How Your Digital Purchases Could Serve the Perfect Surveillance Network

You may be surprised how many different companies know whenever you use your credit card.


If you were a KGB agent in the heyday of Cold War surveillance, how would you design the perfect snooping system?

This system should gather good dirt on all people within the Soviet Union. We want to identify people and their habits to build behavioral profiles and keep tabs on their comings and goings. And it should it be as unobtrusive as possible; we wouldn't want the masses to start making a fuss about our valiant civic undertaking. What would you do?

This was the question posed to a group of academics attending a 1971 conference at the Center for Strategic and International Studies at Georgetown University. They had two days to dream up a perfectly evil surveillance architecture.

Their answer? "This group decided that if you wanted to build an unobtrusive system for surveillance, you couldn't do much better than an electronic funds transfer system."

So told former RAND analyst and self-described "computer-nik" Paul Armer to the Senate in a 1975 testimony. He elaborates:

The system not only collects and files a great deal of data about your financial transactions—and that means a great deal of data about your life—but the system knows where you are every time you make such a transaction. [emphasis original]

It's genius, really. No spies, clunky camera and microphone equipment, or random checkpoints are needed. All you have to do to get a detailed surveillance picture of a population is to hand them a payment card and send them on their way.

Armer was prescient. At the time he wrote, our modern payments system was still being built. "National BankAmericard" and "Master Charge"—now known as Visa and Mastercard—were young pups and only served a tiny portion of the population. But Armer and his colleagues quickly intuited how the structures these new ventures were building could be exploited for ill ends.

The problem is that such technologies could only work if users entrusted lots of sensitive information to service providers. The bank would need to know your personal identity and financial information. This would be shared with the payments network. The retailer would report what you bought and when to the network and bank. It would be trivial to build a detailed profile on your known locations and consumption habits. And since the whole operation would be digitized, this information would be quickly updated and easy to obtain.

It's not that financial institutions set out to build a super snooper for Uncle Sam. It's just that the infrastructure needed to operate a third party-provided payment system is coincidentally the same architecture that allows for constant spying. And all we see is convenience!

The happy accident of surveillance as a by-product of modern payments technology quickly attracted government interest. Peter van Valkenburgh of Coin Center describes how case law and legislation like the Bank Secrecy Act targeted third-party financial providers as holders of coveted personal information. Financial institutions can and do turn over information on certain exchanges to governments every day.

But really, Armer was a bit of an optimist. While he was spot on in articulating the surveillance dangers of a pervasive third party-based payment network, his article didn't foresee how advertisers and data brokers could get looped in and make an even bigger mess of things. Our payments system poses a greater surveillance risk because advertising is how most platforms make money online.

Consider this recent feature from the Washington Post, which traces how companies share transaction data when you make a card purchase. The columnist, Geoffrey Fowler, tried to track down exactly how many firms got his information when he purchased a humble banana. While companies are tight-lipped on how they share data, he was able to get a general picture of the records life of a card-based transaction.

Each time you swipe your card to buy a piece of fruit, at least six categories of corporations can receive your data, depending on how you pay: your bank, the payments network, the store itself, the point-of-sale system, mobile wallets like Google Pay, and financial apps like Mint.

And all of these groups love to share. Take your bank. The Gramm-Leach-Bliley Act of 1999 empowers banks to share customer data with "affiliates" for marketing purposes—so long as your bank tells you in the fine print of one of the many junk letters you toss out without reading and gives you the ability to opt out.

And share they do—ever wonder why you get Facebook ads for a product that you just purchased? Nonaffiliate marketing may be the culprit.

Fowler discovered that payment networks, too, will share information with businesses like Google, packaged as "data insights." Mastercard says it scrubs any identifiable information from the data. Does that make you feel any better?

Even if these groups didn't decide to share, they can do creepy things with the data we give them. I've written before about how Target—coincidentally Fowler's banana-peddler of choice—builds behavioral profiles of their customers to more effectively market to them. In one incident, Target flagged a teen mother-to-be's pregnancy based on her activities before her family even knew. The barrage of advertisements for diapers and formula tipped the poor girl's father off.

