Joel Wallenstrom is now president and leader of Wickr, a secure communications company. Before Wickr,” Joel co-founded iSEC Partners, among the planet’s top information security research teams, after acquired by NCC Group, also served as Director for Strategic Alliances in @stake, among the very first computer security companies in the industry.
The “below the belt selfie” media circus surrounding Jeff Bezos has created encoded communications top of mind one of nervous executive handlers. Their premise is that a product with serious cryptography such as Wickr — where I work Signal could have helped assistance Mr. Bezos and Amazon avoid this drama.
It’s a fantastic premise, but a troubling conclusion.
I worry that moments such as these will drag considerable cryptography down to the level of this National Enquirer. I am concerned that this media cycle can lead individuals to view privacy and cryptography for a safety net for billionaires rather than transformative solution for data minimization and privacy.
We dwell from the chapter of computing when data is certainly caused by unprotected because of company indifference. The leaders of our new market — just such as the vast bulk of society value short-term and convenience gratification over the privacy and security of consumer, employee and corporate data.
We cannot permit this press cycle pass recognizing that when corporate executives choose a laissez-faire way of digital privacy, their employees and organizations may follow suit.
Two recent cases illustrate that the privacy indifference of our leaders:
- The most powerful executive at the entire world is indifferent to, or unaware that, unencrypted online flirtations could be accessed by state states and competitors.
- 2016 presidential campaigns have been indifferent to, or unaware that unencrypted online communications detailing”off the record” correspondence with media and payments to mature actor(s) would be accessed by state states and competitors.
If our leaders do not understand and respect online privacy and security, then their organizations won’t make data protection a priority. It’s no real surprise that we see a steady flow of large corporations and federal agencies breached by state countries and competitors. Who can we search for direction?
GDPR is an early attempt by authorities to lead. The European Union enacted GDPR to ensure individuals have their data and enforce penalties on organizations who do not protect personal data. It relates to all data processors, however, the EU is clearly focused on sending a message into the large u.s.-based data processors — Amazon, Facebook, Google, Microsoft, etc.. In January, France’s National Data Protection Commission delivered a message by fining Google $57 million to violating GDPR rules. This was an unprecedented alright which got international focus. But, we must keep in mind that at 2018 Google’s revenues were more than $300 million… per day! GDPR isalso at best, an annoying speed-bump from the monetization plan of large data processors.
It is through this lens which Senator Ron Wyden’s (Oregon) idealistic call for billions of dollars in corporate fines and prison time for executives who empower privacy breaches can be seen as reasonable. When record financial penalties are irrelevant it is logical to pursue other avenues to safeguard our data.
Real change will come when our leaders understand that data privacy and security may boost profitability and dependability. As an example, the Compliance, Governance and Oversight Council accounts that a company will spend around $50 million to protect 10 petabytes of data, also that approximately $34.5 million of that is used protecting data which needs to really be deleted. Considerable efficiencies have to be accomplished and serious cryptography can help.