How to Skew Data for Fun and Privacy

You don’t have to supply all of your real identity information to every website, service, or app that asks for it. If your gut reaction to my previous sentence is “but hey, that violates the terms of service,” then stop reading now and go color inside the lines. The internet can be a scary place, and it can be hard to know who you can trust with your data. But there are ways for you to protect yourself online without giving up all of your privacy and security.

You may not realize that Facebook, Google, Amazon and other major companies collect massive amounts of information about what you do online every day. They store this information so they can target ads at you or sell it to other companies. This means that these big tech companies have a ton of private info on everyone who uses their services.

Companies violate their own terms of service every day, either knowingly or unknowingly. You don’t have to give up your privacy for the sake of convenience.

Something I started doing a long time ago was to use what I call my “internet birthday.” Anytime I sign up for something that requires my date of birth online to confirm age, I use the same date. Unless your birth date is being used for something seriously adult like a plane ticket or a job, you don’t actually have to submit your information accurately if you don’t want to. I never do!

Attention: You don’t have to give up your privacy for the sake of convenience.

It is possible to use websites, services and apps without giving them any personal information at all. In fact, it’s becoming more common as people become increasingly aware of how much data they are giving away every day. There are many ways you can protect yourself online by using fake names, email addresses and phone numbers that won’t lead back to you in real life.

The best way to avoid being tracked online is by not revealing anything about yourself at all! This means creating a new identity with false information when signing up for accounts on various sites or using tools like Tor Browser or VPNs (Virtual Private Networks) which will mask your IP address so that no one knows who you really are.

More than ten years ago I changed my age on Facebook to 82. Then I started getting Prevention magazine in the mail. The ads for the elderly were fairly primitive at best, mostly peddling fear and rash creams. Now they are more whimsical and ask me to buy things for my grandchildren that I don’t have or protect me from embarrassment due to a loss of bladder control. I started doing this initially to dissect ad targeting practices, but then it just kept going and I couldn’t help but pour over the data.

At first I let Facebook share my internet birthday with my friends and I was tickled by those who knew me well but wished me a happy birthday anyway. Most people didn’t question it at all, they just wished me a happy birthday and accepted that the data was just correct. Then I found it was better to just not have it displayed as each year it became more and more obvious nobody remembers anybody’s birthday anymore unless you’re really close. While I sometimes do sort of miss the barrage of messages on my actual birthday, the calls and texts that I DO get mean a whole lot more to me.

Sometimes I use my husband’s nickname “Val” for things I fill out, because again, I’m not playing a perfect data game here. He recently was the receiver of a lingerie catalogue with the name “Valerie.” There is no Valerie Ward. Some database somewhere decided he was actually me and that his nickname was likely a shortened version of a longer name. Why not Valentina or Valencia? Who knows. But I was delighted at this incorrectly addressed snail mail, because it meant my bad data is working.

Another fun thing I like to do is create custom email addresses on the fly for anything I sign up for out of pure anticipation of receiving future spam. With most major email providers you can create an email dynamically on the fly. With Gmail it’s as simple as adding a + sign in there, so it’s yourrealemail+anythingyoumakeup@gmail.com. This can lead to tons of fun.

There’s a work conference that I attended in 2017 that has been by far the most prolific in terms of repeated email abuse. In four years I have received more than 450 unwanted emails from the organizers. Due to my knowing the inbound address (but not the sender), each email has been filtered away from my inbox. While I cannot prove it in court, memory tells me that I have unsubscribed at least a dozen times. The emails keep coming from various sources to this same unique address, so I know exactly who’s violated my privacy. The most recent email actually came in today! Yes, it was for a webinar.

The organization behind this conference should really consider how it looks from the outside when thousands of people receive hundreds of unwanted emails every year. This shows a lack of respect for both time and privacy, something that we all value highly in our society today – especially since there are several ways to handle such mass communications effectively while reducing spam complaints and improving customer experience at the same time.

Some people will tell you that a system called “double opt-in” is the solution. This means something like this: I subscribe to an email newsletter and then am asked if I want to confirm my subscription. Confirmation usually goes through a second form on another website, where I have to enter my name and address again. That way, it should be harder for spammers who only know your email address but don’t have your name or other information about you. But in practice, double opt-ins are rarely implemented correctly so they do not work as intended – especially when it comes to recurring events such as conferences. Instead of getting confirmation emails from the conference organizers at each step along the way (which would actually make sense), most conference organizers ask their attendees just once whether they want to attend and then store these answers in some database somewhere without asking again later whether someone still wants updates from them or not.

It’s time to start thinking about privacy and security as an integral part of your business model instead of an add-on feature or afterthought. We need to take responsibility for our own data, rather than handing it over blindly without knowing how it will be used or abused later on down the road.