Digital privacy is an illusion
It’s a fact told to us during a workshop by an IT expert in 2007. There is always a fair and probable chance that anything scanned and stored in a digital file or shared online can be accessed by any person without permission.
While we are still in the midst of an information revolution and are still grappling to understand its implications, it is better to assume that information about us that is already up there in the digital cloud, in public and private data servers, can be accessed and copied by unauthorized persons.
As the Department of Foreign Affairs passport controversy has demonstrated, the government, much less private companies, cannot guarantee their clients’ digital privacy. DFA Secretary Teodoro Locsin Jr. recently revealed that the department has lost personal data and other passportrelated information to an irked former DFA contractor.
Fact is, digital privacy is an illusion, said the IT expert during a workshop I attended at the National Computer Institute in Quezon City over 11 years ago. Not that we should just allow data privacy breaches to happen. We can hold data privacy violators accountable. After all, we now have a law on data privacy, Republic Act 10173.
While subsequent punishment may be a deterrent to violators, prior restraint, on the other hand, is futile. Regulators already tried that against The Pirate Bay, an online torrent tracker and index of digital content of pirated movies and software. The widely popular website simply gave them a runaround, using mirror sites and switching servers in countries where regulations and enforcement are lax.
We can also try demanding for the return of “stolen” digital data. We may have to read the contractual obligations of the parties first, if a civil or criminal breach of conduct has been made. Other than that, what is the point? Anything already in bits and pixels – from scanned documents to emails and chat messages – can be copied or screen-grabbed, and multiplied in a flash by those who are determined to keep and use the information.
Some say the data breach similar to what happened to our passport data at the DFA is a national security issue. Considering that documents such as birth certificates have been digitized and stored in government data servers for quite some time already, the question is: Karon pa mo? Spy agencies could have mined these data long time ago. Not to mention our country is a world leader in social media usage – that means we share a lot of information, wittingly or unwittingly, on social media.
To say that we must fear a digital data breach, that has been discussed in IT seminars since over a decade ago as well. And the consensus is, one need not fear the expected, but we can protect ourselves from its unwanted consequences. Because no matter how careful we are in securing our data privacy, the digital world is still a fertile ground for the most skilled hackers and data miners.
Yet these hackers and data miners are not necessarily out there to steal our money or identity. Most of them, in fact, are advertisers and marketers who just want to know our background and preferences based on our personal digital data and online behavior.
These risks are sort of the price we pay for convenience of the digital age. But as I said, there are security measures we can take to protect ourselves from the adverse effects of a data breach. For lack of space, I’ll take that up in my next column.