Modern field guide to security and privacy

Ello ads pan online targeting. Here's what experts say about its privacy practices

The upstart social media site launched an ad campaign on Facebook this summer to draw attention to online targeting and promote itself as an ad-free network. Yet, experts have questions about Ello's own privacy practices and safeguards.

|
Courtesy of Ello
The social media site Ello launched an ad campaign this summer meant to draw attention to how Facebook collects data on users.

With two fingers cracking open miniblinds and eyes peering out, the ad reads: "They told us you’re single in NYC."

It's creepy, and that's the point. But what may be even more unsettling is where the ad appears – only on the Facebook pages of single people living in New York City. 

The advertiser is taking advantage of Facebook's targeting technology to make a statement about online tracking while promoting its upstart social media platform, Ello. Essentially, it's angling to be the anti-Facebook.

Launched in 2014, Ello boasts an ad-free experience with only minimal user tracking. The concept is a stark contrast to the revenue models of social media companies such as Facebook, which earns billions of dollars annually by serving ads to users based on personal preferences. 

While Ello has garnered media attention for taking its pro-privacy, antitracking campaign directly to Facebook's turf (it plans to launch a similar campaign on Twitter and Tumblr), experts aren't so sure it's a panacea for privacy-seeking social media users.

Ello's lack of advertising does mean minimal tracking but it still collects – and stores – lots of user data. The site catalogs Ello pages users access, users' IP address, sites that refer users to Ello, general geographic location, the e-mail and username for each account, and users' device information. While Ello says the information is anonymized, much of that data can still be used to identify users and their online activities.

For instance, device information and geographic information can be just as identifiable as someone's name, say experts. "Permanent user IDs in a smartphone are increasingly being identified as constituting personally identifying information," said John Kennedy, a cybersecurity lawyer at the firm Wiggin and Dana LLP.

One of the biggest areas of concern for privacy advocates is how Ello treats data after users leave the site. Ello has declared that quitting "your social network should be simple, hassle-free, and permanent." According to Ello’s privacy statement, users can delete accounts and posts, and neither users, nor Ello, will be able to retrieve them.

Still, the policy says that backups of the information, possibly including posts, will be kept on its servers even after users' accounts are deleted.

Ello founder Paul Budnitz said backups are deleted after three or four months and the company is developing a way to delete them even sooner. When asked why Ello keeps the backups even after accounts are deleted, Mr. Budnitz said in an e-mail that backups allow Ello "to restore data in case of a hardware crash, for example."

That's not ideal when it comes to guarding users' privacy and security, says Mr. Kennedy, the lawyer. "Best practice is to only collect the data that they require in order to provide your service," he said, “and keep it only as long as they have legit need to support an account or record keeping."

Ello is, however, one of the few social media companies that abides by Do Not Track requests, an option on Web browsers that signals to sites that users don't want their online activity tracked with cookies. Kennedy said Ello appears to be in compliance with a new California law passed in January that requires sites to let users know whether or not they honor the tracking requests.

It also doesn't required that people use their real names on the site. Many privacy advocates have complained about Facebook's policy of requiring users go by real names because it could endanger some people who need to protect their identities. 

Unlike like many social media sites that sell users' data to third parties, Ello claims that it doesn't offer that information for sale. Still, advocacy groups such as Access have expressed concern about the thoroughness of Ello’s claim to not sell user data, particularly in the event Ello is sold. 

“Who gets that data?” said Josh Levy, advocacy director at Access. “Does it carry over?”

Ello is registered as a public benefit corporation (PBC), a new type of for-profit business recognized in 18 states. PBCs operate with a heightened accountability for keeping business practices in line with their mission statement, which set out the specific public benefit the company pursues. 

In Ello’s case, Budnitz said, that is an ad-free social network, which he interprets to mean that in the event of a sale, the buyer must also agree to keep the site ad-free and not sell user data.

Users can rest assured that all the data collected is encrypted in transit and at rest on the third-party servers it uses, Budnitz said.

On its face, Kennedy said, contracting with a third party for a service like this is not immediately concerning, but Ello should explain if and how it compels any third parties involved to protect the security of the data.

“It’s Ello’s obligation if it chooses one or more third party services to obtain thru contract commitment to protect the security and privacy of its users data,” he said. “Because if they don’t do that then almost everything in [it's privacy policy] is pointless and possibly misleading.”

Budnitz said in an e-mail that Ello has written contracts with the hosting companies, “who cannot legally use or access our data, and specific responsibilities around how that data is stored."

Even with the recent ads touting its attention to privacy and disdain for ad-targeting software, Budnitz said privacy really isn’t the Ello’s key differentiating factor within the vast social media landscape.

Rather, he said, Ello’s focus is to be a "global network for creators, where you can discover beautiful art and be inspired by meaningful stories."

Whether it can make that model work, while shrugging off revenue-generating advertising, is another matter altogether. Ello plans to eventually launch an online marketplace where artists and artisans can sell their wares similar to Etsy.

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Ello ads pan online targeting. Here's what experts say about its privacy practices
Read this article in
https://www.csmonitor.com/World/Passcode/2015/0806/Ello-ads-pan-online-targeting.-Here-s-what-experts-say-about-its-privacy-practices
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe