Where does the data advertisers have about us exist and can we get access to it? I’ve heard that each of us has an advertiser ID that tags each of us as soon as we join a new platform. It knows where we went to middle school, our teachers names and even our personality. I have it on good authority that even Chegg has access to your footprint across the internet. I would love to get access to all of this as I could see it being a more complete psychological profile than MBTIs or BigFive personality tests
In theory, if crafted well enough, you could use it to help visualize in a flowchart timeline:
• Your life story and common patterns between different chapters of life
• How you like to work, what your preferences are in people, content or relationships
• What others with similar life trajectories have done at your stage of life
Where does this data exist, could I ever hope to get access to it in a useable form (or buy it from advertisers)?
There are several big agencies that combine data for various purposes (generally advertising-related). It’s often called "data enrichment"https://www.acxiom.co.uk/customer-data/enrichment-data/
If you use the same email address to register with two companies that both share some data with the central agency then both learn a bit more about you. But that it pretty much always (in theory) abstracted data points based on the granular data each individual company keeps to themselves.
Most personal data tends to be 1st party data that you provide directly to a company voluntarily (eg if you have insurance then you give them your date of birth, weight, address, etc) and it’s tied to your account that you’ve chosen to set up with them. They will have a unique id for you in their database.
Most first party data points don’t leave the organisation you gave them to (google knows where you’ve been if you check in at a location in google maps (or allow it to track personal granular location automatically) and what YouTube videos you’ve watched. But they’re not selling that information.
What organisations tend to do is aggregate it and assign you to a number of groups. Country, age-band, education level, interests. Now, as we mostly know, those can get pretty damn specific, especially when combined, eg: people who live in zipcode A, have a college degree, have a driving license but not a passport, shop at B, order food from McDonalds, are vegetarian, own a dog, have a child under 1, and use websites C, D & E.
It might even get down to: this user graduated in 2002 from X, is vegetarian but gets Uber Eats from McDonalds store Y and has never ordered a non-beef product in the past 10 months. But it’s not going to include your individual order history.
This is super helpful context on how the data enrichment process works. If you wanted today to get access to your data at the level of:
“user graduated in 2002 from X, is vegetarian but gets Uber Eats from McDonalds store Y and has never ordered a non-beef product in the past 10 months.”
Would you reach out to a company like acxiom to request it directly, or is identity usually completely abstracted away due to consumer privacy regulation?
I believe it should be abstracted but they must hold some form of a common ID (email etc) in order to facilitate the “enrichment”. Maybe it’s done in a public key/private key way. I don’t actually know.
In terms of getting access I think you’d need to become a partner/customer of something like Acxiom.
If you just want your personal data then you can get it (certainly in Europe or for companies based there) by doing a “subject access request” but I think you might have to originate those with organisation you’ve shared data with.
For the UK (and Europe?) look into “Data Controller” vs “Data Processor”. Third parties running services tend to be “processors” who have responsibilities, but it’s the data controller (normally the first party thing you’ve used directly and given your data to directly) who are ultimately responsible for ensuring it’s handled compliantly and getting you access. Eg: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/controllers-and-processors/controllers-and-processors/what-are-controllers-and-processors/