The Microsoft Exchange vulnerability debacle, which has been reported on to extensively by The Hacker
There is an interesting article over at Forbes today detailing how if you thought Facebook hadn’t lost their credibility yet on privacy, they certainly have now. For about the past six years, Facebook has been storing all the passwords you have used in clear text within an internal database that all of their staff have had access to. Yes, that means anyone in Facebook could have gotten into your account, or possibly just taken the whole database and dumped it for the world to have. Facebook is a little fuzzy on if anything nefarious has been done with this data or not.
The large implications, as the article’s author points out, is that this constant disclosure of personal data is desensitizing us to the serious implications that they truly have. Ultimately this could result in other companies taking the stance that there is no need to secure data any longer because no one really cares if it is protected or not. It comes down to us, as consumers and as the owners of this data, that we demand companies be held accountable to keep it safe. Either that, or we need to actively stop using these services. I don’t know how likely that will be in the case of an organization like Facebook since people are so invested in it that leaving is almost impossible to comprehend for many. Yet this is what is going to be required if these companies are going to be forced to change. Otherwise nothing will change and your data will be available to anyone, anywhere, anytime with no ability to control its spread.
The question then becomes, how important is your data, your private information, to you? Do you value it and if so how much? If the value is high then inaction is no longer acceptable and you must begin to advocate for stronger protections around that information. How can you advocate for this? Check out the resources below:
- ACLU Consumer Privacy resources
- Electronic Frontier Foundation privacy resources
- The Privacy Coalition
- The Electronic Privacy Information Center
- Privacy International
- Privacy Rights Clearing House
And of course, you can always write or call your elected officials to demand action on regulatory change.