Originally posted on September 5, 2014
The recent hacking of celebrity iCloud accounts (which
happens to others) and the Home Depot data breach, has the media once again
chirping about the importance of secure data systems. There’s
a lot of talk about how these events bring privacy issues into the light, but I
think it is safe to say that most of us live in a
digital spotlight now. Long gone are the days where data
security and privacy issues reside in darkness.
However, these events are reminders of two realities in the
digital world; 1) technological advances are both freeing and limiting to
individuals; and directly applicable to 2) the evolution and expectations of
As I’ve been writing about business and governmental
viewpoints on data, I haven’t really touched up the individual. The
individual, you and I, are at the very core of data – we provide it to banks
and governments when we use services. But we use communications
technology for personal reasons in ways that are not meant to be public or
seen/used by others, or at least no one outside of our choosing. Intimate
thoughts and pictures obviously fall under this umbrella.
The expectation of privacy in personal spaces is not new,
but technology has altered how we must think about personal space and our
expectations of privacy and who is ultimately responsible for protecting
What is the difference between an envelope containing a
private letter stashed in a drawer, and a personal email with its code held on
a server or your home computer? The letter could be intercepted in
the mail or stolen from our homes or briefcase, but there was a sense of
privacy in those spaces. The email though could be held on a home pc, on
the cloud, accessed from work, or on a mobile phone via public or private
network. Is there an expectation of privacy in all these spaces?
The digital word has physically separated us from our data
and made interception easier from people we will never know or meet. The
expectation of what constitutes private spaces has been expanded, which is why
it is so difficult to control our data, or to prosecute those who steal
it. The account might be managed by a multinational corporation with
offices and servers in several countries, where anyone can access it.
Having what we want or need at any time and anywhere is a wonderful
convenience, but it challenges us to think about how we maintain those parts of
ourselves we do not want others to see.
Recently we have seen a barrage of headlines asking “Can you
trust the cloud?” This question really suggests many things – Can
you trust technology to care as much as you do about your data? Can
you trust that you own and control your data? Can you trust that you
will be the only one to access your data (Insert a million links to the
importance of authentication here)?
Technology is not full-proof. Like the locks on your
front door, there are services that are more difficult to get into (but still
vulnerable), while others are there to keep people honest. It is
important to keep these limitations in mind because whether we like it or not,
we are not in control of them, there are inherent weaknesses (just like the
lock on the door can be picked), and adata breach can impinge on how others
Simply speaking, as individuals we present ourselves in
certain ways to certain people. We tell them things we want them to know,
and withhold other details for various reasons. (The Germans call it Persönlichkeit,
add Recht to it and you get the legal basis for privacy – “the right to
personality”). In a professional atmosphere talking about your home life might
not be acceptable so you don’t share it. You also might feel more
comfortable talking about one part of your life with a friend, and another
person not so much. Your relationships are constructed by the type of
information that people know about you.
When someone steals your private information and puts it on
the web, or controls who has access to it, they are also shaping others’
perceptions about you. Using technology to store or transmit our thoughts
can make data, or behaviors, our view, our beliefs, and our bodies, vulnerable
to exposure when others maliciously break into our accounts and steal our data
– the bits of information that compose the multifaceted existence of our
identities. They are in control of our personas, not us.
So we have choice I suppose. We can stop using
technology because we cannot be certain that we are protected. That seems
like an unfair and unnecessary option. Free flow of information can be a
good thing and it can expose fraud or ill-intent. However, I’ve been
thinking about how security, or the lack thereof, also has the power to limit
my ability to utilize technology in a manner of my choosing. “If
you don’t want something to get in the hands of someone not intended to see it,
then don’t post it to the cloud.” Individuals, and companies then, are
faced with a dilemma which involves a calculation of risk. I want to use
this service, but by doing so I’m exposing myself too.
A recent interviewee commented that my knowledge about privacy issues was unique and that most people were fine with allowing others (government, corporate etc.) to control and use their data for the sake of convenience. While this might be true, he also mentioned that this made me a lucrative niche market for innovation – providers will create services to cater to people like me. As I wrote in Harvard Business Review, I agree with this, but I wonder how much of this is a constraint on my access to technology.
We love technology but our decision to use it and the
consequences of doing so increasingly fall under the discretion of others who
may not hold our personal interests in mind. Why should anyone have to
find a special service in order to feel safe from prying eyes no matter
who that might be? I do not pretend to have these answers, but it is
something that should make everyone a little uncomfortable. It’s
a choice, of course. In the meantime, I’d suggest to keep those
intimate records a little closer to home because there are few protections.