The issue of privacy is an especially hot topic, with controversies such as the NSA and its seeming purpose to spy on Americans in 2013, and more recently, the leak of explicit Snapchat photos. The Internet, being an information and communication portal, is essentially a public space, and those who seek privacy are often disappointed. But can we use the Internet and still expect a level of privacy?
Yair Levy, professor at the Graduate School of Computer and Information Sciences and director of the Center for e-Learning Security Research, the answer is no. In the U.S., we produce and store information about individuals using the Internet, and companies, unfortunately, are able to share this information, either by law, through hacking, or other means in which the information is disclosed.
In fact, South Florida is the world capital of identity theft, credit card fraud, point-of-sale malware that causes issues like the Target case, and other forms of cybercrime, Levy said.
“The reality is that unless you were born in a very, very remote country that is not digitally and technologically savvy, we know things about you, whether you want it or not,” Levy said.
Ironically, some private information can be found through public record. Levy showed that a quick online search of anyone’s name can yield patches of information from different websites, such as background check sites, Facebook, online legal archives and business records, that can be put together to make a patchwork quilt of someone’s life. This process can be shortened by paying about $40 to certain websites, such as intelius.com, to give you all of the person’s information in one shot.
“The concern that I have as a researcher in the area of cybersecurity is not that this information is available but the ease at which people can actually get that information,” he said. “It’s alarming because what I can do is very quickly develop an entire profile on you.”
Cybercriminals can actually spend some time putting this information together to steal your identity and commit crimes under your name, such as credit card fraud and tax evasion.
On the other hand, Levy also said the seeming lack of privacy is crucial in the hiring process. If a person wants to hire someone, the employer will want to know who that potential employee is.
“You have to be reasonable; there are plenty of benefits in this information being available for our society as a whole,” Levy said.
To ensure that you are protected, you need to have these state-run databases that will provide you this information so that you don’t hire a person or use a service that has a bad reputation. But to know this information, it has to be openly available online. On one hand, privacy is important, and those who value their privacy wouldn’t want their information freely available online. The trade-off, however, is that in order to see this information about others, you can’t expect certain pieces of information about yourself to stay private because of public record and the use of social media websites.
Wei Li, professor at the Graduate School of Computer and Information Sciences, said it people do not care about their privacy like they used to; they post all the details about their daily life to their friends and the community.
Levy and Li believe people need to realize that there needs to be a balance.
“I think both users and service providers need to be aware that if they do not work together, the information cannot be protected,” Li said.
Li said strong security measures are inconvenient, and people don’t like them. People do not like having to change their passwords every so often or having to use passwords that cannot be easily guessed.
“People want more freedom; after all, this is a freed country, but they should assume part of the responsibility,” he said.
Levy described that on Cybersecurity Day on Oct. 22, 200 high school students came to NSU and FBI agents talked about cybersecurity and issues related to it. One of the things the agents stressed was to make sure not to document every little piece of your life online, because not everyone needs to know all your patterns of life on Facebook and Twitter. There is a new emergence in this generation: it’s very eager to broadcast their lives, and there is a danger in that.
“That’s the way that you can take control of your own privacy,” Levy said. “Awareness is the most important factor.”
Li thinks security should be a mindset, all undergraduate students should take a basic information security course and they should understand what technology can and can’t do. They should understand the whole picture; if someone does not protect their private information, the technology that is supposed to protect it has no use.
Li described the methods in which companies and individuals use technology to protect private information. Passwords are the simplest, having to provide information such as a social security number, date of birth, and hometown increase difficulty, layers of encryption are a bit more complicated and the utilization of finger printing or iris scanning makes it almost impossible to view someone else’s information. But allowing others to know information about you or leaving your password in an open area makes the technology useless.
“The technology is already there; it depends on the people and how they use it,” he said. “The privacy is on the user’s side; it depends on whether they want to better protect their own information.”