When the history of our time comes to be written, one of the things that will puzzle historians (assuming any have survived the climate cataclysm) is why we allowed ourselves to sleepwalk into dystopia. Ever since 9/11, it’s been clear that western democracies had embarked on a programme of comprehensive monitoring of their citizenry, usually with erratic and inadequate democratic oversight. But we only began to get a fuller picture of the extent of this surveillance when Edward Snowden broke cover in the summer of 2013.

For a time, the dramatic nature of the Snowden revelations focused public attention on the surveillance activities of the state. In consequence, we stopped thinking about what was going on in the private sector. The various scandals of 2016, and the role that network technology played in the political upheavals of that year, constituted a faint alarm call about what was happening, but in general our peaceful slumbers resumed: we went back to our smartphones and the tech giants continued their appropriation, exploitation and abuse of our personal data without hindrance. And this continued even though a host of academic studies and a powerful book by Shoshana Zuboff showed that, as the cybersecurity guru Bruce Schneier put it, “the business model of the internet is surveillance”.

The mystery is why so many of us are still apparently relaxed about what’s going on. There was a time when most people had no idea what was happening to their privacy. But those days are gone. We now have abundant evidence of public concern about privacy. A recent Pew survey, for example, found that roughly six in 10 Americans believe it’s not possible to go through daily life without having their data collected by both the tech industry and the government, and say that they have no idea about what is done with that data by either party. About 80% believe they have little or no control over the data collected by tech companies and that the potential risks of that data collection outweigh the benefits. Yet they continue to use the services provided by corporations of which they are apparently so suspicious.

This is the so-called “privacy paradox”, and the question is, what is needed to trigger an appropriate shift in regulation and public behaviour. What would it take for governments to take coherent, effective measures to stop the ruthless exploitation of personal data by surveillance capitalists? What would it take for ordinary users to decide to use services with less unscrupulous and opaque business models? What would transform this from a scandal to a crisis that would lead to systemic change?

Earlier this month, in an extraordinary feat of reporting and analysis, the New York Times published an investigation into the smartphone tracking industry that should make it harder for anyone to close their eyes to what’s going on. Every minute of every day, everywhere on the planet, dozens of largely unregulated and unknown companies log, with mobile phones, the movements of tens of millions of people and store the information in gigantic data files.

The New York Times obtained one of these megafiles – which it says is “by far the largest and most sensitive ever to be reviewed by journalists”. It holds more than 50bn location “pings” from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles.

Each piece of data in this gargantuan file represents the precise location of a single smartphone over a period of several months in 2016 and 2017. It originated from a location tracking company, one of dozens covertly collecting precise movements using software slipped on to mobile phone apps. “You’ve probably never heard of most of the companies,” write the reporters, “and yet to anyone who has access to this data, your life is an open book. They can see the places you go every moment of the day, whom you meet with or spend the night with, where you pray, whether you visit a methadone clinic, a psychiatrist’s office or a massage parlour”.

We’ve had stories like this before. In 2011, for example, the German magazine Die Zeit published the findings of an experiment in which the smartphone location data of a Green politician was collected and mapped, effectively yielding a detailed insight into his daily life. But that was just a single example of an individual who wanted to make a political point. The digital cognoscenti were alarmed by this, but the general public just yawned.

The scope of the New York Times study is incomparably wider: 12 million people are tracked in the not-so-distant past. It throws an interesting light on western concerns about China. The main difference between there and the US, it seems, is that in China it’s the state that does the surveillance, whereas in the US it’s the corporate sector that conducts it – with the tacit connivance of a state that declines to control it. So maybe those of us in glass houses ought not to throw so many stones.

What I’m reading

Plus ça change?
“Last House on the Left: Following Jeremy Corbyn’s Campaign Trail.” The extraordinary thing about this essay on the Quietus blog is that it was written four years ago.

Eureka!
Nature’s summary of a decade of breakthroughs – from gene editing to gravitational waves.

Zuckerfaked
“I created my own deepfake – it took two weeks and cost $552.” ArsTechnica report on how Timothy Lee created a deepfake of Mark Zuckerberg giving testimony to Congress (saying what he should have said). It’s not perfect, but it was made with off-the-shelf tools.