Oracle’s HUGE Ad Data Graph is ‘Illegal Panopticon’ — 5 BILLION People Big

Oracle “illegally” collects and links data about you, selling it to the highest bidder—all without your consent. Online and offline, your privacy is invaded daily—so says a California class action lawsuit.

Co-founder Larry Ellison (pictured) basically said as much six years ago, when he explained Oracle’s ID Graph and claimed that, even then, the size of it was five billion rows. The lawsuit alleges Oracle is acting illegally under the California constitution, the California Unfair Competition Law, the California Invasion of Privacy Act and the Federal Wiretap Act.

Stuff just got real, AdTech industry. In today’s SB Blogwatch, we draw back the surveillance-capitalism curtain.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Barcode ponies.

Does Redwood City Have Limits?

What’s the craic? Adrian Weckler reports—“Oracle faces class-action lawsuit for ‘tracking’ five billion people”:

Oracle has violated the privacy of billions
The lawsuit … claims that the tech giant is unduly tracking and monitoring people. [It] is being launched in California, which has the most advanced privacy laws in the US.

The US legal challenge alleges various violations of both Californian and US privacy and communications laws. … It is likely to be seen as a test case to see whether the US is open to regulatory change that is more closely aligned to the EU’s GDPR.

“Oracle has violated the privacy of billions of people across the globe,” said … Irish Council for Civil Liberties (ICCL) senior fellow Johnny Ryan. … “This is a Fortune 500 company on a dangerous mission to track where every person in the world goes, and what they do.” … “Oracle claims to have amassed detailed dossiers on five billion people, and generates $42.4bn … in annual revenue,” said the ICCL in a statement. “Oracle’s dossiers about people include names, home addresses, emails, purchases online and in the real world, physical movements in the real world, income, interests and political views, and a detailed account of online activity.”

Yikes on bikes. Natasha Lomas adds—“Oracle’s ‘surveillance machine’ targeted”:

No comprehensive federal privacy law
The … complaint in the Northern District of California [accuses] the company and its adtech and advertising subsidiaries of violating the privacy of the majority of the people on Earth. The suit has three class representatives: Dr Johnny Ryan … Michael Katz-Lacabe, director of research at The Center for Human Rights and Privacy; and Dr Jennifer Golbeck, a professor of computer science at the University of Maryland — who say they are “acting on behalf of worldwide Internet users who have been subject to Oracle’s privacy violations”.

The substance of the complaint hinges on allegations that Oracle collects vast amounts of data from unwitting Internet users—i.e., without their consent—and uses this surveillance intelligence to profile individuals, further enriching profiles via its data marketplace and threatening people’s privacy on a vast scale. … A spokesman for Oracle declined to comment.

There is no comprehensive federal privacy law in the U.S. — so the litigation is certainly facing a hostile environment to make a privacy case. Hence the complaint references multiple federal, constitutional, tort and state laws, alleging violations of the Federal Electronic Communications Privacy Act, the Constitution of the State of California, the California Invasion of Privacy Act, as well as competition law, and the common law.

Wait. Pause. Did you say five BILLION? Allison Schiff heard it too—“Oracle’s Third-Party Tracking”:

Unlawful privacy violations
TFW when you brag about the size of your graph on stage at an industry event, then it’s used as evidence against you. Oracle was hit with a class-action lawsuit [that] quotes from … Ellison’s keynote presentation at the company’s 2016 OpenWorld conference, during which he boasted that there are five billion people in Oracle’s ID Graph: “How many people are on Earth, seven billion? Two billion to go,” Ellison quipped from the stage. … “This is scaring the lawyers,” Ellison joked.

[It’s] not Ryan’s first rodeo. In June of last year, Ryan brought a suit against the [Interactive Advertising Bureau] accusing it of sharing consumer data without consent via real-time bidding. [He] argues the Tech Lab’s audience taxonomy unlawfully segments people without permission based on sensitive personal information, such as health status, religious beliefs and sexual orientation. … Ryan also helped file complaints in 16 different European countries alleging that [real-time bidding] itself is a violation of GDPR.

