The Cost of Privacy

in Reflections3 months ago

Back in 2020, a mental health service here in Finland was hacked and 22,000 people had their records stolen, ransomed and released publicly, including all of their session notes. The hacked happened due to very poor security, and the average payout for the victims will be 500-1500 euros for attempted or aggravated extorsion. As you can imagine, these were people who were already struggling with life in some way, and the added stress might have been the trigger that pushed some over the edge, and several have taken their life since.

image.png

Does that amount cover the damage done?

Unlikely. However, while I was reading an article about the settlements today, it got me thinking more about the cost of our privacy, and sometimes, whether it is even worth it. We have of course been told that our digital privacy is of paramount importance, but pretty much anything stored digitally has a huge amount of exposure, and much of it goes through the datamining companies, or are stored in their systems. Just because the person next to us can't see or have access, it doesn't mean that we aren't seen, or could be seen.

So are we actually private?

Lately in the news, I have also read some stories where they have closed murder cold cases decades after they happened, using genetic data collected from those genealogy websites. While I don't feel for the killers, many of whom died years earlier anyway, it does hint at how data can be used years after the fact, even if we didn't create it ourselves. For instance, the work meeting recordings stored by Microsoft through Teams, or the queries put into OpenAIs APIs.

Will they ever come back to haunt us?

It is a bit like those "topless modelling shots" taken by a boyfriend when a girl was young, and then printed for a magazine after they are elected for parliament. The difference is, there is nothing personal in it at all, no relationship between the photographer and the model, no emotions, just a business model that is looking to maximize profits. Can that model be trusted to keep our data secure not only now, but in a few decades from now?

I suspect not.

And even if the data leak is due to a mixture of incompetence, negligence, or bad actors like the one mentioned above, the result is the same. We are exposed. I think that while we can try and limit our exposure by being careful with what we share, in this day and age, we should probably assume that nothing is secure eternally and that everything has the potential for getting out into the public eye. For the majority of us, there might not be anything of interest for others, but that doesn't mean it doesn't have value in some way or another. The information is already valuable, as it is being used for access to social networks and to train artificial intelligence, so who is to say what the value of it will be in a decade from now.

But outside of all of the hacking and privacy, I wonder how much the mental cost is to worry about and deal with our digital security. I suspect that for many it is usually a low stress level, but at times it might get quite high, depending on circumstances. I assume that is going to bear mental and emotional load, and impact on our health in numerous ways. We probably haven't had to worry too much about privacy until the recent past, and in an already complex environment, the cost of our privacy might be higher than we realize we are paying.

Is the return worth it?

Taraz
[ Gen1: Hive ]

Sort:  

I think my biggest issue with the leak of private information like this is the fact that it is so common these days that companied don't really even take it seriously. They will say they are going to give you three months of identity protection, but that's about it. I think there should be much larger monetary penalties when they are careless with your data.

With the European GDPR many huge penalties have been given already to some major companies.
Uber just got fined 324 milion euro for leaking sensitive driver data.
But fining companies after a leakage isn't solving the problem.

But the problem also is that people dont care a lot about their privacy. As long as they hey stuff for free.
Most people dont care that apps get access to all our contacts, mails or photos.
They have a "I've got nothing to hide"-attitude.

I wonder how much of that money gets to the end users though. They are the ones who should be compensated. Just imposing a fine and keeping the money is a joke.

Yeah. It seems almost "expected" by the companies, doesn't it? This particular company went bankrupt quick smart, but it was also a contractor for the government, which meant there were some pretty high-profile people in the list. But, it also tells what kind of security screening the governments do.

That's pretty bad. I know my wife has the official notes she keeps and then she has her personal ones that she keeps in her head for a lot of her students.

It is already beyond redemption, I feel. Your information is out there to some extent, possibly through no fault of your own. When you go to the doctor or hospital, everything is done digitally, making even your most private issues available to those intent on finding it.

Personally, I don't feel there are any measures in play today to mitigate those risks. It is disconcerting to say the least.

Yep, school records, drivers licence (all licensing), work records, banking, subscriptions, medical, passport, insurance...anywhere data is gathered allows one to be tracked and eventually compromised. There's no hiding from it.

I would somehow find low security an excuse, but it is sold in my country. I get SMS from bet companies and calls from internet providers, so called my internet contract has been expired, which is a fraud 😄

In the beginning I remember being careful and second-guessing everything I posted/commented on here but in a way it's just been normalizing the future for us because nowadays no matter if you're on discord, telegram or sms/voice calls you gotta assume it is recorded and may be public eventually whether on purpose or not. It's kind of a relief in a way if you get used to it cause you don't have anything to hide any longer.

As an example, I'm sure if zing would end up doing well and become big there's going to be some sleuths out there looking through my twitter or hive history and be like "omg the founder of this said "fuck off" to this person, look everyone!" and now they might care but eventually I think people are going to realize that we're all human and better to see that than to not know what they're really like.

I’ve been on a pretty big privacy mission in the past few years and it’s hard because almost nobody cares at the moment. I get there are a lot of other things going on but our privacy is so important and the information mostly doesn’t change. I’ll never go for biometric data either because once that’s out you are truly fucked.

The sad thing is these companies just chock it up as a cost of doing business. They factor in they will eventually get hacked and information stolen. They think this is an excuse for shitty security policies and laziness but then don’t get any real consequences for the actions. Ya a company may go under but people should go to jail for being lazy with this shit.

That badge for most reblogs sure is taking it's sweet time.

This is something I'm very conscious of, especially when it comes to the big tech companies. I'm off of Apple, I have only free accounts with Google, but my one weakness would be with Meta. I was a longtime Facebook user for its messaging service, and now my partner is deep on Instagram. I use TikTok only to view and message, but have not given it creator permissions to use my mic or camera. Sorry China!

I rather like those adverts I get because they are listening in to me. At least they are getting me what I need (or want)...

That is really sad that they targeted those that have mental issues already, and that some couldn't handle it and decided to end things. Why can't these hackers expose corrupt politicians or other criminals instead? I don't believe in digital privacy anymore. Hack like these can happen, or companies themselves can sell your data. At this point, anything I don't want getting out, I just keep to myself.

This is a big part of the reason I chose not to go with a pen-name here.
Anonymous trolls have to worry that anonymity will vanish one day.