OPINION: The latest breach of privacy – a huge breach from Facebook as it turns out – has put the issue of the security of digital data back into the spotlight.
It has been there before – in New Zealand with at least a couple of Government departments – and I reckon it will be there again. I see that Mark Zuckerberg, the President of Facebook, has promised to tighten up the operating rules to prevent such breaches occurring in the future. The prospect of regulating the social media has also been raised.
Both suggestions need to be taken with a grain of salt.
Regulation might make users of social media feel safer but it is unlikely to be more than superficially effective. Effective regulation of the internet is extremely difficult and I suspect that whatever is put in place, plenty of people with the right expertise will find ways around it. However, at least regulation gives clear signals about what is acceptable and what is not.
Tightening up the operating parameters or rules for social media like Facebook is likely to be more effective than regulation but the reality is that it is almost impossible to make the rules unbreakable. There is not a system in the world that cannot be hacked by someone who has the skills and patience to find a way in. And we are not talking about a handful of top experts either. There are unfortunately significant groups of people – often youngsters (relatively speaking) – who take great delight in demonstrating that they can hack their way into any system on earth.
The reality is that digital data – once it has been placed on any device that is connected to the internet – is in essence no longer guaranteed to be private. In fact, a realistic operating assumption is that that if you really want to keep something private, stay away from the internet. Conversely, if you place digital data on yourself on devices connected to the internet, make sure it is data that would not cause serious difficulties if it got shared with millions of other people. Because it could be.
This will not affect many people. In my own case, I can’t think of much that is accessible via the internet, e.g. emails, that I would worry about if hacked. And let’s face it much of what goes on your computer is pretty mundane stuff that is mainly of interest to ourselves and maybe our friends and family.
One of the other pitfalls of digital data is that it can so easily be released to literally millions of people if someone makes a simple mistake like hitting the wrong key on a computer. It is hard to prevent simple human errors like this happening, without imposing quite draconian procedures which would have time and cost implications. Any organisation which has multiple clients – and that means almost all organisations – is subject to this problem,
Personally, I am not a member of Facebook because I don’t feel the need to share information through social media. And I freely admit that this is in part a generational thing. My grandchildren spend what seems like almost all of their time on their smart phones creating and exchanging data with friends and others.
I am old fashioned enough to think that good old-fashioned pen and paper have a lot going for them from a security point of view. Of course, it is possible to steal paper documents and there have been celebrated cases of documents being left in a public place by mistake. But the damage is usually limited and relatively easy to contain.
Sure, if people have the expertise and desire they can access paper documents. But the process is usually more difficult that for digital data (digital data can be accessed by someone sitting in front of a computer and not even leaving the room). With physical documents there has to be a physical contact of some sort with the extra complexities and risks that entails.
So, no information is absolutely safe and secure. The best that can be done is to identify the information that warrants being kept secure and use the best technology available and appropriate to try to keep it that way. It is also useful to have a plan worked out for dealing with the release of “secure” data against your wishes. The nature of the plan will depend on the nature of the data. The aim is not to be caught by surprise but to have thought in advance about how you would react and contain any adverse impacts.
By Bas Walker
This is another of Bas Walker’s posts on GrownUps. Please look out for his articles, containing his Beachside Ponderings.
Join the Discussion
Type out your comment here:
You must be logged in to post a comment.