China could learn lessons from Amer­ica’s mas­sive credit breach

Global Times – Metro Shanghai - - FRONT PAGE - By Katie Kelly The opin­ions ex­pressed in this ar­ti­cle are the au­thor’s own and do not nec­es­sar­ily re­flect the views of the Global Times. Page Edi­tor: duqiong­fang@glob­al­times.com.cn

Ear­lier this month, 143 mil­lion Amer­i­cans were shocked to find out that, through no fault of their own, their most con­fi­den­tial in­for­ma­tion, in­clud­ing so­cial se­cu­rity num­bers and credit card data, fell into the hands of hack­ers.

Equifax, one of the “big three” con­sumer credit re­port­ing agen­cies in the US, re­vealed that their in­ter­nal com­pany files be­came ac­ces­si­ble to hack­ers, who were able to siphon off per­sonal con­sumer data un­til the breach was fi­nally dis­cov­ered.

Equifax is re­spon­si­ble for man­ag­ing the data of 820 mil­lion con­sumers and 91 mil­lion busi­nesses world­wide. Con­sid­er­ing the breadth and depth of the leaked in­for­ma­tion, an­a­lysts are pre­dict­ing that the ad­verse ef­fects of this dig­i­tal catas­tro­phe may be long-last­ing.

Fol­low­ing the dis­clo­sure of what has be­come one of the big­gest on­line se­cu­rity breaches in history, peo­ple around the world have been left won­der­ing if their data is re­ally as safe as com­pa­nies like Equifax, Google and Face­book have led us to be­lieve. We live in a world me­di­ated by tech­nol­ogy; ev­ery day, we use tech for re­tail trans­ac­tions, to chat with friends and even find spouses.

In do­ing so, we are es­sen­tially en­trust­ing our en­tire lives to the mega-cor­po­ra­tions that man­age these so­cial and fi­nan­cial plat­forms. Of­ten­times we sur­ren­der this in­for­ma­tion with­out even fully understanding what data is stored, how it will be used, who has ac­cess to it, and – most im­por­tantly – what mea­sures will be put in place to en­sure that it is kept safe.

Here in China, such con­cerns are also on the minds of Chi­nese con­sumers, as their daily lives too have be­come in­creas­ingly in­ter­twined with tech­nol­ogy. Ac­cord­ing to data from iRe­search, the trans­ac­tions of China’s third-party on­line pay­ment reached 19 tril­lion yuan ($2.9 tril­lion) in 2016, soar­ing 62.2 per­cent from 2015.

Ad­di­tion­ally, Ali­pay boasts a whop­ping 520 mil­lion users world­wide while WeChat’s 2016 data re­port counts 768 mil­lion daily logged-in users; it is es­ti­mated that roughly 300 mil­lion users have linked their pay­ment in­for­ma­tion di­rectly to their WeChat ac­count. Clearly, if the fi­nan­cial se­cu­rity of hun­dreds of mil­lions of Chi­nese hangs in the bal­ance, more proac­tive mea­sures should be taken to en­sure that they are pro­tected.

Pay­ment apps are not the only ser­vices that are po­ten­tial tar­gets. In 2015, a pop­u­lar Chi­nese dat­ing app re­port­edly came un­der fire for not us­ing suf­fi­cient en­cryp­tion when trans­mit­ting users’ per­sonal in­for­ma­tion. With­out en­cryp­tion, any­one with even a mod­icum of hack­ing knowl­edge was able to in­ter­cept the data be­ing trans­mit­ted and gain ac­cess to the names, ages, in­ter­ests, lo­ca­tions and con­tact lists of their re­ported 2.5 mil­lion ac­tive users.

If this kind of in­for­ma­tion were leaked, it could be dis­as­trous for the peo­ple in­volved, as it could be used to stalk or black­mail users. Not to men­tion the so­cial con­se­quences of the po­ten­tial re­lease of mil­lions of peo­ple’s dat­ing history. Keep in mind that, just last year, thou­sands of Chi­nese univer­sity girls from across the coun­try who had sub­mit­ted X-rated self­ies of them­selves (while hold­ing their of­fi­cial China ID card) to il­le­gal money len­ders as col­lat­eral had all of their pho­tos leaked on­line; some com­mit­ted sui­cides out of sheer shame.

There are al­ready some reg­u­la­tions in China that out­line re­quire­ments for se­cur­ing data and con­se­quences for putting con­sumers’ pri­vate in­for­ma­tion at risk. In fact, new cy­ber­se­cu­rity leg­is­la­tion put into place in June makes an at­tempt to fur­ther pro­tect in­di­vid­u­als and make busi­nesses that store and trans­mit data more ac­count­able.

But the best course of ac­tion now would be to im­ple­ment an ul­tra-strict en­force­ment pol­icy for these reg­u­la­tions. Be­cause, as we have learned from the Equifax credit calamity, once pri­vate in­for­ma­tion is made pub­lic it is im­pos­si­ble for it to ever be­come pri­vate again.

It is im­per­a­tive that China learns a les­son from Amer­ica’s lack of cy­ber-se­cu­rity and take im­me­di­ate ac­tion to proac­tively en­force these reg­u­la­tions be­fore there is an­other ma­jor data breach. After all, if you think that mil­lions of Amer­i­cans hav­ing their most per­sonal in­for­ma­tion stolen is bad, imag­ine it hap­pen­ing to 1.3 bil­lion peo­ple!

Newspapers in English

Newspapers from China

© PressReader. All rights reserved.