The infamous East German secret police—the Stasi—have nothing on 21st century corporations when it comes to extracting personal information from individuals. Adam Tanner, author of What Stays in Vegas: The World of Personal Data—Lifeblood of Big Business—and the End of Privacy as We Know It, knows this from personal experience. He told a crowd at the Goethe-Institut Los Angeles that the Stasi had 10 agents following him at one point, trying to figure out what he was up to as he traveled around Germany asking suspicious questions before the fall of the Berlin Wall. It turned out he was researching a travel guidebook—an idea alien to the secret police at the time.

Today’s consumer files and dossiers are much more insightful than the Stasi when it comes to knowing where we live, who we are, and what kinds of things we like. Tanner, a veteran journalist who is now a fellow at the Harvard University Institute for Quantitative Social Science, recalled when he first realized how easy it is to track down anyone, including politicians and celebrities. After President Gerald Ford’s death, Tanner decided to write a piece about Chevy Chase’s famous Saturday Night Live impersonations of the president. Tanner managed to find the phone number of a woman he thought was Chase’s wife online. The number turned out to belong to Chase’s daughter, who was skiing with her father—who eventually called Tanner back.

“No one is exempt from this gathering of information,” said Tanner. So, he wondered, who is gathering the information, how do they do it, and what impact does it have on us?

The data gatherers range from Led Zeppelin guitarist Jimmy Page (whose website cannot be entered until visitors submit a name, e-mail address, date-of-birth, and other information) to Las Vegas casinos.

Casinos, in fact, are pioneers in this kind of data collection. They’re aided by Las Vegas being the wedding capital of the world—marriage requires public records—the massive number of surveillance cameras in casinos (up to 5,000), and consumer loyalty programs.

Casinos have mastered the art of using loyalty programs and the latest technologies to keep their customers happy. Tanner recalled spending time with a casino manager whose cell phone would alert him to the name and location of a customer, where he ranked in a loyalty program, and how much he gambled on a typical visit. The manager could not only greet the customer by name but—knowing if the customer was winning or losing more than average—offer coupons and other perks customized to his preferences. Even if the customer were down $700 that day, a pair of free Elton John tickets—the casino knows he’s a music fan based on previous purchases—might prevent him from heading across the street to try his luck at a different business.

This level of data sophistication, said Tanner, crosses many sectors of the economy. “Lots of these technological revolutions are great and have made our lives better,” he said. “At the same time, there’s this side effect of things that can be uncomfortable.”

Tanner recalled that he attended a direct marketing convention to see what kind of information was for sale. Wandering among booths, he found a company devoted to medical lists—one of which identified “1.8 million men who suffer from erectile dysfunction” by name, address, phone number, and e-mail address. The company told Tanner that this information had been volunteered by the men on the list—but balked when Tanner said he wanted to buy 1,000 names (for $85) and ask the men whether or not they knew they were on such a list.

A lot of information we enter online puts us on lists without our realizing it, said Tanner. A website that helps high school students search for college scholarships does a strong side business in selling the detailed information supplied by students in their applications, from sexual orientation to parents’ ailments. Such sites are rarely transparent about the fact that they share our information; usually, disclosures are hidden in long, confusing privacy policies—the “fine print”—that even lawyers find difficult to decipher.

There are still more threatening ways our data can be used. Mug shots are public documents. Before the Internet came along, however, these public documents would be found in courthouses—only dug up by someone looking for something specific. However, www.bustedmugshots.com now collects and posts millions of the mug shots taken each year, along with names. If you are arrested and photographed, an online search for your name will lead to your mug shot. However, if you’re willing to pay the website $100, it will be taken down.

“When you post data or share data about yourself in today’s world,” said Tanner, “it’s up there for a long time, perhaps forever.” Little pieces of information about an individual can be assembled—like a mosaic—and then shared with everyone.

So what can be done?

We can be more careful about what we post online, or what we purchase online. But companies can also be a lot more transparent about how they share data—and provide us with the option to decline to share our personal information. Tanner predicts that the companies that are most open about how they manipulate our data will win customer loyalty in the long run. And the companies that surreptitiously gather our information will feel a backlash.

“It’s not a totally negative picture, but it’s worthwhile to know what happens behind the data curtain,” said Tanner.