was that fans could enter a Claire’s-only exchange—but at the time, Claire’s didn’t even sell things online, so users would print out their recipient’s wish list and go to the store, coupon in hand. The campaign was a success, Imburg said, and also made Elfster rethink its site with a retail mindset.
The timing was also good: In a 2009 article, the New York Times attributed an increase in Secret Santa exchanges to the recession: ‘consumers are getting more creative about giving gifts for less,’ it noted.
I grew up doing Secret Santa with my family—we’d pick names out of a jar at my grandma’s house over Thanksgiving and get together a few days before Christmas to exchange gifts. I’ve always found it an incredibly efficient way to cut through the obnoxious, often unspoken gift-giving expectations that pop up this time of year: Secret Santa slashes the number of people you have to shell out for, clearly establishes your financial obligation, and (most of the time) saves the stress of wondering what you should buy. Plus, the mystery!
As an adult, I usually participate in a few friend/family exchanges a year, all using different websites. Until this year, I had always thought of these sites as simple vessels, with a singular purpose: to tell me whom I had drawn. But a couple of weeks ago I received an invite to an exchange hosted on a pop-up site created by the beer brand Bohemia (and its seasonal Noche Buena brew), which forced me to answer series of survey questions about my favorite food to pair with a cold one. This unsettling (though well designed) abomination of the purity of Secret Santa forced me to think about the larger context of this jolly digital infrastructure—and its implications for privacy and personal data.
So, I decided to dig into some of these sites. Making no promise to be exhaustive but hoping to get a general sense of what was out there, I chose to look at the privacy policies for the three apps that topped the search results when I typed ‘Secret Santa’ into the app store: Elfster, DrawNames, and Santa’s Secret Keeper. I know almost nothing about privacy policies, so I reached out to someone who knows almost everything: Jen Caltrider, who leads Mozilla’s Privacy Not Included project and quite literally reads these things for a living.
One of the first things Caltrider did was to pull up the apps on the Google Play store and take a look at the app permissions (you can find these by clicking ‘about this app’ and then ‘permissions’—and it’s a great resource before downloading anything). That’s where the first red flag came up: Santa’s Secret Keeper, for example, has access not only to IP addresses but also precise location data, plus cameras, microphones, the content of USB storage, and more. Why would a Secret Santa app need permission to record audio? It probably shouldn’t, so that’s something to look out for, Caltrider said.
Santa’s Secret Keeper was clearly the most homegrown of the apps we looked at—it appears to be created by one person, and when I reached out to him, I got a friendly auto-response that said he would try to get back to me within a week but is a ‘busy full-time working parent and just do[es] this for fun.’
I doubt there’s creepy data-collecting intent behind this app , but it’s indicative of a larger tradeoff with some of the smaller, less commercial apps in many arenas. ‘A lot of times some of these smaller developers don’t have the same interest in collecting vast troves of data to create profiles on users to then use to target ads or personalize,’ said Caltrider. ‘But you’re also sometimes getting people that just might not have the resources to really protect the data they do collect.’
It’s also important to understand the business model behind these services. (‘Senator, we run ads.’) Elfster, for instance, makes money through a combination of paid product placement and affiliate links—think Amazon, Etsy, Crocs, Nordstrom, and hundreds more. Elfster gets a cut of sales made after its users click on affiliate links, which have a unique tracking code that attributes the sale back to Elfster. Affiliate links are pretty standard practice—they’re all over blogs, social media, and news sites (including MediaDownloader.com!), and they help lots of content creators keep afloat by plucking a penny here and there from Amazon’s deep pockets. Affiliate links aren’t inherently bad, but when a site’s whole business model depends on them, it’s important to be clear on what the goal is: selling you things. You should always consider what info you’re giving up, Caltrider said. Take, for example, DrawNames: Its privacy policy stipulates that ‘gender, age, hobbies & interests, mailing address, and gift wishes’ are not required, but if you don’t provide this data, ‘the person who draws your name will not have as good an idea of what to get you.’ What this really means is ‘our company won’t have as much information on you,’ and it’s a tactic I saw repeated in a couple of privacy policies: You don’t haaavvvee to tell us your mother’s maiden name, but if you don’t, it’s not our fault when you get a shitty gift. And it’s not just holiday gifts we’re talking about: Sites like DrawNames and Elfster also promote year-round exchanges—National Coworker Day, Easter, Halloween, Eid al-Fitr, to name a few. Imburg even told me about an accounting firm that used the site to coordinate an exchange in April, as a special pick-me-up around tax season.
