Not trying dismiss the actual experience you've had, but I think there's a big difference between what the technology is doing and what it looks like it's doing. Perhaps this is a moot point... if your experience is that you go to a store and buy caviar then suddenly you're seeing caviar ads online, it doesn't really matter exactly how it happens - it's still annoying and concerning. But in the interests of busting myths...
Credit card companies only share aggregated data, not personal data. Possibly it was geolocation that was the hook here. Your phone was near a shop that sells caviar. Profiling indicates that you're the sort of person who is likely to buy caviar. Bingo! Let's advertise caviar.
Cookies are not usually intercepted - they're encrypted by almost every website as standard making it impossible for a third party to intercept them (I'd be interested to see what you've been reading). Third parties get hold of the information because the party that created the cookie in the first place sells the data they collect with it.
Phones don't spy on your audio conversations. Phones often monitor speech constantly for specific purposes such as listening for wake words like "OK Google". Then the phone activates and you say something like "What's the weather like tomorrow at Fenway Park". That's recorded in exactly the same way as if you typed in that search. And then you get baseball ads. The phone isn't just spying on you and springing into action when you casually say "Boston Red Sox" to your neighbor.
Overall, profiling is
way more detailed and accurate than our intuition would suggest. It might look like someone has shared personal data specifically about you and specifically about something you did or said, but actually companies are just looking at anonymous data, masses of it, and matching your profile against other profiles and then guessing (very accurately) what sort of thing you get up to and when. Even having said that, it's also true that no-one ever mentions the 400 times that they saw an irrelevant, inaccurate advert - only the one time the profiling got it absolutely spot on.
As I say, perhaps none of that is reassuring or relevant if the end result is that you can be targeted very specifically by ads anyway.
And if you distrust the companies who invent and use the tech, then nothing I say is going to be at all reassuring. But I have worked in this industry and understand at least some of the tech quite well.
To me there's a difference between super-accurate profiling, and the phone listening to and recording and passing on every word I say. The former is annoying but whatever. The latter would, I think, spark a massive backlash and a heap of lawsuits from, for example, these guys:
Electronic Frontier Foundation
An example and very detailed white paper from EFF on the state of corporate internet surveillance:
It's time to shed light on the technical methods and business practices behind third-party tracking. For journalists, policy makers, and concerned consumers, this paper will demystify the fundamentals of third-party tracking, explain the scope of the problem, and suggest ways for users and...
www.eff.org
