Teens trick Instagram algorithm in privacy techlash

Teens trick Instagram algorithm in privacy techlash

In the U.S. state of Maryland, one group of teens are outsmarting the Instagram algorithm, and throwing a spanner in Zuckerberg’s data collection machine.

Their strategy, as revealed by ringleader Samantha Mosley in a presentation at the hacker conference Shmoocon, entails flooding the Instagram platform with user data that can’t be linked to any one person.

One person creates an Instagram account, then requests a password reset and sends that link to a trusted friend without closing their own session; resulting in both friends having active sessions.

When this is repeated several times, you end up with a single account that is controlled by several different people. And when photos are uploaded, the Instagram tracking triggered by different people scrambles the algorithms, yielding a mishmash of data that provides no insight into the behavior of any one person.

“We fluctuate who’s sending to what account,” said Mosley to CNET. “One week I might be sending to 17 accounts, and then the next week I only have four.”

The Techlash

Though this particular rebellion might be little more than a gesture—destined to be quashed by the next round of “Terms of Service” updates, it speaks to a growing movement known as the techlash.

A portmanteau of the words “technology” and “backlash”, it describes a growing discontent with the privacy violations and monopolies of big tech.

This manifests in the form of regulations like the California Consumer Privacy Act, which takes effect on January 1st, 2020, and the uptake of cryptographic protocols—from decentralized media platforms to anonymous cryptocurrencies—that empower users to take control of their data.

Privacy expert Alain Desmier, who founded marketing transparency and online data fraud firm Contact State, suggests we are now moving towards a situation where having more control over data will be the norm:

“The future of online data consent will revolve around a receipt-based exchange whereby a data processor sends the consumer what data they are storing, how it will be used and when it will expire,” said Desmier to Brave New Coin. “These receipts will then be used by the consumer as an audit trail of who is storing their data, in much the same way you might receive a receipt for an offline retail purchase.”