Samantha Floreani 

Why should renters like me have to trade away our privacy just to get a roof over our heads?

The rise in real estate tech means renters often hand over huge amounts of revealing information to digital third parties – at great risk
  
  

A woman uses a smart phone at night
Renters now interact with real estate tech at every stage, from submitting applications to paying rent though and logging maintenance requests. Photograph: Jacob Wackerhausen/Getty Images

Would you trade your data privacy and security for housing? Thanks to the rise in real estate technologies, renters often have no choice but to hand over huge amounts of revealing information to digital third parties just to have somewhere to live. All the while we are told: trust us, we take your privacy seriously.

But recent Guardian reporting has revealed that seven popular “rent-tech” platforms have serious security vulnerabilities, leaving millions of documents containing personal information of renters exposed on the open web for years. When they were alerted to the risk, only two of the seven companies responded to say they would put additional security measures in place. Is this what taking renter privacy seriously looks like?

Renters now interact with technologies at every stage of their housing experience: from submitting applications online, to the day-to-day activities of paying rent though apps, logging maintenance requests through digital portals, and being pushed to communicate with chatbots. Some even prompt renters to pay extra to store their data for longer periods. These technologies promise increased profit for landlords and improved efficiency for real estate agents, but what about the renters?

Over the course of my research examining technology platforms in Australia’s private rental sector, I have spoken with numerous renters who have recounted frustrated feelings of being forced to use these platforms, of feeling minimal convenience benefits at best, and of serious concerns about their privacy and digital security. It now seems that those exact fears have come true.

Whenever I apply for a rental, I am astounded by the sheer volume of information about my life that I have to provide: identity documents, years of living and employment history, financial details, and who knows what kind of information collected about me through reference checks. After moving in, the data collection continues with property management platforms storing leases, bank details, as well as a detailed picture of how I live through logged communications, repair requests and inspection photos.

As a long-term privacy advocate, all of my alarm bells go off – but what are renters supposed to do? In the hierarchy of needs, shelter comes first. Most renters know all too well that if you resist, you get labelled as a troublesome tenant. But renters shouldn’t have to trade their digital security for housing. Reading privacy policies offers little assurances except mostly vague promises that this data will be secure. Now, that feels like a sick joke.

And it’s not as though these risks haven’t been highlighted before. In 2023, the consumer rights group Choice highlighted the exorbitant amount of data that rent-tech platforms push renters to provide, noting that 41% of renters felt pressured to use them. Digital Rights Watch called for improved privacy and security protections to protect renters in the digital economy. Public scrutiny in the media has raised alarm over rent-tech “data gouging” and called it a “data breach waiting to happen”. Just last week, a research report published by the Australian Urban and Housing Research Institute raised concerns about the security of renter data – among other things – in this sprawling digital ecosystem. It would seem these warnings have fallen on deaf ears.

For renters to have no real choice but to use these platforms in order to access and retain housing, then to have the information you are forced to hand over left unprotected, adds insult to injury in an already deeply dehumanising system.

Unlike malicious hackers who seek out vulnerabilities for their own gain, the researcher who discovered these problems isn’t interested in taking advantage of holes in the system; they just want the platforms to improve their security to protect the renters (and landlords) whose information had been left dangerously exposed.

But what else could they do? After attempting to go through the appropriate channels by contacting the companies and the Australian Information Commissioner, many of the vulnerabilities were still there months later. Security researchers like this face significant personal risk revealing their discoveries, which can discourage them from trying to improve the digital security of Australians.

Back in 2022, I asked whether we needed to wait for a massive data breach in the real estate sector before we see change. Must we have another breach like Optus, Medibank, Latitude (the list goes on) in order for this to be taken seriously? These platforms are the new arbiters of a housing economy that Australians are forced to rely on; their privacy and security practices must be scrutinised and improved. Thankfully, this discovery has raised the alarm before the worst has happened. It’s now up to the companies, regulators and policymakers to take action.

  • Samantha Floreani is a digital rights advocate and writer based in Melbourne/Naarm

 

Leave a Comment

Required fields are marked *

*

CAPTCHA

*