Thursday, January 9, 2014

Preventing a Big Data Backlash: Information Security and Privacy Protection in 2014

Hindsight is a weird thing. Profound events come to be known not by virtue of major human advancement or scientific discovery, but by living. By being another day older. On June 4, 2013 few people knew the name Edward Snowden. By the following day Edward Snowden was fast becoming a household name as Americans and citizens around the world learned of the scope and clandestine nature of the CIA’s domestic and international surveillance programs, leaked by the 29-year-old government employee.  
Very soon terms like PRISM, XKeyscore, Tempora and metadata entered our lexicon. Snowden, it’s been estimated, stole nearly 2 million classified government files and by multiple accounts, much of the information contained within those documents has yet to be leaked. By December 2013 TIME Magazine had selected Snowden as the runner-up for The TIME Person of the Year, referring to him as the “Dark Prophet.”
I’m not so sure about the prophet reference but if Americans (or anyone else) ever needed a reminder of just how vulnerable our digital data could be, Snowden’s actions are proof. 
The Year of Data Breach Disaster 
Beyond Snowden’s data leaks, 2013 was a year filled with numerous data breaches and failed information security measures. Deal-of-the-day website LivingSocial was hacked, 50 million Evernote user passwords had to be reset, the Washington State Administrative Office of the Courts was broken into, big box retailer Target announced that up to 40 million credit and debit cards used around Thanksgiving had been illegally accessed, and in the closing hours of the year, photo sharing app Snapchat discovered that nearly 5 million of its users had their personal information (including most of their phone numbers) posted on the unlawful website, 
Wow. And you worried about your front door being locked. 
Yet so far none of these incidents have caused a massive data backlash like they would have several years ago. Investment in big data – systems that accumulate enormous amounts of information in order to derive business intelligence or consumer insights – remains robust, estimated to be worth $47 billion by 2017. And a survey conducted by the Allstate/National Journal Heartland Monitor just days before the NSA story broke found that 85% of Americans already believed their phone calls, email and online activities were being monitored. The consensus being that to some extent, data breaches are not a big deal and that we’ve given up our privacy and ownership of personal data for “access” to social sites and apps that are supposedly helpful to our lives.  
But trends moving in opposite directions aren’t sustainable. Sooner or later, a data security breach of such magnitude will occur that consumers will very genuinely be scared out of their complacency. Imagine if some act of cyber terrorism undermined the US power grid, putting millions of us in the dark for days or even weeks? Or what if a massive digital identity theft scheme undermined the federal government’s ability to function as a distraction tactic or prelude to more serious violence?  
Backlash Whiplash? 
The trickle-down from such scenarios would have a chilling effect on many industries, including airlines and travel companies as well as advertisers and their third-party technology providers. If some of our most vital governmental and infrastructural institutions can be so easily undermined, how will airlines convince passengers that the more data they share with them, the better and more efficient a flying experience they will enjoy?  
Likewise, advertisers and retailers are some of the most aggressive collectors and users of big data metrics. If the data we as consumers readily relinquish to these companies isn’t made secure, in time our complacency will erode and the big data investment statics estimates mentioned above will fall flat. After all, retailers and advertisers were plenty profitable before the age of big data, anyway.  
As 2014 gathers momentum, it’s time airlines, advertisers and retailers become highly transparent about how the metrics they collect are being used, who that information is being shared with (or sold to) and what steps are being taken to ensure that personal information is as secure as possible.  
By many accounts, 2013 was a disturbing year in terms of data breaches. What the year ahead holds is really anyone’s guess.  
Except, perhaps, Edward Snowden.

No comments:

Post a Comment