Skip to content
Laird Norton Wealth Management
  • Services
          • Wealth Planning
            • Business Owner
            • Equity Compensation
            • Estate Strategies
            • Philanthropic Giving
            • Tax Strategies
          • Investment Management
            • Tax-Aware Investing
            • Risk Management
            • Alternatives & Private Market
            • Impact Investing
            • Impact Investing: Our History
          • Trust Services
            • Beneficiary Services
            • Family Legacy
            • Trust Administration
            • Trust Benefits
            • Understanding Trusts
          • NonProfit Clients
            • Request RFP Participation
  • About
          • About LNWM
            • How We Help
            • Our Team
            • Corporate Social Responsibility
            • Board of Directors
            • Community
            • Careers
            • Media
            • FAQs
        • two people in a kayak on water
  • Insights

        • Blog

          Top-of-mind at LNWM and elsewhere.

          Papers

          Expert insights and analysis.

          Videos

          See what we're up to.

  • Contact
Client Login

Home » Insights » In the Community » Here to Help: How to Request a Record of Your Data From the Big Four

Here to Help: How to Request a Record of Your Data From the Big Four

Independent Media | In the Community | September 18, 2020 (September 18, 2020)
This article was written by an independent media source and selected by LNWM for our blog readers. LNWM provides this third-party information for informational purposes only and has not verified the accuracy or completeness of such. In addition, LNWM is endorsing neither the content nor the author of the commentary.

Is TikTok, the Chinese-owned social network that is used mostly by teenagers to post dance videos, a national security threat?

It depends on whom you ask.

President Trump has said it is and has threatened to ban the app in the United States. But security experts are more hesitant to draw conclusions. While there is no direct evidence that TikTok has done anything malicious with people’s data, sharing information could be fundamentally less safe with a company that might allow the Chinese authorities to intercept it.

So I asked two companies that offer mobile security products to take a close look at TikTok’s app to see what they could glean about it. They had very different takes.

Disconnect, a San Francisco security firm, analyzed the code of the TikTok app for iOS. In July, the app’s code contained references to servers in China. Last weekend, Disconnect reviewed the app’s latest version and saw that the lines of code referring to Chinese servers had been removed.

Patrick Jackson, the chief technology officer of Disconnect, said that while he did not witness any data transmission by the app to Chinese server computers, he found the existence and subsequent removal of the code suspicious.

But Sinan Eren, the chief executive of Fyde, a security firm in Palo Alto, Calif., said the references to servers in China did not alarm him. Plenty of apps have legitimate reasons for relying on some Chinese servers — for example, if they have users in Asian countries and want to stream video to them quickly in a cost-effective manner.

“It’s not realistic for anybody to say that they’re not going to use any Chinese servers, ever,” Mr. Eren said.

TikTok said that the code discovered by Disconnect was obsolete and that it had updated its app as part of a continuing effort to eliminate unused features. “We have not shared data with the Chinese government, nor would we if asked,” the company said in a statement.

On Tuesday, after The New York Times called about the code, TikTok also published a blog post titled “Providing peace of mind” and said it was working on “efforts around cleaning up inactive code in the app to reduce potential confusion or misconceptions.”

Whether or not TikTok’s code was doing something nefarious, there is a broader lesson here. As increasingly digital creatures, we often don’t think twice about giving the apps that we love permanent access to information about ourselves. So the debate about TikTok is a reminder that we must be on guard about the data we share with any apps — whether it’s from an American or a Chinese company — and get in the habit of denying their requests to our personal data.

“We should be minimizing the amount of data we share,” Mr. Jackson said. “It doesn’t matter who collects it in the first place.”

Here’s what you can do to set up your app defenses.

Minimize data sharing.

When you open a newly installed app on your phone, notifications may pop up asking for permission for access to sensors and data such as your camera, photo album, location and address book.

