Privacy and the Bloomberg Terminal
posted by William McGeveran
The privacy scandal of the week involves Bloomberg terminals, reporters, and Wall Street traders. It started making the rounds of the financial press in the last couple of days and today reached the New York Times, which led its story by declaring that a “shudder went through Wall Street” in response to the revelations. But as with many of the periodic Facebook privacy scandals, this one is only surprising if you haven’t been paying attention. And it distracts the press and the public from more serious matters.
The story, in a nutshell: a Bloomberg terminal like the one in the picture sits on every trading desk. It is the central platform for managing a constant stream of information about market activity, financial news, economic data, and much more. By making this very expensive equipment a necessity, Michael Bloomberg (now New York’s mayor, of course) built a multibillion-dollar empire and made himself fabulously wealthy.
From the beginning, company employees have been able to look up individual Bloomberg subscribers and scrutinize their most recent activity in the system. That may make some sense for sales and technical personnel (although even then it probably ought to have been more anonymized than it seems to have been). Unfortunately, that access also extended to journalists at the many news outlets that have been added to the Bloomberg corporate family over the years. And these reporters appear to have mined that data routinely for tidbits that might have helped with their stories.
Don’t get me wrong, this is not an example of good privacy practices. But it ain’t exactly the allegations of pervasive bribery, eavesdropping, and hacking by journalists in the employ of Rupert Murdoch. Quartz has a pretty good explanation of the data that was available. Primarily, it boils down to the last time a person logged in, the “functions” used (essentially, what general categories of information services were accessed, such as reports of corporate bond trades), and the transcript of any online customer service chats. Crucially, Quartz notes, “Employees can see how many times each function was used but not further details, like which company’s bonds were being researched.” In other words, a lot of it resembles information that many web sites, including news sites, can already glean about most of their customers, particularly those who are logged in. At most, Bloomberg journalists might have obtained some slight lead that would send them on the hunt for more solid information, much as a tip from a source might. In the incident that brought the practice to light, for example, a reporter surmised that a Goldman Sachs partner might have left the firm because he stopped using his Bloomberg terminal.
So what makes this story the source of “shudders” on Wall Street? Not really the magnitude of the privacy invasion, I would argue, but a lot of secondary atmospheric factors that help contribute to the making of a good newspaper story and, thus, a privacy scare. For one thing, as in kerfuffles about Facebook or Google, we have big names (not just Bloomberg, but also the complaining victims who include employees at Goldman Sachs, JPMorganChase, and possibly even the Federal Reserve). We have a ubiquitous technology that everyone has come to rely on, at least within the world of finance, which adds a nice pinch of helplessness to the narrative. We have those terminals, physical presences in the center of the work day, that perhaps can seem a touch more sinister than virtual data mining. Finally, and probably most importantly, we have the Wall Street obsession with information — with keeping your own secrets while ferreting out every bit of information that could affect the price of anything. Ironically, it’s the very same obsession that made the Bloomberg terminal a necessity in the first place. And it isn’t really about privacy in the conventional sense, but about control and competitive advantage.
There are real privacy threats when companies or the government have access to the information we read. Neil Richards has written eloquently and extensively (most recently in this Georgetown Law Journal piece) about the importance of intellectual privacy and its fragility in a world where DRM, targeted advertising, social media, and subscriber analytics all push against the presumptive solitude of browsing and reading. Others, including me, have chimed in. But the genuine threat to intellectual privacy from the Bloomberg blooper seems quite small to me. It’s like somebody knowing you used a library card but not what books you checked out. The real problem with these teapot tempests is their capacity to direct attention to the wrong issues. There is a finite amount of attention for privacy, and I hate to see it wasted on this incident — or on the phantom threat of employers supposedly demanding applicants’ Facebook passwords despite the nearly total lack of evidence that they do.
Bloomberg LP CEO Dan Doctoroff has admitted the company’s mistake, revoked journalists’ access to the data, and hired a new chief data security officer to boot. Speculation about this incident as a real threat to the company appears overblown. Alas, the prospect that such a minor scandal might cause any reevaluation of more serious intellectual privacy concerns seems even more remote.