Do you know where your data is?
University of Iowa Health Care officials reportedly are notifying more than 5,000 patients their private information was mistakenly exposed online and went undetected for two years. In this case, damage appears minimal, but breaches such as this have become common.
It’s an important reminder — anywhere data exists, it can be leaked. That includes personal information we disclose to the government and businesses, and information they glean without our consent.
Mass data collection has been a national concern since 2013, when journalists published the first reports on U.S. surveillance practices based on documents from whistleblower Edward Snowden. Many Americans saw concrete evidence for the first time that our own government was conducting blanket-surveillance of innocent citizens.
When critics of the surveillance state complain about mass data collection, we talk a lot about how government agents might use their power to target non-violent crime or to target political opponents. People often think we are conspiracy theorists.
But the perils of data-collection are very real, if not always so nefarious.
Data can be abused by law enforcement and security agencies, but also by hackers and negligent webmasters, who mistakenly post private information to public corners of the internet, as with the recent UIHC leak.
Last month, internet sleuths uncovered a massive voter data cache mistakenly stored on the open internet, available for download by anyone with the correct web address. The files included personal information about nearly 200 million voters gathered for use by Republican campaigns and consultants.
The leaks we know about are only a portion of the total. Breaches can be discovered and then cleaned up before consumers know anything about it, making it impossible for any of us to know which of our personal details have been accessed by the wrong people.
ARTICLE CONTINUES BELOW ADVERTISEMENT
Americans ought to be well aware by now of the potential pitfalls of storing personal information, yet we’re storing more data, not less.
For example, Iowa expects to become the first state in the nation next year to offer a digital driver’s license stored on a smartphone. The system will collect email addresses, facial recognition data, and possibly even fingerprints from users.
Most of us willingly give nearly unlimited access to our personal information through smartphones and web browsers. Millions of us now are installing personal assistants with internet-connected microphones, always listening.
I trust Google and Amazon more than I trust the National Security Agency, but it’s difficult to imagine at least some portion of the millions of data points they have about me can’t be accessed by hackers and the government.
What now? Our data already is out there and the tools that make our lives more convenient rely on it.
For starters, we can stop creating databases. Even when those databases seem to suit our political goals, like gun registration for liberals or immigrants for conservatives, they end up bloating the surveillance state, endangering everyone’s privacy.
• Comments: Sullivan.AB@gmail.com; adam4liberty.com