Keeping Up with Sanitation
Good Hygiene for your Data (Part I)
Hygiene is often linked with images of cleanliness and health. It is usually associated with safe drinking water, plumbing or garbage disposal to just name a few. The aim of course is to prevent diseases and infections, promoting a healthier environment. Good personal hygiene is one of the best protection against illnesses, and in this lasting epidemic, it may be the difference between health and death..
Mirrored into the digital world, those same practices apply. Most computer users today are aware of the cookies websites leave behind, data caches and search histories on each of our browsers. The average user however, may not be aware of the possible footprints, logs and history, potential infections if you will, left on random servers across the internet. By practicing a few habits, you can have a safer experience and increase your security online.
Why Security Matters
When talking about data, or bits of information, we’re indirectly talking about information security. Security is a massive subject, you can spend decades, truck loads of money and several university degrees to master it. For brevity we’ll limit our discussions to our our data and later our browsing habits. Information security, at the very surface, is just the practice of mitigating risks through tools or more importantly by habit. If you’ve ever done any activities outdoors, hikes or walks perhaps, you’ll often hear “leave only footprints, kill only time and take only pictures”. In the digital world, even footprints should be kept to a minimum.
I can already hear some of you thinking out loud, “I have nothing to hide. I don’t browse anything illegal. I don’t care about security”. Then I ask, why do you keep your doors locked when you leave the house? Why keep it locked if you have nothing to hide? Your furniture and appliances were bought legally and not stolen? Why do you keep your money in the bank? Why not on the porch? It is not illegal to own money.
We can now agree perhaps that (physical) security is important in keeping your flat screen TV from moving to your neighbor’s living room. Your data then, tied uniquely to you deserves some careful consideration. You’ll get no argument from users that credit card numbers, id cards, passport details, social security, tax identifications are all highly sensitive and should be closely guarded. Possession of these data may allow anyone to use privileges assigned to you, perform transactions and impersonate you. Unfortunately, not many will understand the importance of secondary data, such as the name of your pet, or where you went to high school, your mother’s maiden name. Just take a look at all the data on social media.
“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked” ― Richard Clarke
Value of Data
Promoting users to better security usually meet with some resistance. An argument often heard against enhanced security is: “My data is not important. It’s useless”. I would like to present as exhibits all the current social media platforms. Every single one is free. Yet a multi billion dollar industry has grown up around a business model where your (free) data is used to sell ads, promote products or as discovered recently, to influence political views and spread misinformation. Your data is useless to you, because you are not selling it. For companies that are, they are making a killing. Case in point, in February of 2014 Facebook bought the free chatting app Whatsapp for about $19.3 billion (that’s billion with a B!), Facebook “that is, to pay $30 for each of its 600 million users”. Another example, in November of 2011, Microsoft bought Mojang, the creator of Minecraft for a cool $2.5 billion. At the time, Mojang had just 28 employees. In fact, Minecraft was a hugely popular gaming platform with over 16 million active uses, and 4 million game purchases.
There is no more argument here whether user data is immensely valuable. But what is user data? Login details, names, emails are pure gold for online services. So are birthdays, phone numbers, mail addresses and other verifiable data. In addition to user credentials, user behaviour such as web pages clicked, page visits, time spent on a particular page or application are all invaluable for decision making. Even metadata is useful, from data such as the type of browser, to device brand, screen size, OS version, to the language pack installed and even to the ads that you watch versus the ones you dismiss. In most cases, these data are carefully guarded, encrypted and securely stored. But what of user data produced elsewhere? Have you ever filled out a product registration, consumer survey, or mall loyalty programs? Your new 51" TV came with a free 3 years warranty, of course you fill out the warranty card in detail and send it in. God forbid if it stopped working and the warranty card was not filled. Are these data managed in the same way sophisticated, high tech companies protect your data?
“In a statement, analyst Karen Gullo of the nonprofit organization Electronic Frontier Foundation, a digital rights group, said privacy is a human right”
How Data is Used
Fortunately, in a large majority of cases, your data is used legitimately and companies spend some effort to keep them safe. Until it isn’t. New data leaks, identity theft, hacked servers and security vulnerabilities from some of the biggest corporations are just some of the realities of modern information technology. In the 2010s, personal data belonging to millions of Facebook users was collected without their consent by British consulting firm Cambridge Analytica, predominantly to be used for political advertising. On occasion, data breaches are the result of incompetence from the institutions you automatically trust. In May 2021 the Indonesian Universal Healthcare Agency allegedly let leak 270 million security data of its citizen. These leaked data may eventually end up on some marketplace to be bought and sold.
“I sold my users’ privacy to a larger benefit,” Acton told Forbes. “I made a choice and a compromise. And I live with that every day.”
Whether by malice, greed or sheer incompetence, your information may be exposed one way or another. In the next part of this paper, we’ll look at some of the tools and techniques to limit some of these risks. Despite its reputation, infosec or information security can be had with minimal effort and some free tools widely available. Happy browsing!
Hyperjump is an open-source-first company providing engineering excellence service. We aim to build and commercialize open-source tools to help companies streamline, simplify, and secure the most important aspects of its modern DevOps practices.
- Allcott, H. and Gentzkow, M., 2021. SOCIAL MEDIA AND FAKE NEWS IN THE 2016 ELECTION. [online] Nber.org. Available at: <https://www.nber.org/system/files/working_papers/w23089/w23089.pdf> [Accessed 13 July 2021].
- Baca, M., 2021. What you do on the Internet is worth a lot. Exactly how much, nobody knows.. [online] https://www.washingtonpost.com. Available at: <https://www.washingtonpost.com/technology/2019/10/14/what-you-do-internet-is-worth-lot-exactly-how-much-nobody-knows/> [Accessed 13 July 2021].
- Cbsnews.com. 2018. WhatsApp co-founder: “I sold my users’ privacy” to Facebook. [online] Available at: <https://www.cbsnews.com/news/brian-acton-whatsapp-on-facebook-forbes-interview-today-2018-09-26/> [Accessed 13 July 2021].
- En.wikipedia.org. 2021. Social media use in politics — Wikipedia. [online] Available at: <https://en.wikipedia.org/wiki/Social_media_use_in_politics> [Accessed 13 July 2021].
- Nield, D., 2021. All the Ways Facebook Tracks You — and How to Limit It. [online] Wired. Available at: <https://www.wired.com/story/ways-facebook-tracks-you-limit-it/> [Accessed 13 July 2021].
- Privacyrights.org. 2001. The Information Marketplace: Merging and Exchanging Consumer Data: Comments to the Federal Trade Commission | Privacy Rights Clearinghouse. [online] Available at: <https://privacyrights.org/resources/information-marketplace-merging-and-exchanging-consumer-data-comments-federal-trade> [Accessed 13 July 2021].
- Shaw, D., 2020. Does being ‘TikTok famous’ actually make you money?. [online] BBC News. Available at: <https://www.bbc.com/news/business-50987803> [Accessed 13 July 2021].
- Statista. 2021. Statista — The Statistics Portal. [online] Available at: <https://www.statista.com/markets/424/topic/540/social-media-user-generated-content/#statistic4> [Accessed 13 July 2021].
- Steele, C., 2020. How Much Is Your Personal Data Worth?. [online] PCMAG. Available at: <https://www.pcmag.com/news/know-your-datas-worth> [Accessed 13 July 2021].
- YULISMAN, L., 2021. Indonesian govt says social security data breach much smaller than claimed. [online] The Straits Times. Available at: <https://www.straitstimes.com/asia/se-asia/indonesian-govt-says-social-security-data-breach-much-smaller-than-claimed> [Accessed 13 July 2021].