Companies responsible for privacy abuses

By Ashley Gray, September 11 2014 —

Last week’s iCloud hackings scared me. Like many people, I own an iPhone that’s connected to Apple’s iCloud, a virtual cloud where electronics can access data or transfer information.

On Sunday, August 31, somebody cracked the iCloud system and stole over a hundred nude photos from the personal accounts of mostly female celebrities.

There’s been a lot of media coverage surrounding the risk of sending nude photos in the past couple years. Usually these warnings are aimed at teenage girls who, after sending a photo of  their breasts to their boyfriend, find it circulating their high school. Anyone can find their private information suddenly public.

Does that mean that you should stop shooting risqué photos of your recent lingerie splurge? Absolutely not. It’s your choice, your body and your property.

People who commit crimes are responsible for them. But corporations need to act on their responsibility to protect their clients’ data. Privacy is an important right.
Everyone is a potential victim of hacking. I wonder who might be anonymously scrolling through the recesses of my phone right now. Personal accounts aren’t the only ones at risk. What if someone could access your UCalgary account?

University of Calgary students store their scholastic information on a network of  data clouds. Desire2Learn, Student Centre and Degree Navigator form a web of information about student transcripts and personal information. If you pay your fees online, your bank account is also at risk. It hasn’t happened yet, but that doesn’t make U of C accounts impervious to attack. If somebody were to hack this system, it would be a major security concern, especially at such a large public institution.

What can you do? Not much, short of not handing out information to deposed foreign royalty who email you begging for your bank account information. Always be wary of the information you share online. You can check your password security on websites such as howsecureismypassword.net, but even a strong password won’t always protect you. After  typing “kitty” into this website, it tells me that my password would be cracked almost instantly. On the other hand, GkY19cdF24c — an arbitrary password caused by hitting my head on the keyboard — would apparently take 412 years to crack. Although that’s a long time, a computer program makes it possible.

Is the whole predicament hopeless? Should we just revert to the Dark Ages before the internet existed?

Any corporation that pretends to protect your data should be living up to the responsibility. Blame for security breaches lies with the company, not with its clients — even if they set up their pet’s name or birth date as a sentinel for their information.

Online corporations are already trying to improve their security. Some websites enforce password restrictions that cause their users to develop a password so convoluted that not even the users can remember the combination of underscores, numbers and uppercase letters.

The next measure of password protection involves shifting scales of red, yellow and green to indicate the strength of your password as you type. Websites sometimes require a certain length of password, as a longer password is more difficult to guess.

Thank goodness for the “forgot your password?” button, right? Wrong. Password reset is just another way to access your information.

Apple’s iCloud system employs all of these measures, but it was still hacked. Hackers may have easier access to certain accounts based on the passwords which the account holders choose, but Apple should be better protecting this information. Hackers will never disappear. But if websites aren’t careful about evading them, your information might.

Comments



Hiring | Staff | Advertising | Contact | PDF version | Archive | Volunteer