This post has been modified to reflect new information since its original publication.
Data miners provide insurance companies with all manner of personal shopping, browsing, and messaging habits, along with a comprehensive history of status updates, tweets, and the like. Read on to learn how this practice works and how it’s abused, as well as how you can keep your sensitive data safe from the prying eyes of data miners and insurers.
How do insurance companies assess risk?
Insurance providers have long limited the types of goods, services, and people they’re willing to cover on the basis of risk. Risk can be defined in different ways, but the bottom line is that you are assessed based on how far you deviate from what they define as a “normal” person. Risk management has become a science, with companies employing actuaries to assess and plan for various pitfalls that can happen in one’s life or to one’s possessions.
Life insurance companies, for example, take a very conservative approach to risk and typically screen applicants based on factors like, lifestyle, finance, and health. In fact, they often decline policies based on risky behaviors such as smoking, excessive drinking, or health problems. With personal possession insurance, those who take chances with their cars or their homes are more likely to be declined, as the insurance companies perceive the risk as being too great.
Traditionally, life insurance applicants must submit urine and blood tests to provide carriers with a measurable profile of current and future health factors. However, with continuous advances in online ad tracking and behavioral marketing, some insurers now look to data-mining firms to help them replace costly and cumbersome medical tests with electronic prescreening.
How do insurance companies stalk you online?
Every website you visit, every email you send, every advertisement you intentionally (or unintentionally) click on—you divulge information about yourself. Most of this data takes the form of cookies, or small text files in your Web browser that store information. There are several types of cookies: some can store login and browsing information for a unique website, others can remember language preferences or location data, and still others can track your behavior as you surf the Internet.
This last type of cookie, often called a “third-party, ad tracking cookie,” is easily the most invasive. It allows Internet marketing and data-mining firms to gather vast amounts of information based on your browsing behavior—and then paint a virtual picture of who you are. Valuable to every conceivable commercial entity, the data obtained by third-party, ad tracking cookies can lead to highly targeted online marketing, predictive modeling, and, at worst, weblining (which is basically redlining for the Internet age).
How does this affect me?
Tracking cookies have been in use for many years now. The insurance industry has simply taken advantage of this technology to acquire more clients at less cost. However, they are using the data less for targeted advertising and more as a means to quickly weed out what they consider less desirable applicants, and often to set policy prices. According to an article in The Wall Street Journal, insurance providers Aviva, AIG, and Prudential have used the services of Deloitte Consulting and similar companies to explore the potential of data profiling not only for prescreening purposes, but also as a legitimate cost-cutting measure (Deloitte estimates savings over traditional screening methods at $125 per applicant). Such practices could result in preferential treatment for those whose online (and offline) behaviors reflect a healthy lifestyle—and extra hurdles for those with seemingly unhealthy online profiles.
For example, someone with a subscription to magazines for individuals of high net worth, a platinum credit card, a purchase history of sports equipment, and a home in a wealthy neighborhood would be a shoo-in for a preferred policy. In contrast, a renter in a poorer area who has a premium cable subscription and orders diet plans online would likely not only have to take the traditional tests, but would experience extra scrutiny throughout the application process. The latter applicant, of course, would probably end up paying more for less coverage.
Life insurance companies can also use your online data to deny claims after approving someone for coverage, should the unthinkable happen within the first two years of the policy being in force. Prior to paying out, the company will perform due diligence about the validity of the claim by conducting an investigation, including checking the online reputation of the deceased, to ensure that he or she abided by the terms of the policy. If the insurance firm finds status updates and photos that show a lifestyle contrary to what you stated when applying, it might balk at paying out on your policy. In 2009, for example, a business executive stated on his application for a $3 million life insurance policy that he didn’t engage in high-risk hobbies. After his death several months later, the insurance company discovered he had a longstanding heli-skiing hobby and rescinded his policy.
This same scenario can apply to other types of insurance claims. Although fault in car accidents is generally decided long before you receive a settlement package, insurance companies will perform a type of reputation monitoring that is designed to catch any inconsistencies in your side of the story. Many an injury settlement has been declined due to claimants stating that they had sustained a severe back injury, only to post pictures of themselves a week later throwing their children in the air. One famous case is that of an insurance company cancelling a Canadian woman’s disability benefits for depression because the insurer felt that the insured’s Facebook posts, which showed her having fun at her birthday party, proved she was no longer depressed.
