Shoshana Zuboff coined "surveillance capitalism" to describe the economic system in which human experience is claimed as free raw material for behavioral data extraction. Your searches, clicks, location, purchases, messages, photos, voice, facial expressions, and social connections are collected, analyzed, and sold as prediction products — predictions about what you'll do, buy, believe, and feel.

The scale is staggering. Google tracks your searches, emails (Gmail), location (Maps, Android), browsing (Chrome), documents (Drive), videos watched (YouTube), and voice commands (Assistant). Facebook/Meta tracks your social connections, interests, purchases, location, messages (WhatsApp, Messenger), and photos. Amazon tracks your purchases, browsing, voice (Alexa), entertainment (Prime Video), and reading (Kindle). Each company builds a behavioral profile that is orders of magnitude more detailed than you realize.

A 2019 study estimated the average American's personal data is worth approximately $240/year to advertisers. But this underestimates the value — the data's worth compounds when combined across sources. Your Google data alone is moderately valuable. Your Google data + Facebook data + purchase history + location data + health data creates a prediction profile worth thousands in precision advertising.

Behind the platforms you interact with exists an industry most people have never heard of: data brokers. Companies like Acxiom, Oracle Data Cloud, LexisNexis, and Experian collect, aggregate, and sell consumer data at industrial scale.

Acxiom alone claims to have profiles on 2.5 billion consumers worldwide, with up to 10,000 data points per person. This includes: demographic information, income estimates, purchasing behavior, political affiliation, health conditions (inferred from purchases), relationship status, property ownership, vehicle ownership, and web browsing history.

Data brokers collect from: public records (property, voter registration, court filings), commercial sources (loyalty programs, purchase data, credit card transactions), online tracking (cookies, browser fingerprinting, app SDKs), and other data brokers (they buy and sell among themselves, combining datasets).

This data is sold to: advertisers (targeted ads), insurance companies (risk assessment), employers (background checks), landlords (tenant screening), political campaigns (voter targeting), law enforcement (investigation without warrant), and — in documented cases — stalkers, harassers, and identity thieves.

The regulatory gap: in the US, there is no comprehensive federal data privacy law. Data brokers operate in a legal gray zone where collection and sale of personal information is largely unregulated. The EU's GDPR provides significantly more protection, but enforcement is inconsistent and most Americans have no equivalent rights.

The "if you're not paying, you're the product" framing is actually too generous. Even when you ARE paying, you're often still the product.

You pay for an iPhone — Apple still collects behavioral data through its app ecosystem. You pay for a smart TV — it collects viewing data and serves ads on the home screen. You pay for a car — modern vehicles collect location, driving behavior, and even in-cabin audio, with some manufacturers selling this data to insurance companies and data brokers.

The data cost of "free" services is far higher than most people realize:

Gmail: Every email is scanned for data extraction (Google stopped using email content for ad targeting in 2017, but still uses it for product features, AI training, and other data products).

Social media: Every interaction, hover, scroll speed, and time-on-content is tracked. Facebook has documented that it can detect emotional states from usage patterns.

Smart home devices: Amazon's Alexa records and transmits audio to Amazon's servers (employees have been documented listening to recordings). Ring doorbells share footage with law enforcement without user consent in some cases.

Fitness trackers: Heart rate, sleep, exercise, and location data collected by Fitbit (owned by Google), Apple Watch, and others. This health data has been used in court cases, insurance decisions, and employment screening.

The asymmetry: you cannot meaningfully consent to data collection you don't understand. Terms of service average 7,000-8,000 words. Reading every ToS you agree to in a year would take approximately 250 hours. Consent in this context is fiction — it's a legal formality, not informed agreement.

Complete privacy in 2025 is nearly impossible without extreme lifestyle changes. But you can dramatically reduce your exposure with moderate effort.

Browser: Use Firefox or Brave instead of Chrome. Chrome is Google's primary data collection tool. Firefox with uBlock Origin and Privacy Badger blocks most trackers. Brave blocks trackers by default.

Search: Use DuckDuckGo or Brave Search for most queries. They don't track searches or build profiles. Use Google when you specifically need its capabilities (Maps, Scholar) — then return to your default.

Email: Consider ProtonMail or Tutanota for sensitive communications. Gmail provides excellent functionality in exchange for extensive data collection. The tradeoff is yours to make — but make it consciously.

Messaging: Signal uses end-to-end encryption and collects minimal metadata. WhatsApp uses the same encryption but shares metadata with Meta. iMessage is encrypted but Apple has access in some configurations. Telegram is NOT end-to-end encrypted by default.

Phone settings: Disable ad tracking (iPhone: Settings → Privacy → Tracking → toggle off. Android: Settings → Privacy → Ads → Delete advertising ID). Review app permissions regularly — most apps request far more access than they need.

Data broker opt-out: You can request removal from major data brokers (Acxiom, Spokeo, WhitePages, BeenVerified). Services like DeleteMe and Privacy Duck automate this process. It requires ongoing maintenance — brokers re-collect data continuously.

VPN: A VPN hides your browsing from your ISP (who can and does sell this data). Reputable options: Mullvad, ProtonVPN, IVPN. Avoid free VPNs — they are data collection operations masquerading as privacy tools.