The insidious thing about this kind of private surveillance system is that it's just so convenient. Most people—yours truly included—regularly swipe away without thought to the trail of breadcrumbs that our transaction graph reveals each day. Marketing is annoying, sure. And everyone knows that if we do something illegal, our transactions can be evidence in court.

But we rarely, if ever, consider just what a perfect surveillance system our payments network could be, as those Cold War theoreticians first brilliantly surmised in 1971.

The nice thing about this kind of private surveillance system is that we don't need to participate. The KGB does not force us to use Visa. We have the freedom to use cash or even cryptocurrency to preserve our privacy if we choose. Most people don't, of course. But we still have that right, and cryptocurrency transactions, while still maturing, are becoming more accessible and private all the time.

The freedom to use physical and digital cash is precious, but it is unfortunately not guaranteed. As Jerry Brito of Coin Center has pointed out, there is a movement to do away with cash altogether. Many commentators see it primarily as a way to facilitate crime or thwart central bank plans. Others attack cryptocurrency for similar reasons.

But as the recent protests in Hong Kong demonstrate, doing away with cash would leave us at the mercy of governments and financial institutions that do not always have our best interests in mind. Even if you don't use cash or cryptocurrency in your day-to-day life, it's an important exit option to appreciate and defend.

Maybe this Cold War thought experiment won't convince you to cut your cards altogether. But it should give us all food for thought of what we have to lose if the alternatives to our payments infrastructure are taken away from us.

NEXT: Bernie Sanders Leads the Anti-Charter School Charge 

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. What kind of illegal transactions does one undertake using visa?

    When you combine the frequency of online transactions, the increasing inconvenience of acquiring cash in some areas and the populations general lack of concern for their own privacy it seems like only a matter of time before cash is a memory.

    Efforts like Libra are more likely the future of crypto currency than any type of privacy enabling technology.

    1. “What kind of illegal transactions does one undertake using Visa?”

      Um, how about anything that *wasn’t* illegal when purchased? If Big Data can discern when browsing the internet or purchases at Wal-Mart are cues to pregnancy, there’s certainly much information to be gathered–by friend or by foe.

  2. The trick is to make any transactions you want to be anonymous to be anonymous.

    Current banking, telecommunication, and taxation laws make that almost impossible.

    For example, credit cards are tied to persons so any use can be linked to a real person. Bitcoin is more anonymous. Gift cards could be used but unless you pay cash, some bank can link the purchase of the gift card to a person.

    An identity is tied to most ISP accounts where most people dont have anonymizing IPs and government uses IP addresses to track people.

    Most people have cell phones tied to an identity and therefore everything you do is tied to that person. Some people have burner phones but even then companies like Walmart used to require an ID to be linked to the cell account.

    Even if you get around those two things, another way for government to link people with electronics used to anonymously use the internet is taxation and the records of who pays those taxes.

  3. Cash is liberty

  4. This world sucks and getting worse.

  5. I read an article about a year ago describing how global banksters, at one of their intergovernmental meetings, want to do away with cash because it inconveniences them, and governments want to do away with cash so that their databases will be completely accurate on every living being on the planet. Another route for them to Orwell’s 1984. Absolute power still absolutely corrupts…..

  6. Corporations count on people being lazy and people don’t disappoint them. Out of the 80 or so people at the shop where I work, I am one of two that gets a paycheck. BTW, in IL they have to pay you with a paycheck if you want it. My employer forced us into direct deposit until I printed and circulated a copy of the state law that states our options. When I switched banks a few years ago I had to find one that didn’t charge you for not having one of those stupid debit cards. The air pumps at gas stations have card readers on them now. The list of lazy bullshit goes on and on. Like most things, the blame is squarely on the lazy, apathetic masses.

  7. Thanks for giving great kind of information. So useful and practical for me. Thanks for your excellent blog, nice work keep it up thanks for sharing the knowledge.
    On Click Technologies

  8. This is a really important question, I think that everyone should understand it, I will share your article to all of my colleagues, thank you!
    Tim, web developer from

  9. Excellent and nice post. This is such a great resource that you are providing and you give it away for free. I love seeing that understands the value. I’m glad to have found this posting as its such an interesting one. if you have a query related to Quick Heal Antivirus Click the link below:-

Please to post comments

Comments are closed.