Data Scandals: Turkey, Samsung and more
When I did my presentation on data during World Water Week in Stockholm, I mentioned about how privacy is important in the data era. I gave several examples but when I showed “Ashley Madison” as an example, half of the audience laughed at my slide which was only screen shot of the front page of the website. If you haven’t heard, it is a dating website for married people. Do not get me wrong, not a dating website to marry but dating website for married people, platform for infidelity, basically. At that time, at least 2 people committed suicide, lots of people had social reputation problem. It became obvious that platform did not keep data with proper security, not only that, but also did not encrypt the collected data. You may make jokes about these issues and try to have fun as much as you want but It is not about ‘stupid infidel peoples dating life’; it is about all of us. It is about our life!.
Why am I writing about a presentation that I did months ago? I will explain it now:
I do not want to blame only Samsung here, Google, Microsoft, apple all have similar approach, regardless whether they use this data or will use this data to monetize or not, but we all know for sure one thing: they collect it! collecting “anonymous” data from our browsers, from our computers, had a new extension that whenever we use speech recognition or even when we do not intent to use it but talk in front of our TV, our voice is also collected and stored. Hmm Do we need to whisper at home?
“Honey, TV is on, please whisper!”
When ownership/leadership of these companies changes constantly and when we know some of them do not hesitate to cooperate with dictatorships when it is about stake holder (investor profit) value, can we trust them? What if information that is not supposed to be collected and stored, is collected and stored on some servers? What if information that is not supposed to be shared is being shared?
Second, yesterday hackers released database of Turkey National Police which stores almost 46 million citizens of Turkey. Now you can download almost 20GB of database (compressed 2GB) on your computer. It is shared by anonymous team but as far as I heard from some other sources, database was already available on the net, without proper security and anyone who had some knowledge could just download the data and It just happened
You may think it is a hack etc but did you know that state has already sold this data to a private health company, DATAMED ! Can you imagine that a state is selling all of their citizens database to a private company?
Governments and public bodies, creates, collects, stores and holds lots of critical information about us. It is not only our name, street address and registration number. It is our health data, it is our videos recorded by security officers, it is our photos and voice recordings when we enter and leave the countries at the airport. It is our photos (and may be even voice) when we stop at stoplight, it is our finger prints when we enter (some) countries or get a new passport and driving license. Isn’t something wrong with that? I just want to travel, or get a service which has to be provided by state, does these organizations has to collect all these info?
How much can we trust government? Can we check what is collected about us and how secure these things are stored? Do we have any measures if it is not protected correctly?
These things show why and how data privacy is very important for citizens.
But I have to make a distinct difference here. When government representatives talks about privacy and security, they ONLY refer privacy and security of government files. The problem with that context is that, these governments do not care about privacy of citizen data, do not care about privacy of, basically, “mydata”.
How much can we trust that google, Samsung, Microsoft and any other private companies will protect our data? What gives them this right to collect so much information about every one of us, every device of us?
Why governments and public organizations and NGOs cannot check what is collected and stored not only by private companies but also government organizations?
We put our trust in governments, they are not able to protect our data, we put trust in government, they do not do anything to protect individuals, we put trust in private companies but they are being hacked and they are, in basic terms, are private companies.
Google, Microsoft, Samsung, Facebook and all governments, human right activists, citizens need to understand more broadly that ignoring personal privacy in the data era, we not only let invasions of our personal space , but open the door to future abuses of power.