Two of my favorite authors (Robert Heinlein and Milton Friedman) had much to do with the popularization of this phrase before economists and press started using it regularly.  Initial credit really goes to Rudyard Kipling, who described the offer of free lunches linked to paid drinks in San Francisco saloons as far back as 1891. Most of us have traditionally thought of the free lunch concept in the context of economics and some measure of common sense.  Despite our worldly distrust of things that look too good to be true or can’t possibly be sustainable as free giveaways, we’ve been on a modern day binge that would make Kipling cringe.

Everywhere but Apple

With the possible exception of the Apple ecosystem of iTunes junkies who’ve been classically conditioned to pay for what they consume, we’ve steadily built an online economy that presupposes free stuff.  Yes, we still have to pay our local telco or cable provider for an on-ramp to the super highway of free, but that’s it for many, at least here in the US.  Software, cloud storage, document conversion, reference materials, comparison shopping – it’s all free for the taking.  We’ve gobbled it up only occasionally lifting our heads from the banquet table when something goes wrong. But even with warnings and mishaps we keep returning because for most of us, free is just too good to pass up.

FCC opens the Pandora’s Box

Lately we’ve finally been awakened to the fact that our free lunch is financed by one of our most fundamental rights – the right to privacy.  The only way the Internet can continue to serve up vast quantities of content and services at no charge is to collect data, and lots of it.  It’s no longer a secret that this is happening, and most people seem to be okay with it.  I mean, really, does it matter since it’s anonymous metadata, usually not associated with me, and it’s not like they have my name, address and phone number – right?  If that wasn’t the case before, it most certainly can happen much more easily in the near future.  The FCC’s most recent decisions on ISP data rights and responsibilities change this whole ball game.  At the risk of pointing out the obvious, I’d like to emphatically state that there’s nothing you do online that your upstream provider (ISP) does not see.

How Much Will Privacy Cost My Bank?

Let’s step away from the personal privacy aspects of this, because there are many people and watchdog organizations like the Electronic Frontier Foundation that have always, and will continue to advocate on behalf of individuals and their rights to privacy.  Instead, consider the stakes for the Financial Services community with its vast storehouses of highly sensitive personal information, its unquenchable thirst for data and its endless streams of transactional activity.  I’m not for a minute suggesting that our ISPs will start to sell access to this information – that would be criminal and offenders would be punished both legally and economically as their clients left in droves.  A far more likely scenario is that secure, private and encrypted transport services will become a new revenue source for a mature telecommunications industry that has seen bandwidth become a commodity item and brand loyalty evaporate.

No Safe Harbor – Stormy Seas of Social Media

At one point Facebook was a simple, fast and uncomplicated site where posts went up on a wall and connections happened rather organically.  The Facebook platform of 2017 bears little resemblance to that fledgling service that the world has flocked to since 2010.  Facebook has changed in a way far more intrusive than advertising, it’s become a social engineering launchpad.  Companies like Cambridge Analytica could not achieve the type of “psychographic analysis” they claim without the vast quantity of data points that Facebook users in particular provide so willingly.  Part of the reason why we see more and more effective methods of “Spear Phishing” as the basis for a socially-engineering hacking effort, is that there’s so much information out there for people to scoop up.  For those who feel secure in their privacy settings and secure circle of friends and family on Facebook, let’s think for a minute about the type of detailed information that can be found on your LinkedIn profile.  Combine that with some high quality search bots to scoop up content associated with you, your alma matter and your previous employers and I think someone could put together a pretty comprehensive profile with very little effort.

A Great Compromise on the horizon?

The Good News and the Bad News is that many people in the data management business recognize the inherent risks and need to balance the economics of monetization with privacy concerns.  That statement should indicate to you that there can and will be tradeoffs as we move forward.  As both individuals and as professionals, we need to consider the economics of free, while we make some very consequential decisions about how we will monetize our own privacy and that of others that rely upon us as providers of goods and services.

In my next installment, we’ll take a look at some interesting data on Cybersecurity from people I know who fight the bad guys in both the public and private sector, then talk about the online lives of Millennials.