Our Data Has Been Stolen – Should We Be Taking This Seriously?

“We’re taking it really seriously,” Zuckerberg responded to the scandalous Facebook hack that was unveiled last week. Whoever has taken this whole data issue lightly, including myself, has received the ultimate wake-up call. Some of us are definitely amongst the 50 million Facebook users whose privacy has been violated.

But who would care about my soppy “I love you so much” messages and random emoji outbursts? This used to be my approach to data protection. I have nothing to hide, so why should I care?

Researching anything to do with data and technology is usually off-putting simply because of its alien-language. Perhaps this lack of understanding is part of the reason for our somewhat lenient approach to data protection. The rest of our leniency I attribute to an inability to grasp what’s at stake.

Tokens, a unique string of letters allowing us to log in automatically, were the entry gate to our data. These supposedly have not only given hackers access to our facebook accounts, but also third-party accounts like Spotify, for which we use our Facebook log in. Chief risk, privacy and information security officer Dana Simberkoff at AvePoint, tells us to give up convenience for security and not to use apps like Facebook to log into other apps. We know this now, and we’ll probably still do it.

Companies like AvePoint, which work to improve people’s data protection, clearly exist. Just like the EU’s General Data Protection Regulation exists. This states, under clause 170, Unlawful obtaining of personal data, that

“it is an offence for a person knowingly or recklessly a) to obtain or disclose personal data without the consent of the controller and that b) it is an offence for a person to sell personal data if the person obtained the data in circumstances in which an offence under subsection 1) was committed.”

In other words, we are victims of data crime. Our personal information was illegally sold on dark web market sites like Dream Market. The General Data Protection Regulation could fine Facebook as much as 4 % of its global revenue. Still, the issue does not seem to affect me personally.

We seem to believe that our data is “only” sold for advertisement purposes, so why does it matter, right? You hear people talking about how creepy the internet has become – ads about cheap flights to Italy popping up just moments after we google hostels in Rome. Yet  only when stepping outside our acquired habits, like posting about our reckless nights on Instagram or sending account numbers to each other over messenger, we can grasp the the scope of this issue.

Our social media accounts have become extensions of ourselves. We share pictures, like a photo diary, and thoughts, like a journal. We confess, we make mistakes, we forgive. Now imagine someone stealing that diary. Opening it, scribbling in it, throwing it around. It would hurt you, because it feels as though you are being thrown around. Well, we are being thrown around. And abused. By a vague vacuum of hackers, companies, perhaps even governments. Whether it will be future employers knowing about our university sins or insurance companies adjusting prices to the number of steps we take (or didn’t take), there will be consequences for our leniency. So Zuckerberg is right – this should be taken really seriously.