9 Disturbing Data Privacy and Security Concerns We Should ALL be Aware of

Image Source

“There's folk out there who would do you harm … so I'll sing you no lullaby”
– Ian Anderson of Jethro Tull (No Lullaby, from Heavy Horses, 1977)

Technology is pretty awesome. I built my career largely around the intersection of information technology and the pursuit of excellence in management practices. Over the last decade I've added education to that mix (surprised it took me that long to land here, given all the ‘nudges' life gave me … but that's a story for another time).

Despite the amazing things made possible by technological advances, it's not simply “all good”. As I tell students in the Digital Literacy in the Workplace course I teach at The College of Westchester: all technologies have their pros and cons. This has always been the case, going all the way back to fire and the wheel. We just have to do our best to ensure that the benefits outweigh the dangers and drawbacks.

When it comes to today's highly mobile, ubiquitous information technology, one of the biggest drawbacks is the potential that comes from people with bad intent who are out to exploit our comfort with this invasive technology, and our ignorance. Even companies pursing commercial success are doing some things and opening some doors that we should at least be cognizant of, even if we choose to take no other action.

I focus on educators here because you are the audience that this blog is written for, and because I believe that we have a great opportunity (and dare I say … an obligation) to raise our own awareness. Only then can we take efforts to raise our students' awareness, which we really must, as most are swimming through this ocean of data with little thought to the negative implications of this technology immersion.

There are a lot of scary things that we need to realize are potentially lurking behind these apps and gadgets. I'm not advocating laying them aside, but simply that we be aware of these possibilities. We need to keep our eyes open, keep our “BS detectors” on, and talk about this stuff. Only by being aware and having an ongoing dialogue can we try to avoid, and begin to more proactively address, these very real issues.

Identity Theft: Of course, this is a huge concern that everyone should have some awareness of. It is not really that hard to assemble enough information about someone to pretend to be them, and profit from doing so. Just think about those security questions that many systems use to secure your information. Knowing the street you were born on or the first car you drove isn't necessarily that hard to find out. Sadly, identity theft crimes are often carried out by someone who knows you, making it that much easier. Just think how easy it could be for a sneaky co-worker or a friend of a friend to find some of this stuff out. Or how about someone who works at a company that deals with this sort of thing (like credit report places)? Here are some steps suggested by USA.GOV, for preventing identity theft. And here's one victim's story.

Phishing is out of control: You may not know the term, but many seem familiar with the possibility of getting a bogus email that attempts to scare you into giving up a user name and password for an account. It is very easy for bad players to emulate a bank or Amazon or PayPal or UPS, etc., and send an email that frightens you into clicking a link and enter data. And a surprising number of people fall for this. If you fall for it, and you happen to have the same user name and/or password on other systems, the odds are pretty high that those accounts may be accessed too. The bottom line … never click on links like these: if you think an email like this might possibly be legit, don't click – call the company (not a phone number in the email, look them up independently, or check a past bill). Phishing attacks are also being increasingly perpetrated over social media as well, so watch for that too. Be wary!

Malware is Everywhere: There are so many types of malicious software circulating via the Internet. What makes it so much easier for these to invade our systems and log our keystrokes, or use numerous other techniques to steal information or hijack our computers, is the fact that users on home computers are typically set up as administrators. One great technique to limit the damage is to have separate admin and user accounts for yourself, and only use the admin account when you are purposely going to install new software. That way, when you are using the computer for regular, day-to-day use, you can't accidentally run an executable program that will install malware. At a bare minimum, you must have an active anti-virus app on your device.

Beware of public Wi-Fi: The first barrier to accessing data flowing over a network is access. If a network is hard wired, you have to be able to physically connect a device. That's easy to control. If a network is wireless, you just need to know the code to access it, and when it comes to free public wi-fi, the code is made known to everyone … so much for barrier number one. It is pretty easy for someone with a little knowledge to capture the data flowing over an open wireless network. If that data isn't encrypted, then it is plainly visible. Do you know which phone apps use encryption to send user names and passwords when you open them? For example, when you open Twitter on your phone, it is sending your user name and password over wi-fi (if you are using a wi-fi network). If you are on public wi-fi, anyone can see this data, but fortunately Twitter encrypts your data, so they will only see scrambled content that is very, very hard to decode. But what about your other apps?  

“Always on” technology like Alexa has the potential to be accessed by techo-criminals: I bought the Echo Dot a couple months ago and I think it awesome. But by default, we leave it unplugged. My family finds the “always listening” nature of the device to be disturbing. I think they are wise to be a little paranoid. It is undeniably possible that sophisticated hackers could access this device and listen to everything going on with earshot of the device. I wish I could be comfortable leaving Alexa on all the time but I'm not. And when I google things like, “how is Alexa secured?”, I don't find a lot that makes me feel like Amazon has this nailed down.

Webcams can be accessed and watched by people with bad intent: I knew this was possible, but until a few months ago, I thought that the camera light would have to go on if someone hacked into it and turned it on. Apparently not. Very creepy.

Law Enforcement can monitor your activity, in ways you probably never imagined: Police and other legal authorities can obtain warrants to listen in to what you're doing on your devices. I don't pretend to be an expert on this, but I believe that even if you are just a suspected victim, they can potentially listen. The law always seems to be a few steps behind the evolving state of tech, and there are many loopholes that can negatively effect typical citizens like you and I. Check out this article on the authorities' use of “stingray” devices for a new perspective.

“But I'm not doing anything wrong, so what do I care if they access my data?”.
I think that this article, “Nothing to Hide? Nothing to Protect?” by Irina Raicu, gives a great perspective on the dangers of this perspective. Being so open means you are also willing to give away information related to your kids, loved ones, friends, etc. Are you?

So much of what you do online is tracked, stored, and sold: Not a lot of people realize just how extensively your browsing, searching, social media use, etc. is tracked and stored by Google and many other companies. This data is then sold to marketers and others. It's worth a lot of money to many who are willing to pay for it, but you'll never earn a dime off of it (unless Blockchain technology changes this). While this may seem relatively innocuous, this data can come a lot closer to identifying you than you might realize. Additionally, there's a long history of breaches that have allowed people with bad intent to access your information … information that wouldn't be there if the practice of collecting it (and allowing you no control over it) wasn't so widely accepted. Here is a great article to explore to learn more: “Why You Should Care About and Defend Your Privacy“.

Hopefully you learned something new while reading this. Now think about our students – they are often very unaware. We all know that education does not have to restricted to the specific subjects we are each charged with as teachers. For many of us, if we see an opportunity to pass on some vital awareness to our students, we will do so. Here is just such an opportunity.

What I've shared here are just a few of the scary possibilities that we face in this plugged-in world. While I do believe that the pros outweigh the cons when it comes to information technology, it is essential that we not ignore the scary possibilities. We need to be aware, and we need to discuss these things openly.