The complaint comes at a time when Oracle’s advertising business hasn’t been thriving. … Even so, Oracle Advertising netted around $2 billion last year. … And, in the view of its most recent complainants at least, that was money made through unlawful privacy violations.

Specifically, though? Michael Katz-Lacabe, Dr. Jennifer Golbeck and Dr. Johnny Ryan make a “CLASS ACTION DEMAND FOR JURY TRIAL”:

Pernicious and illegal
Oracle reaps great financial benefit from its … privacy-invasive conduct. … Oracle does not even maintain a pretense of having directly obtained the consent of the subjects of its surveillance. … The personal information Oracle amasses … which Oracle promises will provide near-omniscience into the lives of Internet users … includes billions of data points on more than 300 million users—or over 80% of the entire U.S. population.

Operation of Oracle’s ID Graph depends upon the accumulation of vast amounts of personal data. … Oracle gathers this personal information from a suite of its own Internet technologies, including cookies, tracking pixels, device identification, cross-device tracking, as well as from its acquisition of data from other parties [and] a proprietary software device, referred to as “bkcoretag.js” JavaScript code, to “extract,” or intercept, “user attributes,” which include the contents of users’ communications with websites, and secretly sends them to Oracle. … This process provides Oracle with a virtual panopticon [that] facilitates the creation of proxies for protected classes like race, and allows … advertisers, including political parties … to push ads to Facebook using personal data unlawfully collected … in pernicious and illegal ways … and sold by Oracle.

In contravention to the California Constitution and the reasonable expectations of privacy of California residents, Oracle … intercepts, collects, tracks and compiles their web browsing activity and communications [and] stockpiles unnecessary information about Class members and misuses information gathered for one purpose in order to serve other purposes. … Oracle has violated … the spirit and letter of … the Unfair Competition Law … thus Oracle should be required to disgorge its illegal profits. … Oracle’s tracking and interceptions of … internet communications was without authorization and consent [so] were unlawful [under] the California Invasion of Privacy Act. … Oracle’s actions in intercepting and tracking user communications while they were browsing the internet [were] in violation of … the Federal Wiretap Act.

tl;dr? u/guy_incognito784 gets contextual:

People think of Oracle as the company with *****y database software. It also has an incredibly extensive third party data collection network for ad-tech based sales that they’ve grown like they’ve tried to grow all of their other business units—by just buying companies in the ad-tech space.

Oracle? Who knew? This Anonymous Coward has more:

Oracle owns and operates a bunch of front companies that are feeding data into the Oracle Advertising and Customer Experience (CX) platform. Data and telematics are gathered not only from their own products (Oracle databases, Java, VirtualBox, Oracle IoT, Connected Car Platform, etc.) but also from a number of PC-based and console-based computer games, as well web hosting products and utility scripts included on a surprisingly large number of web pages.

Are they bigger than Google? Nobody knows. But maybe.

But who cares? u/FUDwreckersFloor20 was downvoted into oblivion for saying:

If you’re this worried about your privacy you are on the wrong internet.

That’s far too apathetic, thinks /.user#2652095:

I really don’t understand the apathy towards this. Then again, in the 90s, when people were saying this was coming, I didn’t think that much of it then.

Time has proven them exactly correct so far. Even if intentions are benevolent, all it will take is one bad actor and they will have the perfect system that can **** with everyone. … If that person happens to be president of the USA, they will also have the most insane military death machine ever created as well.

Meanwhile, the old ones are the best. Right, u/roo-ster?

ORACLE stands for, ‘One Rich A****** Called Larry Ellison.’

And Finally:

Dad jokes at the zoo

CW: Childish jokes about animal names in the first 10 seconds

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.

Image sauce: Hartmann Studios (cc:by; leveled and cropped)

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 665 posts and counting.See all posts by richi