You buy things online. You also go on various websites, spend certain amounts of time on them, and so on. Many people give apps on their phone access to their location, which means that the app knows where you are.

This means that Google knows who you are, what you buy, what you like to look at, and where you go. That information can be sold to advertisers that want to target you for specific products.

Many people feel that a major company having those intimate details about your life is a breach of privacy, and don’t want companies purchasing that information.

Everything you do, every day has some amount of personal data tied to it. Go to the DMV to renew your license? Data. Use a cell phone? Data. Purchase something? Data.

Unless you explicitly state otherwise (opt out) that data is for sale to a wide range of companies that specialize in data storage, analysis and publication.

Marketing firms then contact those data repository companies and request specific data sets based on the demographics they want to serve. They use that information to target advertising, either as a group or individually to get you to buy something.

I actually worked for one of these marketing firms, and the amount of specific data on any one person is mind boggling.

Let’s say you are a milk company, and you want people to see your new promotion of buy 1 get 1 free. You know that there exist people that do not drink milk, either by choice or because of a lactose intolerance.

You want to make as many people as you want aware of your promotion but you know that some people even if they see the ad, they will not be interested at all because of what I said earlier, and ads are not free.

Therefore, if there is a way for the advertising agency to only show the ad to people that still drink milk, you can save some money by only paying to show your ad to those people.

Now, how to know that someone drinks milk ? Well maybe that person joined a “I don’t drink milk” Facebook group, or maybe he never bought milk at his or her favorite grocery store, or maybe he or she told a company that he or she did not drink milk via survey or something else.

Companies that have this kind of milk data can sell it to advertising agency that will use this information to only display the ad to the people for which it is relevant so that when a company want to advertise their product, they can target it to specific people

​

It is problematic for privacy because you might not want the website you visit that you are yourself, and that you don’t drink milk, like video games and have an onlyfan account for example. It becomes even more problematic when targeting people with ads based on their gender, race, believe, or even age.

Also, since advertising agencies are present on multiple website at once, they can “log” the fact that you saw their ad on jewelrystore.com when you are trying to load an ad on facebook, and can therefore use that information to show you jewelry ads, might be problematic if you were looking up wedding rings on your fiancee’s computer for example. This last part is part of the cookie privacy problematic

If an ad company has access to that information that doesn’t harm you, who’s to say that hackers can’t just as easily access the information that *can* harm you?

Let’s say GMail (or whoever your email provider is) starts offering a secondary password for you mailbox that allows full read-only access (people can’t use it to send emails, delete or hide emails you received, etc. Only read).

Would you be comfortable putting that in plain sight where everyone could see it?

If you are comfortable with that, then no, you probably don’t need to care about who is selling what data to whom.

If you are not comfortable with that, then that’s your answer.

How it works? Well, just like how selling anything else in bulk works. Two companies: one which has the data, (e.g., MAGA), and one who wants to do stuff with it (Cambridge Analitica), dress up a price and a contract. With the contract in place the data transfer is implemented.

Eli5?

You buy a cool t shirt from a streamer because he is cool.
Streamer deals with company A, a company that handles shipping and billing for a very cheap price but, they deal with an other company for shipping (B) and billing (C) along with what you buy(D).

Should any of these companies get a data breach or go bankrupt, your data can land in the hands of companies who didn’t make you sign an agreement and can do whatever they want with it. Including spaming you e mail, sell it again if you are a big spender(those loyalty points), make bot accounts using parts if not all your data to manipulate social media or in the case of ID fraud( some do make legit money to buy data companies too) make quick scams.

Just like all other data, it’s impossible to not use it at all but the least amount of people that have access to it, the lesser the chance it lands on bad faith actors.

Not to mention that you give data in order to get a service you paid for and they double dip by getting paid to send this data.

Here’s a case for abuse:

You have a specific political opinion, as scrapped from the articles you read online, and what you repost or like.

They know you are into sports because your location data from your phone gps has you wandering through spring goods at a local store (and yes, they can do that).

So you start getting ads with a certain theme targeted at you. Things like sporting equipment.

Seems benign.

The always on Siri or Google assistant overhead she key words, about needing ropes for your trailer or boat..

So you start getting ads for that.

Then you start getting athlete endorsement ads for political issues.

Someone then really wants to float a wild idea, program or opinion…

So they target only a few hundred athletic, outdoorsman with sympathetic opinions with a short series of very satisfying specific ads.

Ads often disguised as Facebook posts, informative articles, popular tweets etc, to disguise that they are ads.

These can (and have) made extreme claims, falsehoods, fear mongering rhetoric etc.

All as an ad campaign, to people they never actually met, disguised as something else.

But because they only sent out a few hundred, to carefully chosen sympathetic people the message isn’t noticed by the populace at large.

It’s only noticed when those targeted individuals start making authentic, independent posts “informed” by the information they saw on other places.

They are righteous, and defensive as to why others are denying reality. After all, they’ve been seeing “information” all over, repeatedly, wherever they go about how x is malicious, greedy, out to get them etc…

So the targeted as now gets amplified, and looks like a grass roots concern.

But really it’s an attempt to gather support by a political faction, is worse mislead and agitate by an entirely foreign power.

No longer are people recruited by chance meetings and transparent open adverts for all to see. But anonymously pushed in a direction with very careful targeting based on huge amounts of data that would, on the past, have required overt spying to obtain.

People have commented the morally wrong but legal ways to use your data, but it has to be said that a lot of people buy your data and do outright illegal shit with it.

How do you think scam mails know your name sometimes?
I could just buy the health profile of cancer patients and send them all a mail advertising a miracle cure for just a few thousand bucks. Sure most wouldn’t fall for it, but I just need a couple to fall for it.

Data privacy is not only to protect you yourself, but also vulnerable people, like the old or gambling addicted, which can be specifically targeted with their information.

The question of how it’s done has already been answered in this thread but on the topic of why you should care I suppose it all depends on your own stake in the matter. If you have nothing to lose from sharing your information then it’s fine for the most part, often times the price of convenience is limited privacy in the modern world. If you have much to lose, say money, research, fragile information, or believe that your behavior can be used to exploit you, like say a marketplace charging you more than other consumers based on your larger income or lesser knowledge, then you might not want this information to be available to any buyer, and I mean literally any buyer. I can go and buy googles user data info right now and up charge unknowing people for products I can import for dollars, and I know there not knowledgeable because I have all their data.

You updated your Facebook profile to include your age of 25. Facebook takes that info and goes to advertisers and says “hey if you want to advertise to people in their 20’s i can do that for you”. The advertiser says “yes please, advertise to these 20-29year old”. You’ll then see the ad.