It's not unreasonable to assume that nothing is secret or sacred online. Companies, hackers, bots, malware, and of course government agencies all track or extract data (as the thinking goes), and that's just the cost of doing business on the internet. But the extent of these privacy breakdowns is greater than anyone thought — even the stuff you decided not to type is fair game for some companies.
In June, Gizmodo reported on NaviStone, a tech company that logs the data you've entered into a submission form, even if you don't submit it, and matches it to your personal identity. At least 3,500 websites are thought to use this service, with a possible 400 others that have used it in the past. The vast majority are shopping and business sites, with a distant third category tracking health. What this means is that NaviStone's customers can use your online behavior to send you physical ads at your home address.
Consumers are not pleased. Last week, mattress-in-a-box company Casper found itself served with a lawsuit; lawyers say the NaviStone software methods violate the federal Wiretap Act, which hit the books in 1968. Social media companies aren't exempt either: Facebook has similar technologies in place, to the extent that it co-published a paper on self-censorship in 2013 with the Association for the Advancement of Artificial Intelligence.
After the growing uproar over privacy concerns, some companies, like Wayfair and the travel organizer Road Scholar, have broken ties with NaviStone. But if you're annoyed and unsettled by the paper ads you're tossing these days, online software like this might be why.