In recent years we’ve become used to tech companies regularly having to put their hands up and admit to a data breach of one form or another. Notable examples include last year’s headlines having Facebook admitting to collecting the email contact details of 1.5 million people without their permission when new users signed up to use the app.
Similarly, this month has seen Instagram (also owned by Facebook) having red faces when it was revealed that 49 million records, including bio-data, profile pictures, number of followers and contact details were allegedly published online. Events like these make it unsurprising that, according to the Pew Research Center, more than 90% of Americans admit to having lost control of how their personal information is used and collected.
Given that nowadays we are all so dependent on our online presence and connectivity, begs the question of whether such breaches are the price we have to pay for using these free services, or is there anything we can do to eliminate, or at least minimise, our risk to these and other sorts of incidents.
When it comes to exposure, the device which represents the highest level risk to your security and privacy is, without doubt, the phone in your pocket. Personal computers or laptops offer at least the potential for greater security than your common or garden mobile phone. The clue is in the name: your home computer is usually just that, at home, whereas your mobile is… well, mobile. And it’s precisely this ability for your phone to accurately monitor and track your location at all times (a blessing for navigation, monitoring your child’s movements etc.) which makes you vulnerable when the question is raised about who this information is, or can be, shared with.
And, of course, it doesn’t stop there. Every phone call you make, every SMS or email sent from your phone and to whom, is logged and recorded by your service provider. And, potentially it’s not only them, as Edward Snowden’s disclosures proved in 2013. Add into the mix the potential for hackers to surreptitiously deploy malware to access our bank details, passwords, hijack the inbuilt video camera and microphone, and any number of other nightmarish scenarios (did I mention the increased tendency for phones to have fingerprint, iris and facial recognition, AI and the like?), and the case for increased concern becomes irrefutable.
So what are the tech giants doing to protect us? Well, for a long time Apple was considered to be the good guy in the fight for personal privacy. Even to the extent of the case in 2016, when you may remember the company refused to comply with the FBI’s request to help them unlock an iPhone belonging to one of the San Bernardino terrorists. In fact, for many people, Apple’s best product is not the iPhone itself but its attitude when it comes to the data stored on its devices.
An attitude which is generally held in stark comparison to Google and Facebook (amongst others), who regard their ability to track every aspect of their users’ life as a right and, with the sale of such metadata, principally to allow targeted advertising, a commercial opportunity (“There’s no such thing as a free lunch”, right?).
To illustrate the difference, one blogger reported that, following a request to have a copy of everything Facebook, Google and Apple knew about her. She eventually received three files and, tellingly, noted: The size of zip file I got from Facebook was 144 MB, from Google it was 5.03 GB! Apple gave me files sized merely 5MB.
In response to mounting criticism about Facebook and Google’s cavalier attitude to their users’ data, perhaps it’s not surprising that Google at least has woken up to the fact that things need to change, as evidenced by the speech given by its CEO, Sundar Pichai, at their developers’ conference earlier this month.
Pichai announced that they were introducing a number of features designed to allow users to maintain greater control of their personal data. He revealed in his keynote address to software developers from around the world Google’s intention to allow data to remain on the devices (phones, tablets etc.) themselves, rather than immediately being shared with Google or stored in cloud computing centres. He also signaled that with the full introduction of Android Q (the 10th generation of Android, currently in Beta) one tap access to Google accounts will enable users to adjust their privacy settings to a level not currently available. As an example, using Google Maps in the new “Incognito” mode, will ensure that your navigation activities will no longer be linked to your account. These and the other announcements relating to privacy and security were certainly a big hit with the conference attendees, and will, no doubt, be greatly appreciated by the more savvy users of tech.
So, have Google at least, really turned the corner, or is this just window dressing designed to appease security-conscious libertarians? Or, as the cynics might argue, is it that in a climate where top of the list of most used passwords (as quoted in Forbes online) was 123456, maybe they’re counting on the fact that most users appear to be indifferent about their personal data, and won’t bother to use the new features anyway?
Bring on the next data breach…we’ll keep calm and carry on.