Love cybersecurity news? Can’t get enough of Cambridge Analytica, Facebook, Yahoo, Marriott, Under Armour, and other recent, massive data breaches?
Then—boy oh boy—do I have the pull quote for you:
“If we thought that 2018 was dominated by privacy concerns, just wait until 2019.”
So claims privacy and security expert Andrew Burt in a recent article for the Harvard Business Review. Burt, who serves as chief privacy officer and legal engineer at data management company Immuta, believes we’re living through a revolution in how humans conceptualize and manage their sensitive information online.
Gone are the halcyon days of the early internet, when the only people debating online privacy and data rights were academics, futurists, and guys in t-shirts featuring jokes about binary code. In our increasingly interconnected world, Burt argues, the question of what information we store online—and how others use it—is no longer “the merely immaterial or political concept it once was” but a daily concern that can have “substantial impacts on businesses’ bottom lines.” Advancements such as big data and machine learning have made individual privacy a “more concrete, and more critical” concern, similar to the way we think about national security.
“Individuals and governments alike should no longer expect consent to play a meaningful role in protecting our privacy. Because the threat of unintended inferences reduces our ability to understand the value of our data, our expectations about our privacy—and therefore what we can meaningfully consent to—are becoming less consequential. Being surprised at the nature of the violation, in short, will become an inherent feature of future privacy and security harms.
This is precisely why the recent string of massive data breaches, from the Marriott breach that impacted 500 million guests to the Yahoo breach that affected 3 billion users, are so troubling. The problem isn’t simply that unauthorized intruders accessed these records at a single point in time; the problem is all the unforeseen uses and all the intimate inferences that this volume of data can generate going forward. It is for this reason that legal scholars such as Oxford’s Sandra Wachter are now proposing legal constraints around the ability to perform this type of pattern recognition at all.”
Whether you’re a concerned business leader or one of those old-school, Web 1.0-era nerds reveling in the fact that you were right all along, be sure to check out Compli’s other articles and resources about cybersecurity and privacy.