• United States




Privacy issues in 2017

Mar 03, 20175 mins

Decades ago privacy really wasn’t that much of an ongoing issue. In the days of agrarian society everyone seemed to know about everyone else’s business and personal lives. As we moved forward into an era of denser population centers due to the advent of of the industrial revolution suddenly, we collectively found a greater yearning for privacy.

In this current day and age we find ourselves slipping back to the agrarian mindset in some ways. Governments the world over are moving to strip privacy from their citizens under the guise of security. One was the battle cry was to protect the children which has given way, in most respects, to the fight against terrorism. That logic has the appearance of being sound for people who are afraid will be less likely to argue.

I personally have always loathed the argument that you have nothing to fear if you have nothing to hide. Personally I say nuts to that. None of your damn business. The only thing I’m a threat to is a cup of coffee. Now, with reports that the US government will be asking travelers to provide their social media accounts at border crossings it really sank in that it is time to say something about this trend.

I had the opportunity to speak with Adrian Mahieu, security expert and CEO of Cortex Insight about this very subject. I asked him the following, in the current political climate what do you see as the future of privacy?

Mahieu had this to say, “Installation of Signal is at an all time high with month on month increase in users. More users installing Telegram and Wickr.

Awareness of WhatsApp metadata logging and media frenzy over a perceived issue that didn’t really exist.Border search & seize of electronic device worries are at an all time high – good/bad travel advise is all over social media with respect to this.

One very interesting thing is happening though : These technical tools are now being used by Millenials as a matter of course – they as an age group care more about their privacy than many”

I must admit that I too use Signal. Shifting gears a little, I wanted to know about the push for governments to access systems. Taking in to account the move by governments to seek encryption backdoors is it safe to assume we are heading to a privacy crossroads?

“We’ve been there a while.

Every government from the past few elections has talked at some stage of ‘backdooring encryption’ and we are not there yet.

As Alec Muffet said – ‘There is no such thing as a secure backdoor.’

Put one in and it’ll be more than the US/UK that will like it.

The thought that a countries products may come with backdoors haunts of the clipper era.

Europe in general will not tolerate products made in the US that are suspected of having such. Indeed at a security conference in France last year – the majority of buyers were said to be looking for French products developed in France. It is not a recent thing that German information security products are bought above any others in Germany. People are starting to care where their products are developed.

With increased trade pressure this may become more prevalent as it becomes harder to ship physical security products. With software and online distribution it may be easier.”

Supply chain issues, as they relate to privacy, are no small matter when you consider the information that came to light as a result of papers disclosed in the Snowden breach. But, what of the penalties for companies that breach information? We have seen a precedent in the Yahoo data breach disclosures that had a massive impact on the sale of the company to Verizon.

I asked Mahieu, in light of the spate of privacy breaches that we have witnessed, such as Cloudpets, should there be damages for privacy violations?

“Yes and this has already started and been going on for a while in some countries.

The information commissioner in the UK has the power to fine companies.

Back in 2010 it started: From Tuesday 6 April, the Information Commissioner’s Office (ICO) will get enhanced powers to fine organisations up to £500,000 for serious breaches of the Data Protection Act. Previously the maximum fine was a paltry £5,000.” – still a drop in the ocean for some organizations”

This is a move that I believe will snow ball across the globe in an effort by governments to try and provide legislation as a vehicle to bring companies into line with how they handle privacy related data. I was curious if there was any more on this front. Mahieu had this to offer,

“The bigger sticks are coming.. the biggest is GDPR.

GDPR – you are liable for a fine of up to 4% of your global turnover. Turnover – not profit. For companies with razor thin margins this could prove terminal. It applies to all companies operating in the EU.

There have been many briefings about GDPR from law firms and consultancies – trade organizations are highlighting it as well. “

In the past year we have seen some massive data breaches disclosed and the implications that arise from those breaches are clear. The time to hold organizations accountable for how they handle your data has arrived with bigger sticks.


Dave Lewis has over two decades of industry experience. He has extensive experience in IT security operations and management. Currently, Dave is a Global Security Advocate for Akamai Technologies. He is the founder of the security site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast.

The opinions expressed in this blog are those of Dave Lewis and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author