At the end of the day, it comes down to a personal risk analysis, Caltrider said. Someone being able to see your Secret Santa wish list probably isn’t the end of the world—this isn’t a period tracker or mental health app, and God knows companies like Meta and Amazon are already doing much creepier things with much more of our data. But most companies’ privacy policies, even if they don’t sell data, allow for vague third-party data sharing that often amounts to a black box over which users have little control. And someone who is really motivated can use public data (think open wish lists) for unscrupulous purposes. I had created an Elfster account a few years ago, but only when I started researching this piece did I realize that I was in a searchable Elfster database—you can search for anyone with an account if you have their first and last name or email, as long as they haven’t opted to make their profile private. You can also see most wish lists, which are public by default. As a habitual registry stalker, I found it fascinating to browse strangers’ wish lists, but as someone who hadn’t realized my name was also in this database, I felt a little creeped out.
Big picture, Caltrider recommends opting for a site over an app—apps tend to track more data and can also open up vulnerabilities on your phone. You should never use third-party logins like Facebook or Gmail to access external sites, she said, because doing so can set off a river of data exchange between the two services that users don’t always understand and often can’t control. If you’re digging through privacy policies, other things to look for are clearly accessible contact information and the last time a policy was updated (policies that sit stale for a long time can indicate that privacy is an ‘afterthought’ for the company, Caltrider said). You can also do keyword searches to see if companies sell your data (none of the three apps I looked at do) and what data they collect. Does it make sense for the site to be collecting the data that it is? Similarly, if you’re looking at an app, you can check out the permissions it’s asking for—should a recipe app have access to your camera? Or a Secret Santa app to your GPS location? You should give as little information as you can—my friends and family have largely opted for group chatting our wish lists, instead of posting them online—and assume that any information you give is or could be public. And, when you’re done, you should delete your account or app, and ask the company to delete your personal data, Caltrider said. Because only the real Santa needs to know that you were eyeing a $93 rice dispenser.
Here are some stories from the recent past of Future Tense.
‘Amazon Was Supposed to Transform a Tijuana Slum. It Failed to Deliver,’ by Manuel Ayala and Carlos A. Moreno, Rest of World.
This year has been a lot, so I think the best thing I could possibly recommend in our last newsletter for 2022 is a really buttery, really easy dessert: saltine toffee cookies. (There are 3,000 recipes for this online; I chose this one because it didn’t lead with a 15-paragraph personal narrative.) My family used to make these cookies around the holidays to give to teachers and stick in our mailbox for the friendly neighborhood USPS worker. All you need are saltines, butter, brown sugar, chocolate chips, pecans, and the ability to pay a little attention to a saucepan. Plus, crushing pecans is objectively one of the most delightful kitchen tasks.
On Friday’s episode of MediaDownloader’s technology podcast, host Lizzie O’Leary chatted with Bloomberg’s Stacy-Marie Ishmael about Sam Bankman-Fried’s worst week yet, and what it means for the larger crypto ecosystem. Last week, Lizzie spoke with David Zipper, a visiting fellow at the Harvard Kennedy School’s Taubman Center for State and Local Government, about San Francisco’s messy experience with self-driving cars—and the lessons it holds for regulators around the country. Also last week, guest host Emily Peck interviewed Alex Kantrowitz, host of the Big Technology podcast, about what the release of ChatGPT means for how we interact with A.I. On Sunday, Lizzie will talk to Chloe Sorvino, author of Raw Deal: Hidden Corruption, Corporate Greed, and the Fight for the Future of Meat, about the hidden costs of lab-grown meat.
Ref: slate