Responsible data access, analysis and management will remain an issue that is top of mind for advocates and select government agencies for years to come. Indeed, people paid attention when Google recently issued a statement saying that it is now accelerating a program to encrypt information flowing between its data centers. The move by the company comes on the heels of revelations by in the mainstream media about the U.S. government’s access to online information (PRISM ring a bell for anyone?). Programs like PRISM boil down to one simple concept that the American populace has yet to fully come to grips with when the U.S. government’s eye is turned toward us: spying.
For what it’s worth, Google’s actions go much further than solely limiting U.S. government access to user data (and these measures will not prevent all reviews of user information by American agencies like NSA). These measures, more importantly, will decrease the likelihood that foreign governments and other players in digital data thievery(example: hackers) can easily access this information. It’s telling that a senior Google security representative referred to this dynamic as an “arms race.” But perhaps this isn’t the most distorted lens through which to view the systems that collect, analyze and protect the data that represent our every online detail and interaction.
Take the words of outgoing Secretary of Homeland Security Janet Napolitano, for example. In what could be her last official speech as head of national security for the country, Napolitano issued an ominous warning that an economy-shifting cyberattack on U.S. data systems is all but imminent. Secretary Napolitano’s warning cannot be taken lightly, considering that any type of data breach powerful enough to impact the broader economy would undoubtedly send reverberations through our collective daily lives.
We’ve seen very recent examples of foreign players accessing and manipulating systems with marginal impacts. The Syrian Electronic Army took responsibility for The New York Times website’s recent outage, which was executed through a DNS attack (more on how this transpired). The interesting thing to note here is that the SEA did not gain access to The Times’ servers, but things could have been much worse had this happened. With access to the servers, the SEA could have hacked directly into the e-mails of Times reporters (surely full of interesting information from high-level sources) and even changed content on the website. In this particular case, the SEA’s primary motivationi could be said to be a desire to raise the profile of the turmoil in Syria (“hacking for good”?). But one can imagine the the unrest that could be injected into American society should the country’s top newspaper have its website altered by actors with less than wholesome intentions.
So is this truly an arms race–the multifaceted nature of data management in our highly connected world? There’s no doubt that conflicts between nations will play out less on what we consider traditional battlefields, and more within the digital realm. Google’s move to place stronger protections on user data indicates that consumer attention on who has access to online user data is likely to increase as well. More and more, he who controls access to data will be he who holds the key to the castle.
Image Source: Flickr/infocux Technologies