Quick Thought – The Data Isn’t Safe – Bake in Privacy and Security
|

Quick Thought – The Data Isn’t Safe – Bake in Privacy and Security

Of course, when we create new laws or tools, we focus on the problem in front of us. Whether that be, in this case, trying to enforce an age restriction or requiring identity verification in some odd attempt at making it more difficult for people to engage in anonymous speech, we too often forget the details of how that would work exactly.

Shared Links (weekly) Sept. 4, 2022

Shared Links (weekly) Sept. 4, 2022

Linked: Data From Fake Legal Requests Used to Sexually Extort Minors
|

Linked: Data From Fake Legal Requests Used to Sexually Extort Minors

In this case, we have an emergency process. There are good reasons to have that process, if someone is threatening violence to themselves on social media, it’s useful for the tech company to share some information with law enforcement so they can be reached. But, having the ability to get that kind of response from tech companies is also an invitation to hackers. If they can create a fake emergency request they can collect personal information about any user. They can then use that information to target that individual.

When you create that kind of system, the request needs to be coming from a safe, verified, source. When the source is compromised, and the receiver doesn’t have an excellent validation process, bad things are going to happen.

Because when you have that kind of data, people will try and do bad things with it.

Linked: Data breaches happen constantly and there are very little consequences
|

Linked: Data breaches happen constantly and there are very little consequences

This is the crux of the problem. Personal information is going to be breached, eventually. There is no 100% secure data. None. No business, government entity, non-profit, or any other place that collects and stores data is completely secure. The only true security for personal information is to not have it. To have not collected it or delete it once it’s no longer needed.

That is the radical re-think that is necessary. It’s also the complete opposite of everything these organizations have been taught and incentivized to do. If we are going to pass federal privacy laws, this should be the central theme.

Shared Links (weekly) Feb. 13, 2022

Shared Links (weekly) Feb. 13, 2022