We’ve become far too dependent on technology as a tool for interacting with and understanding the world around us. Rather than speak to one another, we prefer to scroll through the various newsfeeds of our favorite social media platforms. Why go to a library to learn information about a particular topic when one can simply search for the answer on the internet, and have thousands of results within seconds. That age-old adage about keeping friends close and enemies closer comes to mind when reflecting on how our digital dependencies have wronged us. Specifically, we’ve come to trust online platforms and applications to keep our personal, private data safe from unsavory individuals, and, as we’ve seen in recent news, this has come back to bite us in the rear.
In the early days of December 2018, Google (GOOGL) was caught red-handed, and the accusations were less than civil from those affected. Google (GOOGL) announced plans to shut down its social media platform, Google+, sooner than originally scheduled because of a massive data breach, resulting in the potential infiltration into 52.1 million user profiles.
“Our investigation into the impact of the bug is ongoing, but here is what we have learned so far…We have confirmed that the bug impacted approximately 52.5 million users in connection with a Google + API. With respect to this API, apps that requested permission to view profile information that a user added to their Google + profile — like their name, email address, occupation, age — were granted permission to view profile information about that user even when set to not-public.”
-Google Official Announcement Concerning Google + Data Breach
When this announcement went public, people felt betrayed. How could the platform that created a verb for us to passively tell our friends we don’t know an answer, and to just look it up, allow our data to be compromised? What kind of world do we live in where something like this could happen. Allow me to answer this for you, it’s the world we’ve brought into existence and have become far too reliant on. I should say that domestic privacy concerns are dealt with in one way, but not all countries enforce data regulations alike.
Earlier this week, France’s data protection division, known by the French as CNIL, formally announced that it had found Google’s (GOOGL) data-gathering methods to be directly in conflict with the European Union’s new set of privacy laws, the General Data Protection Regulation, according to several sources. Following CNIL’s findings, the organization slapped on a $57 million fine for the critically-acclaimed search engine behemoth.
The official language from CNIL’s statement read as follows:
“Users are not able to fully understand the extent of the processing operations carried out by GOOGLE. But the processing operations are particularly massive and intrusive because of the number of services offered (about twenty), the amount and the nature of the data processed and combined. The restricted committee observes in particular that the purposes of processing are described in a too generic and vague manner, and so are the categories of data processed for these various purposes. Similarly, the information communicated is not clear enough so that the user can understand that the legal basis of processing operations for the ads personalization is the consent and not the legitimate interest of the company. Finally, the restricted committee notices that the information about the retention period is not provided for some data.”
–CNIL Statement
In more recent news, the US Justice Department charged two Chinese nationals, just before the new year, with partaking in a global hacking scheme to steal business secrets as part of a campaign initiated by the Chinese government, according to CNN.
The official indictment from the Justice Department stated that:
“…from at least in or about 2006 up to and including in or about 23018, members of the APT10 Group, including the two defendants, conducted extensive campaigns of global intrusions into computer systems. The defendants worked for Huaying Science and Technology Development Company…and acted in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau.”
-United States District Court of Southern New York
Although no companies were named in the Justice Department’s indictment, the filing mentioned that the hackers targeted and stole massive amounts of sensitive data in aviation, space and satellite technology, manufacturing, pharmaceutical and oil, and gas exploration, as well as from communications and computer processor firms and maritime technology companies, according to information gathered by TechCrunch.
