Skip to content
Naked Security Naked Security

Facebook halts plan to mine profiles for insurance quotes

Admiral's plan to award discounts in return for data contravenes Facebook's terms

Facebook has halted a plan by a UK car insurer to use young drivers’ data from the social network to analyse their personalities and offer quotes based on their profile.

The scheme from Admiral, called firstcarquote, was designed for young new drivers who are often quoted very high premiums because they’re seen as more of a risk than an older driver, and who also don’t benefit from having a clean record of not making previous claims.

However, Facebook has blocked Admiral’s app, saying that it contravenes the paragraph in their terms and conditions that says: “Don’t use data obtained from Facebook to make decisions about eligibility, including whether to approve or reject an application or how much interest to charge on a loan.”

So what’s behind this? According to researchers (PDF), if you’re a man, or young, or a risk-taker, you’re more likely to be a hazard on the road. And apparently algorithms can deduce if you tend to those traits from the persona you present on your social media profiles and posts.

That’s why Admiral, one of the UK’s biggest car insurance companies, was planning to use Facebook posts to identify safe drivers and give discounts to those who aren’t too likely to wrap themselves around a tree.

The program, which was opt-in, asked you to enter your car registration and connect to Facebook, answer a few questions and wait for whatever kind of discount might come your way.

Then, as the Guardian reports, algorithms get on with crunching your posts and looking for personality traits linked to safe driving, such as being organized or conscientious.

Examples include writing in short, concrete sentences; using lists; and setting a time and place to meet friends, instead of just the off-hand “tonight”.

In contrast, risk-takers – the type more likely to get in accidents – show signs of overconfidence. Like to use exclamation marks?!!! Tend to sprinkle your posts with words like “always” or “never” instead of the more tentative, cautious “maybe?” That could count against you.

The opt-in is open for all drivers, not just the newbies. Exclamation marks or the like won’t lead to higher premiums, since the program is only used to give discounts. The discounts could be worth up to £350 a year.

Are they driving us into a privacy wreck?

Dan Mines, head of Admiral’s firstcarquote project, told the Guardian that none of this is invasive when it comes to privacy.

It is incredibly transparent. If you don’t want to use it in a quote then you don’t have to. We are doing our best to build a product that allows young people to identify themselves as safe drivers.

 

Unprecedented? Nope.

Mining social media is far from new. We already know that social media missteps can bury our chances of getting hired or can get us arrested if we brag on Facebook or Twitter about what bad-ass burglars we are.

Closer still to the case of firstcarquote is the use of social mining by loan companies. They were doing the same type of mining, for much the same intent, according to a Wall Street Journal report from 2014.

Our Facebook friends, our Twitter musings, our eBay or PayPal accounts, our cookies, our browser behavior, and/or our smartphone use have been increasingly used by financial services outfits to figure out whether they should loan us money or extend our existing credit lines.

The horrifically embarrassing things some of us stumble into posting include financial details that could get our credit applications denied, such as whether the job information we put on our loan applications match what we posted on LinkedIn, or whether we posted about our employers firing us.

Small businesses, for their part, may well be turned down for more credit if they get lousy reviews on eBay, lending companies told the WSJ at the time.

In January 2014, at the time of the WSJ report, many such institutions were giving customers the social media once-over on an opt-in basis, using the information as one more way to get credit to borrowers who might otherwise have difficulty getting a loan. Banking experts predicted back then that the opt-in part of it was likely to move to being, well, shall, we say, not quite so voluntary.

I reached out to one such loan company, Moven, to see where it’s at with social media mining. Are they still mining social media? If not, why not? If they’re still squeezing our online selves to see what comes out, have they moved from opt-in to requiring that customers grant them access to their social media accounts? Or are they scraping the data?

As of January 2014, the Center for Digital Democracy, a US privacy group, was seeking regulation of the trend. If I get an update on the status of the group’s work, I’ll update the story. Ditto for a response from the loan company.

Here’s a wild stab in the dark: I’m going out on a limb and predicting that companies aren’t backing away from social media mining.

At least, not if the federal government can be seen as any kind of bellwether.

As of May, the Feds had plans to start mining social media in security clearance reviews.

The algorithm will keep learning about us

The Guardian spoke with Yossi Borenstein, the principal data scientist on firstcarquote, who said that the algorithm looked for correlations between social media data and actual claims data.

As Admiral gathers more data on correlations and attracts more customers, the way it weighs the importance of social media items could change.

Borenstein: Just like conscientiousness there are other traits which can be indicative of safe driving. Our algorithm for calculating what ‘safe’ looks like is constantly learning, as we match social data to actual claims data.
Our analysis is not based on any one specific model, but rather on thousands of different combinations of likes, words and phrases and is constantly changing with new evidence that we obtain from the data. As such our calculations reflect how drivers generally behave on social media, and how predictive that is, as opposed to fixed assumptions about what a safe driver may look like.

Borenstein says that Admiral  wouldn’t have accessed what our Facebook friends post, nor what we look at, and added that once the quote was done, Admiral would no longer have access to the data.

If Europe’s data privacy watchdogs start chasing after these speeding social media mining companies, we’ll keep you apprised of every bite.

3 Comments

Did you miss the part about where it suggests that its opt in for now but it wont be long before its mandatory?

This is very bad, does this not convene the GDPR or the DPA – I thought that any personal data collected must not be used in such a way that it may have a negative effect on the data subject? Or is this just a practice in the US?

How can you possibly judge by way of an ultimately human created algorithm whether an individual is credit worthy or worthy of a discount just by the language used within facebook posts, we can create an online presence which is totally opposite of what we are like in real life and no algorithm can take this into account. Conversely we could create a profile that makes us look like the pope and gets us all the positive rewards we could ever want assuming one is extremely clever and vigilant so again tell me where this information could be considered really truthful.

This is an exercise to save as much money as possible for insurers in terms of minimising discounted rates, seeing where they can inflate rates for those who don’t opt in until it is mandatory then it will be used to inflate rates based on negative profiling oh and of course lets not forget a reduction in employees who no longer have to review applications.

Let us all take a leaf out of the Facebook in terms of trending news – look how that is turning out – enough said.

The world is going mad or lazy

I don’t believe I missed anything. Here’s the paragraph to which you apparently refer in your comment “about where it suggests that its opt in for now but it wont be long before its mandatory”:

“In January 2014, at the time of the WSJ report, many such institutions were giving customers the social media once-over on an opt-in basis, using the information as one more way to get credit to borrowers who might otherwise have difficulty getting a loan. Banking experts predicted back then that the opt-in part of it was likely to move to being, well, shall, we say, not quite so voluntary.”

Note that not only is there no mention of any plans for changing the opt-in to mandatory, but that the quote refers to a different topic, that of financial institutions making loans. While it’s entirely possible for Admiral to go that way, we have no way to determine that, do we?

Just for the record, I don’t think this is a good idea, and I certainly would not opt into it myself. But I don’t see it as something that needs to be banned. Just don’t use it or support it!

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?