Over the last few days, I’ve seen countless reports, op-ed pieces — even gossip columns and tabloid articles — about the “heinous crime(s)” recently committed online. Now that this personal photo hacking scandal (involving Jennifer Lawrence, Kate Upton and several other popular female media stars) has blown over a little bit, I feel that it’s a bit more appropriate to have an objective analysis of the incident, and the relevant cultural backlash.
More information on the photo leak can be found here:
First, a few facts that seem to have been blurred in the crossfire of opinions.
- iCloud itself was not compromised as a system. The cyber attack was targeted at specific individuals, and employed a combination of social hacking techniques and flaw exploitation. In this particular case, social hacking means that the hackers tried guessing passwords, and answers to security questions; hackers also exploited the fact that Apple’s iCloud password recovery system does not lock out users from making password recovery attempts or logging in, after multiple failures.
- The DMCA allows for legal claims (at the Federal level) to be made concerning personal or copyrighted material published on the internet. These claims are then evaluated and sent to the hosting party/web admin. At this point, a site(s) hosting the material is legally required to see to its immediate removal. The DMCA does not require private hosts like 4chan, Reddit and Google (all of which have a large public user base) to constantly monitor and filter their content.
- Both the theft and the online release of the photos in question are considered criminal activity.
- The official investigation is high profile and being handled by the FBI.
Everything I’ve read so far concerning the iCloud breach has made out the hackers to be wicked, bordering on evil. Posts and articles written by feminists take a very strong (and typical) position about how the leak perpetuates rape culture and demeans the privacy and security of women. Conversely, the anonymous (and largely male) free-for-all communities on Reddit & 4chan were rather grossly excited and welcomed the photos — even setting up dedicated forum threads for easy access. Some writers have criticized the victims of the cyber attack for either having stored the revealing photos on iCloud or having taken the photos in the first place, while others have even written about the concept of hacker’s glory, which may play a major role in motivating hackers to continue hacking and publishing/trading their illicitly obtained data. Regardless of point of view or persuasion, the salient take-away from this incident should be that data organized online is only as safe as its irrelevance. Or more simply put: if the data hidden behind passwords is not important to a potential thief, then it is safe. Any data stored with information giants is at risk of theft; including the likes of (but not limited to) Apple, Google and Microsoft — all of which offer e-mail, cloud storage and instant messaging services.
This issue of flawed internet security has been highlighted countless times over the last decade. Hackers have hacked everything from the credit card information of private citizens to the front pages of major government institutions. And then of course there’s the issue of who the hackers actually are; as Edward Snowden gracefully revealed to American public, introverted teenagers with lots of free time aren’t the only ones hunting and hacking for data. Intelligence agencies all over the world (especially our own) prowl the internet and take as they see fit.
Check out this awesome interactive infographic detailing data theft from the last decade.
This sort of behavior by any party, be it adolescent or secret agent, is considered theft, but not in the traditional sense. I found many op-ed articles likening digital data theft to the theft of one’s home, car or person; an analogy I strongly oppose. The internet is an enormous and dynamic system of networks. Not a neighborhood, parking lot or city block. Stealing from the internet is nowhere near as personal as stealing in real life. It is this impersonal attitude in particular which makes online theft so common and light on the conscience; hackers can effectively rob hundreds and thousands of people with just a few keystrokes. This experience of pulling files off of a remote server is nothing like traditional theft for the hacker or the victim. It’s also worth mentioning that victims of cyber theft are usually not “robbed” of their data. In most cases, the stolen material is simply copied and used without authorization.
It’s probably fair to say (for now) that the vast majority of internet users won’t be affected by online security breaches in any life changing way, but Big Data is coming. Data giants already have comprehensive sets of information detailing the lives of the average user. A combination of the data stored in my Facebook and Google accounts can be used to easily create a very (and almost scarily accurate) comprehensive map of my life. Just the other day, Google Now informed me that I walked 19% more than I did the month prior. As we move forward, even more of our data will be organized in cyberspace. Smart-watches and newer smartphones are beginning to keep track of blood pressure, pulse and even caloric intake; smart-glasses will eventually make it through legal and civil hurdles and revolutionize the way we see the world. It’s definitely high time to take our data security more seriously.