Give me the key to your home
Posted in: Commercial Insurance
Our privacy and the potential impact of data giants in our lives
The information discussed by Marc Goodman in his book Future Crimes is mind boggling. Just when one would grasp all types of cyber-risks and prepare for every possible exposure, a whole new set of concerns is coming to light with the widespread application of social media and search engines.
Cybercrime impacting business and government organizations of all shapes and sizes is increasingly discussed in the news because of the frequency and size of breaches. Banks, retailers, and hospital systems have been hacked and data was stolen or compromised – to the tune of millions to hundreds of millions of records.
Our awareness of cybercrime at the corporate or organizational level is growing, but most of us do not fully grasp the implications of using technology when it comes to our personal lives. Outside of financial and personal information, the average consumer holds other pieces of information that when pieced together are incredibly valuable. Most of us are hesitant to share credit card, financial or personal information, yet how often do we unknowingly or willingly accept the Terms of Service of an app or social media site? By doing this we voluntarily grant access to our lives and possibly become vulnerable in new ways that we as a society have yet to fully grasp.
The fuel in the data giants’ operations
The computing power and infrastructure to house the world’s social media engines are massive and have data centers nationwide and in foreign countries with ‘hundreds of thousands of servers’ (Facebook’s Najam Ahmad, June 2013). That number continues to grow and may have doubled in the last few years.
How could Google, Facebook, Twitter, YouTube, LinkedIn and other similar technology businesses continue to provide free services, yet afford to quickly become global phenomena when most of them did not exist or were mere start-ups about a decade ago? You might think it is because these companies make their money by selling advertising space – the ads that pop-up or follow you around. To some extent this is true. However, generally there is more to their success.
Pay-per-click advertising doesn’t begin to cover the costs of their massive growth. But you know what does? YOU! We’ve given social media networks, search engines and geo location applications permission to gather an incredible amount of information about us because their services are entertaining or useful. And in this process, we, the users, and what we allow others to collect and see about us have become the “product,” which is often sold to third parties without any regard for our privacy. As a result, our willingness to give up seemingly unimportant information about us allows data giants and third parties to develop their targeted marketing capabilities on a global scale that are almost beyond comprehension.
The implications of the unfathomable Terms of Service (ToS)
When we agree to the service terms of many sites, we voluntarily provide ownership of our data including pictures of our travels, people we connect with, things we comment on, the content we post and a myriad of other details of which we are unaware or willingly provide without fully understanding the value. Social media companies can form a complete picture of you by gathering this information from different sites and sell it to third parties or use it to their own commercial purposes.
Any business can look at your network and the information you post and determine if you are a credit risk, whether you are cheating on your spouse (with 92% accuracy), and see your preferences for just about anything, all of which helps them market and sell to you. On a large scale, this data can be used to examine the purchasing tendencies and new marketing opportunities for target groups. On a much smaller personal scale, this data can even be used to identify individuals. Back in 2013 researchers from MIT and Universite Catholique de Louvain in Belgium found through their research that mobile phone use may be more accurate identifier of individuals than even their own fingerprints. It is not hard to imagine the consequences of this type of information falling into the wrong hands.
A data giant you should be most concerned about regarding your privacy is Google. When Google offers to store your contacts for free, they are actually evaluating the purchasing power of your network. They can also track where you go through their different geo location apps and can monitor who you are communicating with through the Voice app. If someone left you a voice mail asking about pizza for dinner, Google can cleverly target ads to you for Italian restaurants on your way home. Furthermore, by using Google Glass you grant Google permission to capture all the moments of your life, so they can sell the data to advertisers – in perpetuity and as they see fit. And if these examples have not yet alarmed you, then consider this: Google owns the content you create in Docs – and let’s face it, many people store a lot of confidential information on their Google Drives – and is free to use it as it wishes.
What’s even more disturbing is that children likely post the most content on social media and use search engines. As a result, according to Goodman’s research children are the fastest growing group of identity theft victims with over 500,000 falling prey annually. They are an attractive target because it may take years to uncover damage done to their credit. There are other, real threats to children, including physical danger, associated with living their social lives online, which I will explore in my upcoming blog.
Brokering information you and your children freely or unknowingly provide is a $156 Billion per year industry. The NSA’s collection of data may scare us, but they too purchase data that we voluntarily provide from social media providers. According to Goodman one company alone, Acxiom of Little Rock, Arkansas, operates more than 23,000 servers collecting and analyzing over 50 trillion unique transactions per year. It houses information on 96% of American families, and 700 million consumers worldwide.
I’ve got nothing to hide, I am safe
It’s true that most of us have nothing to hide and are willing to make our information available to useful and entertaining apps and products. But what about tomorrow? What’s acceptable today may violate norms tomorrow, and the internet never forgets.
Beyond voluntarily sharing personal information, it is quite difficult for many companies collecting and storing our data to protect all of this information especially when security is often built in as an afterthought or after a vulnerability is exposed. If you believe these social network behemoths have your security in mind – think again. Over 600,000 Facebook accounts are compromised daily, and at least 40% of social media users have been exposed to some form of malware. Our data is virtually floating in the ether with little regulation and oversight. Privacy or the semblance of it is no longer the norm.
What can you do?
It’s actually pretty difficult not to leave a digital trail – we have smart phones with apps and search for information and products. But in most cases it is perfectly acceptable and safe to use new technologies that make our everyday lives more convenient and enjoyable. However, as we continue to move forward into the unknown age of cyber, consumers must become more aware of the implications of using technology and push back against devices and services that invade our privacy or fail to build in acceptable security features.
We must also help new generations of users understand what is right and wrong when using technology. It is also imperative that they learn to automatically consider security and privacy before adopting new technologies. For example, we can teach our children of the threats related to sharing personal information online and monitor what they post on social media.
As consumers we can start to demand that acceptable security features are built into the devices we buy and apps we download. We can begin to accept that we must play a more active role in our digital security and educate ourselves of the risks of sharing too much and minimize the information we leave. As part of our efforts, we should also consider credit and identity theft monitoring as well as making sure our firewalls and anti-virus programs are up to date both at work and at home.
The bottom line is: always operate under the assumption that everything you do or say online is visible to all – tantamount to leaving your front door open for all to explore the sanctity of your home.
Feel free to contact me at FGiachini@psafinancial.com if you have any questions regarding the ideas shared in this post or if you need assistance mitigating your cyber security risks.