Your private life made public
If Jeffrey Burrill's anonymous data isn't so anonymous, neither is yours or mine

I don’t mind smartphone apps that track my whereabouts. That valuable geographic information might be the basis for my alibi should I ever be falsely accused of knocking off a bank. Ha.
That’s the wisecrack I used whenever conversations among friends turned towards data privacy (which, to be fair, wasn’t often). I was ambivalent. Why did I care if Google Maps knew where I went for dinner or if my hiking app had an intimate understanding of where I live, when and where I hike, and how slowly I move when the terrain gets even moderately steep?
The truth is, most people I know don’t talk about data privacy, and on the rare occasions they do, their position is typically one of, “I’m not doing anything wrong, so what do I care if they know where I went?”
That was certainly my sentiment for a long time.
It’s not anymore.
While it may be true that most of us are not committing felonies or marrying multiple husbands in different cities who aren’t aware of each other’s existence simply because it seems like a fun thing to do, we all have pieces of our lives we would prefer not be put on display for public consumption.
It’s called privacy.
Consider all the conversations you have – ranting about a colleague who ticked you off at work, interviewing for a new job your current boss doesn’t know about, sharing personal details with your therapist, telling your doctor about that weird rash that won’t go away, seeking advice from a friend about whether or not to seek a divorce (from one or maybe all of your husbands).
We like being able to choose what information we share with whom. Knowing our doctors told everyone in town about our rash-of-undetermined-origin would make us understandably pissed. Because that is private. We like privacy.
Turns out, though, that when it comes to the apps we use on the daily – to date, to shop, to track our fitness, to drive to a restaurant, to see and share photos of the chocolate cake we had at that restaurant - we’ve had a false sense of it.
I’m not simply talking about the “anonymized” data apps use to deliver us relevant ads while we scroll the interwebs, although that matters, too. I’m talking about private information, tied directly to you, made public.
That data already exists. Right now, “personal data is collected, sold and bought by a tangle of app developers, data brokers and advertising companies with little oversight.” (via Washington Post)
It might not seem like a big deal that some data broker knows you haven’t worked out in three months and ate a half-dozen donuts for dinner yesterday. But what if they shared the “before” photos you took in your underwear at the start of the new year when you were sure you were going to get ripped? What if they publicized the purchases you made to spice up your love life with your romantic partner?
What if the media outed you?
It happened to Jeffrey Burrill.
If you’re not familiar with his story, here’s a quick summary:
Monsignor Jeffrey Burrill was top administrator for the U.S. Conference of Catholic Bishops. The priest stepped down in July 2021 after The Pillar, a newsletter covering “news and analysis about the Catholic Church” and founded by J.D. Flynn and Ed Condon, both alumni of the Catholic News Agency, claimed Burrill was using the Grindr app and frequenting gay bars. (Maybe it doesn’t have to be said, but if he is gay, it’s not information he wished to be made public – just as we understand that my or your sexual orientation is nobody else’s dang business unless we choose to share it. But given his role with the Catholic church, this news carried very heavy repercussions.)
The Catholic church didn’t like hearing Burrill purportedly used Grindr and went to gay bars. And while there’s a whoooooole lot to be said about the church’s homophobic stance and the contradiction between Burrill’s role in said church and his personal life, that’s not why this story got my attention.
The Pillar gained information about Burrill’s private life by accessing and analyzing location data gleaned from his smartphone. The particulars are unclear, but in a nutshell, an analysis of data enabled connections to be made by the locations Burrill frequented – his family’s lake house, the headquarters of the USCCB (where he worked), etc. “[The Pillar] story implies it started with data that Grindr allegedly shared with advertising partners and data brokers in the past that was then legally sold by a data broker.” (via Washington Post)
The Washington Post story adds: “Right now, your smartphone is likely filled with apps that are collecting details about you, including your age, gender, political leanings, GPS data or browsing habits.
“Grindr and other apps have long shared this kind of information with third-party data brokers, which exist in a largely unregulated sweet spot between websites, apps and advertisers. The brokers gather the data from apps, then sell it on the open market to parties that use it for ad targeting, political profiling or even research. It’s a well-established industry but one that doesn’t typically draw this level of attention.”
Holy crap.
Whatever your opinion of Jeffrey Burrill, being outed in such a fashion is terrifying.
It’s private information made public without consent, which is jarring on its own. In Burrill’s case, it prompted his resignation amid a public shaming and Catholic church controversy. For many other people, such an outing could have even more dire consequences.
The Burrill case could seem like an outlier to the average person. His role in the Catholic church made him a more likely target. But in the same way equal-opportunity hackers are just as likely to hack into your grandma’s Facebook account as Betty White’s, we’re all susceptible to having our private lives revealed.
“What stands out about this particular incident [the Burrill case] isn’t that it’s improbable but that it’s the exact worst-case scenario privacy experts have been warning about for a long time.... The biggest shock may be that it didn’t happen sooner.” - via Washington Post