Privacy Lessons from My 70-year-old Self

by in Security

Privacy Lessons from My 70-year-old Self.jpgWith social media challenges, photo apps and privacy concerns on the rise, I couldn’t deal with peer pressure to download one of those apps (I used the popular FaceApp) and see what I’ll look like at 70. I regretted using the app moments after the excitement wore off and thought about what my 70 year old simulated future self would say about privacy:

  1. Be Scared (You Must): Any digital footprint you create exists forever and you don’t know where it will bite you in the back. The content you’re creating (even if you’re using a fake profile) will find you thanks to advancements in facial recognition, big data and artificial intelligence.

By using apps or online services, you give away the usage rights of your content (pictures, video or other formats) forever and you gift the technology vendor your content. You lost control of the content once you signed that user agreement. What they will do using your information will be completely up to them from then on. With the dissemination and replication of data using today’s technology, there is no such thing as a contingency plan (legal or technical) when things go south.

To add to that, services collecting personal information of sorts are known to harvest these data and turn data into profit: The use cases can range from improving facial recognition algorithms to gathering demographic information to even creating fake profiles for individuals.When you combine harmless-looking pieces of private information together, you can do a lot of damage.

  1. Ever Heard of Breaches?: Even if the app or service provider have your best interest at heart and are sensitive about your privacy, attackers certainly will not be. When there’s a breach, attackers will not think twice about exposing sensitive data or using sensitive data to make a fat profit. I think the “data is the new oil” quote attributed to Mathematician Clive Humby explains this concept perfectly.

    What was legitimate data for the app or service provider (with your consent on the user agreement) will be an illegal source of profit for a cyber attacker. When you consider how giant corporations (who spend 10s if not 100s of millions of dollars on cyber security) get breached and expose user information, it’s safe to assume that this new “cool” startup is more susceptible to attacks than mature organizations. (I know a few startups are using Fortify on Demand to secure their applications and customers, but it’d be a lot cooler if they all did. After all, application security related vulnerabilities still account for the majority of breaches out there.) So you should expect at least one of these providers to be breached. And the sad part is, you’ll probably never know when they do. Neither is there anything you can do about it.
  1. Life Goes On: Yes, you may or may not have made a mistake by uploading your photo or your personal information on that app or online service. That challenge was fun at the time, but was it worth it? If the app or service was free, what was the real cost for you? What or who was the real product? Could you have been staring right at it in the mirror this whole time?

All that said, life goes on and you should learn from this experience. Get smarter and think twice before you join that viral challenge or campaign on social media!


Application security