When that happens, ask yourself these questions:

  • Does this app need access to my data or sensor for it to work properly?
  • Does the app need access to this sensor or data all the time or just temporarily?
  • Do I trust this company with my data?

Sometimes it makes sense to grant access. An app like Google Maps, for example, needs to know your location so it can figure out where you are and give directions.

In other instances, the need is less clear.

GasBuddy, an app that helps you find nearby gas stations with the lowest prices, asks for permission to know your location. You could allow it to pull your device’s precise location from its GPS sensor. But it would be safer just to enter your ZIP code so it has less precise information about your whereabouts. (A 2018 Times investigation found that GasBuddy was one of dozens of apps that shared users’ location data with third parties.)

Then there is the question of whether an app needs permanent access to our data and sensors — meaning it always has permission to get information like our location and photos even when we are not using features related to that data.

Usually, the answer is no. As a brand-new TikTok user, for example, I had granted it permanent access to my phone’s camera and microphone. But I have mostly used the app to scroll through people’s cooking videos and have posted only two videos. And the app doesn’t really need to know that much about me. So I eventually went into the settings to disable access to those sensors.

Even if giving access makes life easier, it may be worth putting up with some hassle if you don’t trust the company. Mr. Eren, who said he no longer trusted Facebook after a series of data scandals, uses the Facebook-owned messaging service WhatsApp. But to avoid sharing his address book with Facebook, he said, he manually added his contacts to WhatsApp.

That all sounds like a lot of work. But there’s good news: Apple and Google are making it easier to reduce the amount of data we share with apps.

In Apple’s next version of its mobile operating system, iOS 14, which is due for release this fall, apps requesting your location will present you with the option to share just an approximate location. That could be useful if you’re searching Yelp, for example, for restaurants in the neighborhood but don’t wish to tell Yelp exactly where you are.

Google said that in Android 11, its mobile operating system due for release this year, apps requesting location would present people with the choice to grant access just once, which would prevent constant location sharing with an app. (Apple has offered that option for about a year.)

Google also said that if any apps were not used for a long period after being granted access to sensors and data, Android 11 would automatically reset them to require permission again.

Block app tracking.

Many apps are constantly pulling information from our devices, such as the model of our phone and what version of mobile operating system it is using, and are sharing that data with third parties. Marketers who gain access to that information can then stitch together a profile about you and target you with ads across different apps — a practice known as app tracking.

So what to do? To limit this invisible data harvesting, I recommend using so-called tracker blockers.

Mr. Eren’s app, Fyde, which is free for iOS and Android devices, automatically blocks such trackers, for example. Disconnect also offers tracker blocking apps, Privacy Pro and Disconnect Premium, for iPhone and Android devices.

I prefer Fyde. In my tests constantly running the tracker blockers, it consumed less battery than Disconnect’s apps did.

Apple said that in iOS 14, apps would be required to ask people for permission to perform tracking.

Be curious.

This last step is less technical: Stay informed. If you wonder how a company manages to offer its app, do some research on the business. Read its website and send the company questions to gain a basic understanding of what’s happening with your data and what steps you should take to minimize sharing.

If it’s a free app that relies on ads for revenue, you can usually assume that your data is part of the transaction.

“It’s not about what they collect today — it’s the drip over time,” Mr. Jackson said. “Before you know it, these apps have this huge profile about you that they’ve sold to so many people. Once the horse is out of the barn, it’s going to be hard to rein it back in.”

iStock-1007533020.jpg

Last month’s antitrust hearing before a House panel made it clear that Google, Apple, Facebook and Amazon touch every aspect of our digital lives, including our messaging apps, virtual assistants and hardware. That may make you curious what data each of those companies has collected about you. Here’s how to find out. These instructions should be followed from a laptop or desktop computer, not a mobile app:

FACEBOOK

  • On Facebook.com, click the arrow pointing downward in the top-right corner.
  • Click Settings & Privacy > Settings. In the left column, click Your Facebook Information.
  • Here, follow the steps to request a copy of your Facebook data.

