Protecting Privacy, Web Security Becomes Top Issue

Privacy and security are converging, according to a cybersecurity expert writing for the Harvard Business Review. This is due, in large part, to hacks of databases of large companies, exposed in 2018, and the increasing ability for big data and machine learning tools to violate our privacy.

Hundreds of millions of online consumers had their private information hacked in the past year. Facebook’s irresponsibility in allowing Cambridge Analytica access to its database became public last year followed by many other examples. It cost Facebook $119 billion in market capitalization, based on privacy concerns.

Later, Marriott revealed it had been hacked and around 500,000,000 accounts had been compromised. Yahoo was hacked and it may have affected the accounts of 3 billion users.

Unintended Inferences

While there’s no way to guarantee online privacy, consumers can take steps and governments can institute regulations, like the European Union’s General Data Protection Regulation.

Analysts have used machine learning techniques on pieces of writing to determine authorship, so even with privacy, technology can learn information that’s generally not public. Google has been accused of using its Street View database for finding out which car belongs to which politician and party they are affiliated with. Data is power. Unintended inferences are, also.

Andrew Burt, chief privacy officer and legal engineer at Immuta, wrote the report on the trend for Harvard Business Review:

“Individuals and governments alike should no longer expect consent to play a meaningful role in protecting our privacy. Because the threat of unintended inferences reduces our ability to understand the value of our data, our expectations about our privacy — and therefore what we can meaningfully consent to — are becoming less consequential. Being surprised at the nature of the violation, in short, will become an inherent feature of future privacy and security harms.”

Protecting Privacy

It’s estimated that users generate an estimated 2.5 quintillion bytes of data, with more being produced and put on the web every day. Accessing that information can provide so much information about individuals, that legal scholars are writing about restricting the ability of companies to use tools to mine data that violate privacy.

Privacy, as a legal concept, remains valued in the United States:

“Once described by Supreme Court Justice Louis Brandeis as ‘the right to be let alone,’ privacy is now best described as the ability to control data we cannot stop generating, giving rise to inferences we can’t predict.”

Data hacks have become a de facto part of life, but addressing the threats must be the responsibility of the companies that create opportunities for hackers.