Big Data vs. NSA PRISM Snooping: Is There a Difference?

Big DataQuestion: What’s the difference between marketing-related data mining of consumer behaviors (either online or in the “real world”) and the recent revelations about NSA domestic surveillance?  My guess is that it would be very challenging for you to distinguish the two.

In the case of NSA PRISM, the agency is accused of capturing huge volumes of consumer online activity without their knowledge or consent. The government, in the wake of the revelations, said that there are safeguards built into the system and privacy is protected. Effectively the government is saying “trust us,” we’re not really doing anything improper.

With marketing-related “big data” it’s much the same. Huge volumes of consumer behavior and transaction data are being compiled, analyzed and combined. Most of the data mining from online and offline sources are being captured entirely behind the scenes without consumer awareness or (informed) consent. (Clicking “accept” on legal boilerplate terms does not true consent make.)

Ad networks, marketers and related data vendors say that consumer privacy safeguards are built into the system. Effectively this is the same as the US government’s “trust us” statement. The online ad industry wants to “self-regulate” and doesn’t want burdensome disclosure and opt-in rules imposed on it by the FTC or US lawmakers.

While I certainly understand that position, self-regulation as it stands is insufficient to protect consumers from data abuses — especially by third parties who can access the data (e.g., the US).

Perhaps the one major difference between the two scenarios above is the “ad choices” button and the corresponding ability to opt out of behavioral targeting online. Indeed, you can’t opt-out of NSA snooping. But as a practical matter most consumers don’t really know about or understand “ad choices.”

As many surveys have shown, US consumers don’t like being profiled, tracked and targeted by marketers. They want relevant ads but don’t like the idea that their “movements” are being watched. This is also what made so many people uncomfortable following the NSA-Verizon data mining revelations.

As the NSA episode has shown, self-regulation and “trust us” assurances don’t adequately protect against abuse of the rules. In online advertising some mix of externally imposed requirements and self-regulation could work but self-regulation by itself won’t provide for sufficient consumer protection.

The NSA revelations are adding new urgency to Europe’s consumer privacy initiatives and will undoubtedly inform the online privacy debate in the US. But I’m curious to know what you think: has government spying become inextricably bound up with the discussion of online consumer privacy?

There may be more distinctions between big data collection and NSA surveillance but I’m not sure they’re particularly meaningful. I’d be interested to hear your thoughts and arguments — if you can formulate them — about why the two are or are not different.

You can follow any responses to this entry through the comments feed.

9 Responses to “Big Data vs. NSA PRISM Snooping: Is There a Difference?”

  1. Frank Reed says at


    Great question. Here is my take. I think they are very similar although it is more of a gut thing that taking empirical evidence and examining it etc.

    It’s the mental state of the general public that we should be most concerned about. While the Pew Research points to most not liking targeted ads I think that is one of the those “this is the best looking way to respond to this question but the truth of the matter is that I don’t pay close enough attention to know differently anyway.” answers.

    Marketers and the government prey on apathetic targets because they will give little to no resistance. For those that are sharper or simply more alert there are not enough of them to ‘stir the masses’ so both activities will go on with only a feigning concern from the general public will be exhibited. 

    Honestly, I can’t even imagine what it would take to get people to truly take notice and fight back. We are desensitized to the point where even mass murder has a short shelf life in terms of having the real attention of the GP.

    Negative view? I guess so but it would be hard to argue otherwise. 

  2. Bob Fichtner says at

    My first  reaction is that while there are similarities in the collection and analysis activities, there are big *potential* differences in the usage of said information. A company can create data sets to help target me with ads, promotions and offers that I can ignore. Maybe they could deny me their product or service if they don’t think I’ll be a good customer. But what is the worst thing that a company could do with the information they have concerning me and my online/offline activities?

    I’m not a black helicopter type of person, but when you think about the government having the ability to connect information about your health, your income and your online/offline activities and use it to impact your life – am I more or less willing to trust the government? I would definitely say less willing.

  3. Greg Sterling says at

    Frank: Agree largely. People are both numb and overwhelmed by their lives. The scope of the whole NSA thing is so large and complex most people can’t really understand it except on the following level: the government is spying on our online activity. Then what do you do? Stop using these services? 

    Re private data mining, most people are completely ignorant of it but don’t have time to educate themselves, which is why, ironically, you need a paternalistic system (read: government) to protect against abuses. 

    Checks and balances were designed to prevent one brand from overreaching. With PRISM that system has broken down because of secrecy. 

  4. Greg Sterling says at


    I’ve been saying for years, in agreement with the thrust of what you’re saying, that the real danger is not ad targeting per se but use of data by third parties with real world control over you: insurance carriers, employers, banks and the US govt. 