GOOGLE

  • Visit Google Takeout at takeout.google.com.
  • Here, select the categories for the data you would like to download.

APPLE

  • Visit privacy.apple.com and log in with your Apple ID credentials.
  • Click Request a Copy of Your Data to gain access to the data portal.

AMAZON

  • Visit the Request My Data portal. You’ll need to log in to your Amazon account.
  • From the drop-down menu, click Request All Your Data, and submit the request.

In 2018, I downloaded copies of my information from each of the Big Four, and I was most disturbed by the incredible amount of data that Facebook was hoarding about me, including information on my friends and exes. The Facebook data also revealed that hundreds of advertisers, many that I had never heard of, had my contact information. You can guess what I did next: I deleted my Facebook account. I haven’t regretted it.

  • Share:

Sign Up For Navigator

Get our quarterly insights on investments, wealth planning, taxes and trusts.

About

  • Board of Directors
  • Careers
  • Community
  • Contact
  • FAQs
  • Our Team
  • Sign up for Navigator

Services

  • Investment Management
  • Sustainable Investing
  • Tax Strategies
  • Trust Services
  • Understanding Trusts
  • Wealth Planning

Address

  • Laird Norton Wealth Management 801 Second Avenue, Suite 1600
    Seattle, WA 98104
    United States
  • 206.464.5100
  • 800.426.5105
© 2022 Laird Norton Wealth Management. All rights reserved.
Form CRS Legal Terms and Conditions Privacy Policy
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to customize your settings.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-advertisement1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
__cf_bm30 minutesThis cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
bcookie2 yearsLinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie2 yearsLinkedIn sets this cookie to store performed actions on the website.
langsessionLinkedIn sets this cookie to remember a user's language setting.
lidc1 dayLinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory1 monthLinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
CookieDurationDescription
_uetsid1 dayBing Ads sets this cookie to engage with a user that has previously visited the website.
_uetvid1 year 24 daysBing Ads sets this cookie to engage with a user that has previously visited the website.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gcl_au3 monthsProvided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid1 dayInstalled by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress30 minutesHotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen30 minutesHotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjIncludedInPageviewSample2 minutesHotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.
_hjIncludedInSessionSample2 minutesHotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit.
_hjTLDTestsessionTo determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails.
_omappvp11 yearsThe _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs20 minutesThe _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.
calltrk_session_id1 yearThis cookie is set by the Provider CallRail. This cookie is used for storing an unique identifier for a user browser session. It is used for tracking the number of phone calls generate from the website.
vuid2 yearsVimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
CookieDurationDescription
_fbp3 monthsThis cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
_mkto_trk2 yearsThis cookie, provided by Marketo, has information (such as a unique user ID) that is used to track the user's site usage. The cookies set by Marketo are readable only by Marketo.
fr3 monthsFacebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
MUID1 year 24 daysBing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie15 minutesThe test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
_ce.gtldsessionNo description
_dc_gtm_UA-41670453-11 minuteNo description
_hjSession_275188330 minutesNo description
_hjSessionUser_27518831 yearNo description
AnalyticsSyncHistory1 monthNo description
BIGipServerab10web-nginx-app_httpssessionNo description
BIGipServerab47web-nginx-app_httpssessionNo description
calltrk_landing1 yearThis is a functionality cookie set by the CallRail. This cookie is used to store the landing page URL. It helps to accurately attribute the visitor source when displaying a tracking phone number.
calltrk_nearest_tld9 years 10 months 8 daysNo description
calltrk_referrer1 yearThis is a functionality cookie set by the CallRail. This cookie is used to store the referring URL. It helps to accurately attribute the visitor source when displaying a tracking phone number.
CookieLawInfoConsent1 yearNo description
li_gc2 yearsNo description
SAVE & ACCEPT
Powered by CookieYes Logo