The recent breach of security at an FBI office that resulted in millions of names of iPhone® users being stolen, along with much of their personal information, got me thinking about privacy and security. Every iPhone owner I know, including myself, was a bit miffed the information was there in the first place and why security was so lax.
Every time a security breach happens, the kneejerk reaction is to blame the entity where the break-in occurred. Obviously, every company must take reasonable security measures to protect privacy and proprietary information, but is it reasonable to expect that a determined hacker would be unable to get through these defenses? It’s like assuming house burglars will not find a way to break into your house even though they are determined to steal your antiques? Do you blame yourself for having glass windows in the house that a burglar can break through? How would you feel after spending lots of money to install bulletproof windows and the latest super-duper security lock, you learn a burglar could pick your lock or has a powerful laser that can cut through the glass? We all need to take reasonable precautions, but I would not expect you to lock yourself in a underground bunker and stop living your life, just as I do not typically expect every company to go above and beyond standard required security protocol to protect my personal information.
So where does that leave all of us? If our personal information cannot be completely protected, we have to expect that sometime or another something will be stolen. We should expect some or all of our personal information to become public knowledge eventually. Instead of worrying about how to undo the release of information, a seemingly ludicrous and impossible concept, we should accept this as a fact and spend more time figuring how to mitigate the potential consequences of such an occurrence.
For example, I make a lot of purchases on the internet. Even after I take all the precautions, I still expect my credit card number to be stolen at least once every few years. I check my credit statements carefully and notify the bank immediately. I do not dwell on how the number got stolen, and I do not stop shopping on the Internet. Monitoring and contact with my card issuer is a mitigation strategy. What about important personal information like your social security number or your medical records? As long as thieves cannot use this information to steal my identity, and there are no financial repercussions, I don’t care. Feel free to see the results of my last cholesterol screening or strep-throat test. I would much rather see the resources of our society being directed to mitigating the financial consequences of identity theft. It is my belief we as a society will have to change our expectation of privacy. Just like tribes living in communal houses in the Amazon jungles have a different idea of privacy, we will have to develop new expectation of what is private.
Your personal information is out there; that is the new privacy paradigm of the Internet age. Sooner or later, your private information will become available to others. So, unless you wish to disconnect and stop using technology completely and move to a jungle, you should prepare for the inevitable.
iPhone is a registered trademark of Apple Inc. App