How can I keep my online behavior private?
There’s no easy answer to this problem. However, this doesn’t mean, that there’s nothing you can do to safeguard your personal data. In response to the widespread, unauthorized and—astonishingly enough—legal collection and sale of personal information, several entities, including the Federal Trade Commission have proposed nationwide “do not track” legislation. If implemented, this law would be a great first step in protecting online privacy. Until then, however, the best way to reduce the effects of ad tracking cookies is to do the following:
Fix the privacy settings on your social media accounts
You insure the contents of your home to protect your possessions from theft, fire, or natural disaster. Yet the popularity of Facebook and Twitter has driven up home content insurance premiums because homeowners are unwittingly contributing to the rise in break-ins and theft. Many people have fallen prey to thieves after posting a status update stating that they will be out for the night or away for the weekend. For those who don’t follow recommended social media privacy settings, status updates are available for any thief who may be waiting for an opportunity to enter your home. Insurance companies are now warning that if you post these types of updates on social media sites, your premiums will increase or you will be denied your policy.
The smart approach to social networking is to take your digital privacy seriously by avoiding certain type of status updates on Facebook and Twitter. Additionally, stay clear of posts that show your home address or even your birthday. Would-be thieves can use this information to target your home when they suspect it will be vacant.
Block third-party, ad tracking cookies
Because of the enormity of the task, you simply can’t manually disable all cookies you encounter on the Internet. Doing so would be incredibly time consuming. However, there are other ways that you can protect yourself from most ad tracking cookies.
- Opt out of webmail tracking—You can configure your Google and Yahoo! email accounts to stop showing you targeted ads. In your Gmail account, you simply go to the Ad Settings page and slide the toggle next to Ads Personalization. Yahoo! users can go to the Ad Interest Manager page, select “On Yahoo!,” and click “Opt Out.”Note that opting out of these personalized ads doesn’t mean that you won’t see any more ads. Doing so merely prevents Google and Yahoo! from showing you targeted advertisements. You will still see ads based on your location, your demographic, and the content of the page you are looking at. For more details, read the Google and Yahoo help pages.
- Use adblock plugins—There are many good browser extensions you can use to block online ads and keep your information safe from data collectors, but the most popular one is AdBlock Plus. Installed on more than 100 million devices, this plugin is an open-source project, with hundreds of people contributing to its success.
- Adjust browser settings—You can configure most browsers to prevent third-party companies from installing cookies to track your online activities. If you are on Amazon.com, for example, only Amazon, and not another firm, will be allowed to load cookies.
Remove yourself from people-search sites.
Another way to keep your data private is to remove your information from people-search sites, like Spokeo, PeopleSmart, MyLife, US Search, and Intelius. While most of what these sites post comes from publicly available government sources, they also use information gleaned from your social media activity, marketing databases, news articles, and more. Deleting your profile on people-search sites reduces the amount of information that data miners can use to construct an online profile of you, thus keeping you safe from insurance company scrutiny.
However, removing yourself from people-search sites can be a complicated, time-consuming process because each site has its own procedure that you must follow. To get yourself deleted from US Search’s databases, for example, you must mail the firm a letter (emails or phone calls won’t work) stating that you want to join US Search’s PrivacyLock service. The letter must include your name (along with any aliases), your present and past mailing and email addresses, your present and past phone numbers, as well as any other data you want the company to remove. Additionally, you need to include a proof of identification, such as a copy of your driver’s license, that shows your name, date of birth, and address.
You will also need to search all variations of your name to be sure that your information doesn’t appear on people-search sites under a slightly different spelling. When you have submitted removal requests for all the sites on which your data appears, you will still need to monitor these sites periodically because every new bit of information about you that that shows up online will generate a new profile.
If you find the steps involved in removing your information from people-search sites daunting, you can take advantage of companies that specialize in helping people keep their information private. ReputationDefender offers a suite of online privacy tools that can delete your personal information from data collectors’ archives and monitor the Internet for any new references to you, thus giving you and your family peace of mind.