Updated: In the analog world of J.Crew catalogs and credit card purchases, credit bureaus like Experian built profiles on most of us. In the digital world, a new kind of digital data aggregator is spreading its tentacles on the web.
The latest privacy-related dust-up at Facebook, sparked by a WSJ story, might be making Facebook the target of the consumer ire, but in my opinion, the real story centers around San Francisco-based Internet information aggregation company called Rapleaf. In their story, Emily Steel and Geoffrey Fowler of WSJ write:
In this case, however, the Journal found that one data-gathering firm, RapLeaf Inc., had linked Facebook user ID information obtained from apps to its own database of Internet users, which it sells. RapLeaf also transmitted the Facebook IDs it obtained to a dozen other firms, the Journal found. RapLeaf said that transmission was unintentional. “We didn’t do it on purpose,” said Joel Jewitt, vice president of business development for RapLeaf. Facebook said it previously has “taken steps … to significantly limit Rapleaf’s ability to use any Facebook-related data.” The most expansive use of Facebook user information uncovered by the Journal involved RapLeaf. The San Francisco company compiles and sells profiles of individuals based in part on their online activities.
The funny part is that Rapleaf, doesn’t need any of the user ID stuff. All it needs is an email and it can build a profile of you that is scary, to say the least.
If you want to understand what Rapleaf does, I suggest you visit the website of a San Francisco-based startup, Flowtown, which specializes in helping companies craft social media marketing messages. Enter anyone’s email address, and you will see information pop up about him or her, including links to their social networks and even some of their most recent postings. Flowtown gets most of its information from Rapleaf (along with a handful of other sources), which in turn gets its information from Facebook apps and other sources.
Rapleaf’s influence on the web is only increasing. Take for instance startups such as Rapportive, which makes an extension that plugs into your Google mail account and gives you access to profile data of the person you are exchanging emails with. The data for the service is coming from Rapleaf. Rapportive competitor eTacts also pulls data from Rapleaf. And so does Gist. It is not clear if these startups share any data back with Rapleaf, but I would think there has to be some quid pro quo.
“In contrast to other startups in our space who have entered into data-sharing agreements with Rapleaf in exchange for free data, we explicitly ensured that we would not have to share any data back to Rapleaf (for the good of our users),” Howard Liu, co-founder of eTacts emailed us in response to a query. Rapleaf Rapportive CEO Rahul Vohra also confirmed in our comment section that his service doesn’t pass any data back to Rapleaf. And so did Gist CEO. (We will be talking to Rapleaf executive tomorrow morning and are going to get an update from some of the other startups as well.)
Think of it this way: If data is the currency of the web, then Rapleaf is controlling a lot of it.Rapleaf knows a lot more about you, your social connections and what you do — more than you realize.
Related content from GigaOM Pro (sub req’d):
- Could Privacy Be Facebook’s Waterloo?
- Facebook Tries to Navigate the Privacy Storm
- Lessons in Smart Grid Privacy From Facebook and Google