The notion that information lives forever is pretty prominent and scary, I mean its like the scene from Willy Wonka and the Chocolate factory where one of the children accidently transfers himself via pixels from one TV to another. Bytes of ourselves are constantly floating around, that embarrassing selfie, the text message you don’t want your parents to see. Forever online. See it’s cheaper to store all the information than it is to delete and filter through the world’s data. Thus it is as if there is no delete button with the default being set to ‘keep everything, save it all’, but who has access to this information. Well you, governments, companies, hackers, surveillance firms anyone with a means. Well to explore this I found a recent example, the Ashley Maddison Hacking.
So if you don’t know about the story allow me to fill you in, well firstly Ashley Maddison is a website that facilitates out of marriage affairs. Earlier this year the CEO was contacted and threatened by a conservative group that his website is ‘disgusting and promoted adultery’ and that if he didn’t cease and remove the website that the personal information of all of its 1,083,518 paying members would be leaked (Nobel 2015). This included name, emails, banking information, fantasies, conversations, the whole lot. After several threats the CEO failed to comply and over 3 weeks all members’ information was gradually released by the group.
While this in itself is a testament to the true power of hackers, what I am interested in is the fact that users who paid to use the company’s ‘paid delete’ function, which is suppose to wipe all their information from its servers were still exposed (Osborne 2015). The function alone was responsible for $1.7 Million in Ashley Maddison’s revenue for 2014 alone.
“Data deleted by the service included email address, first and last names, physical addresses, phone numbers and security question answers. However, GPS data, city, state, country, weight, height, date of birth, gender, ethnicity and sexual preference information, among other data, was not removed — all of which put together may be enough to identify individual users”. (Osborne 2015)
Following this news many of those victims have filed a class action complaint and lawsuit, blaming the company from not taking the necessary precautions to protect its user’s information. The issue has highlighted to businesses the real life consequences of data leaks and prompting businesses to invest in ‘cyber insurance’ against these cyber attacks (Henderson 2015). However isn’t cyber insurance in essence the ‘paid delete’ function? How successful can cyber insurance be in keeping personal information private, or it still just bytes of information floating above our heads. I guess we will just have to wait and see.
Osborne C 2015, Ashley Madison hack: How much user data did ‘Paid delete’ function obliterate?, accessed 11 October 2015, http://www.zdnet.com/article/ashley-madison-hack-how-much-user-data-did-paid-delete-function-obliterate/
Noble D 2015, Ashley Madison Australia: Scammers threaten users through emails, accessed 12 October 2015, http://www.ibtimes.com.au/ashley-madison-australia-scammers-threaten-users-through-emails-1474328
Henderson, P 2015, Ashley Madison hack powers up ‘cyber insurance’ industry, accessed 11 October 2015, http://www.thestar.com/business/2015/10/14/ashley-madison-hack-powers-up-cyber-insurance-industry.html