This spring, we woke up to the dawn of a brave new era in the world of data collection and online privacy issues.
Recent events across the globe are sure to shift the market and increase your level of personal risk. Are you prepared?
As the founder of a network and software technology business, I’ve made it my business is to help people protect their privacy, identity, data and best interests when they go online.
But only savvy business leaders and consumers, ever-watchful of new developments and ready to safeguard their interests, will be able to meet the new challenges the changes will bring.
What are the recent changes we need to be aware of?
There are three major events you’ve likely heard about in recent news reports that are causing shifts in the marketplace.
First, in April, the Cambridge Analytica data breach impacting Facebook users was uncovered. Just a short while later, in May, a little more than two years after the European Union adopted the GDPR, the new data regulations were officially enacted.
And in June, net neutrality was repealed.
Those three events will forever change how we use the internet and do business online.
Not only is your privacy at risk, but well-intentioned attempts to protect consumers could open up more issues and problems for all.
How?
The privacy issues around the Cambridge Analytica data breach are obvious and should serve as a cautionary reminder for everyone who uses the internet.
All consumers must remember that nothing in life is free. When you generate content using a public platform, that data is available to everyone — including hackers and others up to no good.
Which platforms are taking your data and selling it?
All of them. We often think of Facebook first because of the connection to Cambridge Analytica, but all social media channels, websites, search engines and online browsers are using your data right now.
Think about it. Savvy internet users are aware that the images, check-ins, status updates, reviews and other content they create are often open to the public.
But did you realize that the current culture of data mining and collection goes beyond the content you create and share, to include the information about what you search for and watch?
Did you know those data points are used to customize advertisements and even search results?
Since the Cambridge Analytica news story broke, there has been much speculation on what it means for privacy online and how consumers might respond.
Legislators have even stepped in to make attempts at providing protection.
But measures such as the GDPR may ultimately cause more problems than they solve.
In adopting the GDPR, the European Union made an attempt to help protect consumers with new regulations adopted in April 2016. The idea was that all consumers should be able to request information about the data being gathered on them and then to request that data be deleted if desired.
While I can acknowledge that legislators made a good faith attempt to protect consumers, I believe that ultimately they have caused even more problems.
By opening the door to requests for data, legislators have unwittingly opened another door for hackers and bad actors to commit identity theft and fraud, and potentially erase important data as a method of sabotage.
How Hackers Can Use The GDPR
When we think through the potential consequences, two primary means to exploit the GDPR become readily apparent. First of all, hackers can use the law to pose as individuals and request a file of their personal data. It’s a scary thought, but bad actors now have another means to steal your identity, even beyond credit card information or date of birth.
They can track your photos, movements and preferences to put together a profile that could be used for just about anything.
Imagine the nightmare of having to clear up a case of identity theft using so much of your personal information.
Now imagine what would happen if hackers, foreign governments or malicious corporate espionage attempts opened up the potential data erasure of all of your identifying information.
Anyone could gain access to your data and then erase important documentation, such as payment, credit, health or other histories.
In fact, there are many potential consequences for individuals.
But there are also potential repercussions for organizations. How will organizations manage those requests for data and verify identities?
Who will be held responsible for the burden of verification of those requests, and who will suffer the consequences if a mistake is made and data is released to a hacker?
These aren’t just potential threats.
I’ve already seen an increase in emails to my own organization requesting information required by the GDPR.
Our organization is vetting those requests very carefully, and I believe we’re already seeing scammers try to take advantage.
Online Security After The Repeal Of Net Neutrality
Finally, it’s worth mentioning that the repeal of net neutrality will certainly have an impact on consumer privacy. Without these regulations, corporations will be able to do more than throttle your data usage. They’ll also be able to have unrestricted access to data mine, even if you’ve set your privacy settings at the highest possible level.
What does all of this mean for the future?
I believe that lawmakers are opening Pandora’s Box as they try to solve the problems with misguided attempts at deregulation and legislation.
I believe it would be better to maintain FCC regulation of the industry.
I’m also advising business leaders to prepare for changes by rethinking how they store their data and to begin a move to using the private cloud and private networks for collaboration.
And for consumers, I’ll share the same advice I give to my daughter: Don’t assume that you have privacy online, ever. If you have something to share that you don’t want others to see, don’t put it on the internet.