Since the moment of birth, humans are endowed with a few basic facts of life. We have lungs to breathe, a few strands of hair on our heads and a few other pleasant features, like eyes, ears, hands, feet and all the rest.
But we are also born with a secondary set of features, known around the world as data.
If you are born in the United States, you are quickly stamped with a Social Security number, which means your name, date, and place of birth become the building blocks of your data profile, which only grows as you get older. By the time of our deaths, most of us will by then be encumbered with enough data to fill a small moving van.
Every school we attended, every class in that school, every grade in every class and every test and paper grade for that class is recorded somewhere. In addition, every trip to the doctor’s office is now dutifully typed into a laptop and held on file somewhere. Beyond that, every interaction with the government from driving licenses to dog licenses, every purchase made with a plastic card and every job ever held is now floating around in the ethernet in the form of raw data.
It’s a complicated network that largely has made society faster, more efficient, and better informed. But it comes with a price. Companies may require enterprise security and managed data because the security issues that threaten persons also threaten larger organizations, especially ones that store customer data.
Experts say to hide data behind layers of security. In the real world, a thick steel door will do the trick, but in the digital world, thickness is provided by layers that work a bit like hiding cheese inside of a maze.
Physical protection is required for the actual virtual servers that hold the data, but the digital attacks are far more stealthy. Like any break-in, a quick response is vital. Networks require rapid detection, an analysis that allows for a response “before damage is done.”
This is as critical for personal health issues as it is for personal banking, credit or academic records.
Think of it this way: every haircut I have ever been given since I started using credit cards is recorded somewhere. It makes you stop and think, doesn’t it?
And then there is social media. It turns out that the most innocuous form of data – basic chit chat with friends and relations that is typed into your computer – could be the most pernicious data ever recorded.
Why is chit-chat so potentially dangerous? Because every word you use can be picked up by the data-sphere and churned into a nefarious purpose. Type in the word “scuba gear,” as I have just done, and I, who have never gone scuba diving in my life, can suddenly fall prey to every scuba gear marketing campaign for the rest of time. I’m not saying this will happen. But it could.
Do you have a cold? Maybe you should consult data experts, as well as a doctor.
Security companies suggest that you hide your data under various layers of protection. Trend Micro specializes in business security involving attacks by hackers, but theft of personal information is, in fact, where the rubber meets the road.
“Loose lips sink ships”
Is this so particularly harmful that the world knows you have a cold? In the good old days, what would it matter if my newspaper suddenly had ads for cars in it soon after I mentioned to a friend that I was in the market for a new car. What would be the harm in that? Wouldn’t that be a good thing?
We know how this goes the other way. A breach of data security at your bank can mean your Social Security number, phone number, address, various credit card numbers and other sensitive data can be made available to outright thieves. Identity thieves can make purchases in your name. That cuts right to the heart of the matter.
But every avenue of your life can be seized upon in some nefarious way. Does it matter if the world knows you have a cold? Maybe not so much – but it could.
Take the case of the American Medical Association. It turns out this reputable organization earns a fair percentage of its budget by selling Drug Enforcement Administration numbers to a data collection business (named IMS Health). This legitimate business then combined this information with data collected from pharmacies and, in turn, they sold this matched-up data to pharmaceutical companies, who used that information to track prescription writing by individual doctors.
That meant a huge pharmaceutical company could figure out if you were taking a drug for anything at all – basically from afar they could diagnose whether or not you had a cold or cancer or a venereal disease.
This data loop was then used to market drugs to doctors. So, even before this data was available online and could be accessed by a hacker, private companies were paying handsomely to track your footsteps, essentially, between your doctor’s office and your drug store. And they knew what was going on in both locations.
Such detailed information is not only considered a serious breach of privacy, companies used that information to sell your doctor on prescription drugs that may or may not have been the best scientific answer to your particular ailment.
To visualize the process, think of you going to a doctor’s office and receiving a specific diagnosis. Then, just while the doctor is scratching his or her chin to think of what drug might benefit you, a sales representative slips into the room and whispers in the doctor’s ear or drops a note in the doctor’s pocket. “Hmm,” the doctor thinks, “How about prescribing …” and the answer is the drug recommended by a profit-oriented sales rep, who is neither a scientist, a doctor or a pharmacist.
Should you never mention to a friend on Facebook that you have a cold? That may be an extreme response. But remember what they said during World War II: “Loose lips sink ships.” If the data is out there, it could come back and haunt you down the line.