Adversaries¶

Every well-tended garden has uninvited guests—some chew at the edges, some uproot your hard work entirely, and others simply trample through with a clipboard and bad intentions. In the lush digital greenery of your life, these are the folks rooting around your personal data, intentionally or not. Knowing them helps you decide when to prune, when to compost, and when to build a very large wall.

Data Scientists¶

Armed with Python and plausible deniability.

Not all adversaries come in hoodies. Some wear lanyards and call it “insight.” With access to mountains of data, data scientists build models that can de-anonymise individuals faster than you can say “training set.”

Telltale behaviours:

• Linking datasets that were “totally anonymised, promise.”

• Identifying patterns in how you walk, type, or browse.

• Blaming the algorithm when things get creepy.

Advertising ecosystems¶

The hydra of your browsing history.

Online ads aren’t just about persuading you to buy trainers. Behind the banners is a vast network of trackers, bidders, data sharers, and shadowy observers. Your clicks are currency.

Garden crimes include:

• Real-Time Bidding (RTB) that leaks metadata faster than a gossiping robin.

• Behavioural profiling from innocent-seeming interactions.

• Tracking even when you don’t click—just by loading the page.

Data brokers¶

Your life, sliced, diced, and monetised.

Data brokers love a messy garden. They hoover up the data trails you didn’t know you left behind—searches, purchases, movements, and moods—and sell it off to anyone with a budget.

Key trades:

• Matching your online habits with offline identity.

• Packaging and reselling your data to… well, just about everyone.

• Operating in the legal shadows, with “opt-out” systems no one finds.

Black markets¶

Where data goes to die. Repeatedly.

Not all data stays within the warm embrace of marketing. Once breached, leaked, or scraped, it often ends up traded on dark web forums where anonymity is a feature—not a concern.

Compostable activities:

• Selling full identity kits (PII, financials, logins).

• Offering access-as-a-service to compromised accounts.

• Laundering stolen data back into above-board systems.

Marketers & advertisers¶

Your inbox is their playground.

Distinct from the advertising ecosystem machinery, these are the folks actively planning campaigns and testing messages—armed with segments built from your behaviour.

Typical tactics:

• Hyper-targeted emails that know too much.

• A/B testing your click habits.

• Buying lists that were “ethically sourced” (with a wink).

Insurance companies¶

Risk assessment with a side of intrusion.

Insurance used to be about age and postcode. Now, it’s about lifestyle, spending, health data, and what your fridge says about you.

How they root around:

• Buying data to predict “risk” and adjust premiums.

• Profiling health and habits from online behaviour.

• Using wearables and trackers as feedback loops.

Employers¶

Smiling in interviews, snooping on socials.

From pre-hire vetting to post-resignation surveillance, employers increasingly use data to measure, predict, and control.

Unethical gardening:

• Social media monitoring (with or without permission).

• Employee monitoring software (“just for productivity”).

• Buying datasets to screen applicants “objectively.”

Law enforcement¶

Lawful, but not always proportionate.

Data access in the name of safety is a slippery slope. Agencies can and do request logs, metadata, device access, and more—and not always with rigorous oversight.

Trowels in hand:

• Surveillance and interception under wide mandates.

• Pressure on platforms to weaken encryption.

• Use of predictive policing based on opaque algorithms.

Grey hats¶

In the garden after dark. Helpful? Harmful? Depends.

They exploit vulnerabilities to prove a point—or for the thrill. Grey hats sit awkwardly between researchers and criminals, sometimes handing in bugs, sometimes selling them.

Mixed bag habits:

• Unauthorised data poking “for science.”

• Accidental exposure of sensitive systems.

• Disclosure with conditions, timing, or drama.

Politicians¶

Regulate, confuse, and occasionally campaign with your data.

From GDPR to ad microtargeting, politicians often sit on both sides of the privacy fence—demanding protections while quietly exploiting the system for elections.

Unreliable sowers of seeds:

• Crafting regulation with loopholes you can drive a tractor through.

• Partnering with platforms for campaign data.

• Using fear to justify expanded surveillance.

EU Regulators¶

Slow-moving but sharp when provoked.

They write the rules that force everyone else to behave—or at least to pretend. While not adversaries in motive, their enforcement shapes the risks you face.

Pruning shears include:

• GDPR, ePrivacy, and the right to be forgotten.

• Crushing fines for data abuse (when they finally land).

• Ongoing tug-of-war with Big Tech over sovereignty and control.

From the perspective of users, the GDPR can also be seen as an arrogation, a law tool for the normalisation of appropriation of their data.