  5. Frank Reed says at

    Ah yes, that is a terrible irony indeed because from my point of view then there will be no positive progress if we have to go the gov’t route, only more power grabs and dysfunction.

    Please understand that I believe this happens no matter which side of the aisle is in the Oval Office so while I do have my own political leanings I am not ignorant enough to think that this is one party v another. This whole thing started with the Patriot Act (which considering the proximity to 9.11 I was fine with even though I had no real idea about the details) and is now being furthered (and likely abused) by the current administration. 

    I wish I could trust but I don’t have enough evidence to go that far ……..

    In the meantime, I have to wonder why I get served some ads that I do. Am I ‘sleep browsing’ and giving online signals I am not aware of?

    Thanks for the thought provoking post and keep up the great work!

  6. Jason Lancaster says at

    In terms of tools and technique, I’m certain that there are a variety of differences between “big data” and NSA surveillance. However, the difference in my eyes (speaking as an online marketing consultant) is purpose.

    If I use “big data” to help a client target their ads a little more precisely, to find potential marketing partners, etc., the goal is to save money and/or stretch our existing budget. The worst-case scenario for the consumer is that we convince them to spend money.

    If the NSA uses their suite of tools to identify a terrorist – or someone who *might* be a terrorist – the worst case scenario is 24/7 surveillance, secret searches of a person’s property, sudden and spontaneous interactions with members of the law enforcement community, and – scariest of all – death at the tip of a Hellfire missile (assuming the suspected terrorist is oversees).

    Thus, I really don’t think the conversations have much in common. Until marketers are given police powers (and I’m still waiting for my badge and gun, LOL), the issues are separate…or at least they should be.

    If marketers start talking about “big data” when others mention NSA surveillance, consumers are going to get the wrong idea. Marketers aren’t after your life…they’re just after your wallet.

  7. Greg Sterling says at

    Very clearly the uses of the data and the purposes for which the data are collected are distinct. However the methods and the lack of transparency to citizens/consumers is quite similar.

    I don’t think you can say collecting lots of information without the knowledge of end users for better ad targeting is ethically or morally better than watching citizens’ phone calls, without their knowledge, to prevent terrorism. The ends don’t justify the means in either case. Consumers need to be informed and brought into the conversation about how their data are gathered and what those data are used for.

    However I agree that consumers probably have little or nothing to fear from Google, Facebook and Twitter as a general matter. We need laws and safeguards that guarantee purging of data after some limited period of storage and rules that preclude our data from being transferred (other than for strict purposes) or abused by third parties (banks, employers, insurance carriers).

    How that would be “operationalized” is problematic and challenging. But online ad industry “self regulation” is nearly the same as the US saying we’re not spying on you, “trust us.”

  8. NSA and Big Data Not So Different, Collaborating and Quid Pro Quo-ing says at

    […] week after the Snowden-NSA spying revelations I asked the question, Big Data vs. NSA PRISM Snooping: Is There a Difference? Some people said I was nuts or stupid because the differences are […]

  9. rescuetruth says at

    There are very little similarities between how the gov’t collects data, and how a marketing company collects data. When I visit a web site, I know that they may collect a few data points on me. When I do a search, I know that Google uses that information to make future search results better, and create more targeted advertisements. The U.S. government is not merely collecting data on us when we visit a gov’t web site. Instead, they are tapping into the phone and internet lines of telecommunications companies, and compelling media companies like Facebook to divulge details about our private lives. It is a much wider and more intrusive type of data collection.

    In addition, the “big data” companies don’t get to look at the most intimate details of our lives like bank to health records. My healthcare provider is not allowed to sell my healthcare records to “big data.” Can the government access those records if they wanted? Yes. If they are indiscriminately (illegally) grabbing up packets from the internet, they already have a lot of this information in their servers. Notice the difference?

  10. Greg Sterling says at

    Do you work in online marketing? I assume you do. If so, you have considerably more knowledge of what data are collected and why than the average consumer. Indeed, many consumers don’t have quite so casual an attitude about it:

    It is true the specific types of data being collected (and we don’t have all the information on NSA) are different. I intended this discuss to be provocative. But my point is that there isn’t really the massive chasm between what the government is accused of and what data mining firms (online and off) have done for years in the b.g., substantially w/o consumer knowledge. It may be much more a matter of degree than kind. 

  11. Has online advertising made us apathetic to privacy? | Shared Across says at

    […] internet surfers begrudgingly accept this premise because it’s a process that takes place outside of their immediate view. The frustration a […]

Leave a Reply