Tom Kemp’s new book about the dangers of the five Big Tech companies is several books in one volume. Normally, this would not be a great recommendation, but stick with me here and see if you agree that he has written a very useful, effective, and interesting book.
It is a detailed history on how Microsoft, Google, Meta/Facebook, Amazon and Apple have become the tech powerhouses and near-monopolists with their stranglehold on digital services, at the same time threatening our privacy. It is a reference work for consumers who are concerned about what private information is shared by these vendors, and how to take back control over their data. It is also an operating manual for business IT managers and executives who are looking to comply with privacy regs and also to prevent their own sensitive data from leaking online. And it is a legislative to-do list for how to fashion better data and privacy protection for our digital future.
Kemp focuses on eight different areas of interest, one per chapter. For example, one chapter describes some startling failures at reigning in the data broker industry and another goes into details about how easily disinformation has prevailed and thrived in the past decade. He mixes his own experience as a tech entrepreneur, investor and executive with very practical matters. Each chapter has a section dealing with the issue, then the response of the various tech vendors, and finally a collection of various laws and proposals from both the EU and the US in response. This last section is a sad tale about the lack of legislative forward motion in the US and how the EU has forged ahead with their own laws in this area — only to be lightly enforced.
Speaking of legislation, I asked him what he thought about the lack of any progress in that department, especially at the US federal level. He told me in a recent interview that “No one is going to do anything to modify Section 230 — all previous efforts have been roundly beaten. Eventually, pressure is going to shift to EU, with its new laws that take effect in 2024. These will require online businesses to monitor their platforms for objectionable speech. These will also give end users the ability to flag content and make the tech vendors to be more transparent. Tech platforms will then have to finally respond. I don’t see anything happening in the US, nor with any new federal privacy laws enacted.”
His unique know-how and the combination of these different perspectives makes for a fascinating read. For example, to test Google’s claims that they have cleaned up their heavy-handed location monitoring, he did some role playing and set up appointments at local abortion clinics, visited drug stores, and shopped online. His online activity and location data was monitored by Google about every six minutes. “The real-time nature of this monitoring was impressive. Google knows the ads that they served me, the pages I visited, my Android phone notifications and locations. And despite their promises, they were logging all these details about me,” he said.
Even if you have been parsimonious about protecting your privacy, you probably don’t know that Meta’s tracking Pixel is used by a third of the world’s most popular websites and is at the heart of numerous privacy lawsuits, especially in Europe. Or the sequence of steps to tamp down on what the five tech vendors allow you to make your activities more private.
Kemp doesn’t pull any punches — he lays blame at the keyboards of these Big Tech vendors and our state and federal legislators. “Big Tech’s anticompetitive practices have also significantly contributed to them becoming these giants who act as gatekeepers to our digital economy,” he writes. “The five Big Tech firms have five of the seven largest cash balances of any S&P 500 company in 2022.”
He documents the missteps that the major tech vendors have taken, all in the service of their almighty algorithms and with the aim of increasing engagement, no matter the costs to society, or to its most at-risk members — namely children.
I asked him about the latest crop of studies that were paid for in part by Meta/Facebook and appeared in various technical journals (and covered here in the NY Times.) He told me, “Meta was closely involved in shaping this research and in setting the agenda. It wasn’t a neutral body – they framed the context and provided the data. Part of the problem is that the big tech platforms are talking out of both sides of their mouths. They market their platforms specifically to influence people to buy products from their advertisers. But then their public policy staffs have another message that says they don’t really influence people when bad things happen to them. They certainly haven’t helped the situation via algorithmic amplification of using their services.” I reminded him that many of the big tech trust and safety teams were one of the first groups to be fired when the most recent downturn happened.
So get a copy of this book now, both for yourself and your business. If you want to stay abreast of the issues he mentions, check out his website for post-publication updates, which is very helpful.
You may have taken some of the privacy-enhancing steps he outlines in one of the book’s appendices, but probably will learn some new tricks to hide your identity.
Not many chief security officers will point out not one but two times they took a job while their companies were under attack. But this is what happened to Jaya Baloo, who is now chief security officer at cybersecurity provider Rapid7 Inc. Even more interesting, she considers both times — which happened at two different companies — career highlights. She has a lot more to say in