Concerning Data Privacy Issues in 2019

May 29, 2019 • Shannon Flynn


When some of the more prevalent technologies of today started picking up speed there were a few ramblings about data security and privacy, but one could argue that — as a society — we just weren’t ready. No one was really sure how to handle or tackle the data privacy issues presented by this new wave of devices and platforms.

Today, these issues are on everyone’s mind. It seems like
every day there’s another major data breach or cybersecurity attack. On the
days there aren’t any news, we hear about privacy breaches and the official
mishandling of data, Facebook and Cambridge Analytica serving as a perfect

The decision makers of the world have started to
understand the true extent of damage these issues can cause, sparking a slew of
new regulations and laws. GDPR was just the first of many to come. The CCPA or California Consumer
Privacy Act
is yet another.

Unfortunately, while these new enforcements are warranted
and will certainly help, there are still a lot of things happening in the
digital world, some more concerning than others. It begs the question, what are
the most prominent issues we face today? What privacy and security problems
should everyone be aware of?

1. Character Assassination Opportunities

Several events have merged to create a perfect storm of
destruction if you will, capable of ruining the lives of many. There’s outrage
culture, where groups of people react negatively en masse. Then, there’s the
theft of private and sensitive information, as well as its sale in the open
black market.

This presents a unique possibility where identity thieves
and hackers can use personal information against us. Holding information at
ransom is just one example of how this might play out. Ransomware is a common
type of attack that locks down a system or device in exchange for monetary
compensation. The same can be done with sensitive information, particularly
data that could cause a stir if released to the public.

But the problem is that there’s really no telling how
sensitive information can and will be used. Swatting, for example, is a dastardly attack
carried out — often by younger attackers — where an address is provided to law
enforcement and presented as a threat. The necessary authorities storm the
property or home in question expecting to find weapons or worse, which is both
dangerous and senseless. To carry out the act, one only need a home address
which can be gleaned through a reverse IP search.

2. Social Engineering Attacks

A particularly effective hack combines digital attacks and
social engagement for nefarious means. These kinds of attacks have always been
common, but the problem is that in today’s society they have grown incredibly

Someone might reach out posing as an official company rep, for instance, with the intent to gather passwords, account info and even payment details. They validate their authority by providing sensitive details that, by all rights, only a business should technically have.

Except the information was gathered through various means, sometimes even during a data breach of a compromised system.

It’s more about social interactions — hence why it’s referred to as social engineering — but
still relies on sensitive details, many of which are stored in a digital form.

In the years ahead, this type of attack and the events
powering them will become incredibly effective. It will be difficult to discern
legitimate contact with that of unscrupulous parties, especially for the common
person. This is not just concerning, it’s also frightening. In addition, it will
propel by the vulnerability, accessibility and compromise of various personal

3. No Business Can Be Trusted

Regulations like GDPR and CCPA should, by all rights, ensure that organizations handle sensitive customer data and information appropriately. They even put measures in place to punish offenders who are not in compliance.

It’s a welcome change in the current landscape and helps to force companies to pay more attention to the information on data privacy issues they have, and how it’s handled.

Unfortunately, however, there are still instances where
companies are going to look out for their own best interests, damning everyone
else. A 2016 attack that was carried out on Uber, for instance, resulted in the
breach of over 57 million user profiles including information about email
addresses, mobile numbers, names and more. The names and driver’s license
numbers of over half a million Uber drivers were also compromised.

Rather than publicly disclose the breach and take action
to protect those affected, Uber paid the hackers $100,000 to delete the data.
Even worse, the company didn’t even share that it was attacked until over a
year later. They were fined $148 million as a result.

Uber isn’t the first, and it won’t be the last. The key
takeaway is that we cannot trust any organization to protect our sensitive
data, no matter how many regulations are in place.

4. More Devices, More Channels, More Data

With the emergence of technologies such as IoT, mobile computing, cloud computing and much more it means that the total amount of data is also growing, exponentially. One could argue that the amount of information surrounding an individual is routinely growing as well, allowing for a near total picture when compiled.

IoT devices such as smart home cameras, smart doorbells, and smart assistants can provide hackers with plenty of extraneous information. One could discern, for instance, someone’s daily routine such as when they leave for work or when they arrive home.

This could also apply to when they go to sleep at night, what places they might visit, and what purchases they might make or stores they might enter. It doesn’t seem like it up front, but all of this information can be combined to build an accurate profile of the said person, at the least to carry out more targeted attacks.

What if a hacker could see when you aren’t home, gain
entry to your house, — unbeknownst to you or any of your family — to steal
belongings and valuables or plant something, like a hidden device. It’s a scary
thought, but it’s something that could happen.

As more devices come online and collectively we — as a
society — begin to use them, it generates more robust data, which in and of
itself is more information to use against us.

Understanding Data Privacy Issues and Security

Sadly, one of the best ways to protect ourselves is to
simply not use the devices and platforms in question. The result is that
sensitive and private information is not created, collected or passed on,
therefore mitigating the risks. That’s not always possible, however, which
means that understanding data privacy, in general, is necessary to thrive in
today’s landscape.

Avoiding sites like Facebook or Amazon won’t necessarily
keep you safe either. Sometimes these companies collect data regardless through
a series of channels, or may acquire and store data sold to them through other

Again, the best defense is to stay informed on data privacy issues. Make sure you and your family understand the types of attacks and events that are happening, like social engineering attacks, and how to protect yourself.

In addition, keep an eye on those regulations and policies and how that might affect you and your data. GDPR, for example, forces all companies doing business with European citizens to offer a “right to forget” system that allows people to request and purge any and all data collected about them.

Doing this routinely can help prevent sensitive information from falling into the wrong hands.