Cyber Security and Privacy: Can You Buy Your Name Back?

Imagine opening up a webpage and seeing a carbon copy of you [your name, SSN, location, photos, friends, etc. on a social media site (like Facebook, twitter, LinkedIn… even craigslist or Yelp)] that you didn’t create. It wasn’t a hack by your friends. It wasn’t set up by a parent or your career advisor… but by someone who has never met or even talked to you.

It might be really really difficult to recover and/or remove what was posted “by you” through that imposing webpage. Your friends and colleagues might not believe you when you explain that you did not post that unsavory blogpost or poorly worded and inaccurate tweet.

For the last few weeks, I’ve been reading intensively about Cyber Security and organized crime. Originally, it was so I would be prepared to respond to a panel for a conference I attended at MIT last weekend. But it extends much deeper than that now. I am much more conscious of aspects of my online presence and vulnerabilities in passwords/access than I was previously. [Not to mention the real concerns I had earlier this week when a glitch in one of the plugins I used for a wordpress platform shut down the site until someone from IT could login and fix it from the back. I assumed the website had been hacked.]

In Marc Goodman‘s “Future Crime: Everything Is Connected, Everyone Is Vulnerable, and What We Can Do About It” he offers the example of Innovative Marketing as an organized criminal operation that made millions offering “Security software” while exposing computers to further malware and data mining operations through virus downloads. The firm grew rapidly and presented a professional front — employees were on LinkedIn, they were paid well, major companies were using the software… but it was not what it appeared to be. Employees who knew what they were building claimed it was, just a job, it paid well, etc. etc. [Sounds familiar, doesn’t it?]

The Pew Research Center published an article recently presenting their claims that Americans have not changed their online behavior/data sharing despite increased discussions about cyber security and the ways that companies like Facebook package and sell their data. Meanwhile, I’m wondering how much it will cost to buy back my privacy one day, and whether or not the case in the EU against Google will one day mean better privacy options for the US. Do we have the “right to be forgotten?”

In these discussions, we realize how vulnerable we are. The motives for hackers are sometimes as basic as “I was bored” and sometimes as complicated as “I was protecting justice.” What does justice mean, when the internet is a neutral zone, ungoverned by the laws we abide as physical citizens? Who decides those rules? I was asked recently if I thought it was “tyrannical” for organizations like Anonymous and other “online vigilante groups” to police the DarkNet. I think the question in itself exposes how out of our legal most policy researchers and makers are. Does “Tyranny” within a space as vast and diverse as the internet make any sense as a concept?

When I asked my accountant about how banks handle identity theft… the recovery process is clearly very complicated and really, you might be on your own with that one. In some ways, the internet feels like the wild west. For those of us who have been lucky to live in societies where social “rules” are generally followed and behavior is somewhat predictable, this can be as scary as the dramatized concept of the “Wild West.” For those who grew up in Chaos… this probably feels familiar.

I am thinking a lot about privacy as a commodity right now. Whether or not we will be able to “buy it back.” What “identity” means on the internet, especially hiring programs encourage entry level employees and recent college grads to build clear brands for themselves online. It’s an interesting question.

If nothing else, I am convinced that I need to spend more time working with Python than I have been in the last few weeks. It seems we are now obligated to be at least semi-literate in code to know what software programs are realistic, which ones are scams, and which ones are downright dangerous.