In the age of technology it can be hard to keep up. We are constantly deluged by information, and the constant notifications, news stories, and messages can impact our overall well-being and create stress in our lives. However, there’s something else that can impact our stress levels – data breaches that can lead to stolen credit cards, personal information, and even various forms of identity theft. According to healthitsecurity.com, the health care sector saw 15 million patient records compromised in 2018 alone. However, just half way through 2019, the estimate stood closer to 25 million.
Earlier in 2019, the Securities and Exchange Commission (SEC) revealed that the American Medical Collection Agency (AMCA) was hacked for eight months between August 1, 2018 and March 30, 2019. This included data breaches from six different entities, including 12 million patient records from Quest Diagnostics, and up to 25 million people total. While Equifax breaches hit the news, breaches such as this often do not.
So, why does this continue to happen? One of the reasons, is simply ease of access, in a non-tech savvy consumer based economy.
These days, we all carry a mini PC in our pockets. That little computer stores a huge chunk of our lives including photos, documents, personal banking and health care information. We’ve all received the emails about our data being breached by hackers who broke into the servers of a large corporation. We’ve all clicked the “I agree” button on a website without reading the terms and we’ve all been served a creepy ad for something we were just searching for or talking about.
We’ve all allowed apps to access our phone’s functionality and records in return for a better experience. But what do these things really mean?
Let’s start with what your phone and personal data. Your current phone is likely more powerful than the PC you used 10 years ago. It’s faster, more concise and may even have more storage space than the typical 2000s workstation. Your phone also goes everywhere with you. And while it’s with you, it has features that are running 24/7. Those features are collecting data to help you have a better daily experience. They help you manage evening traffic, provide directions to that show you’re seeing tonight, order groceries, send a text, send emails, watch a movie, listen to music and do just about everything you can think of. These are things that have made our daily lives much easier.
However, data comes with a downside. All of that same data being collected which can help you, is also being used to profit from you, and in some cases, profile you. Every time we agree to the terms of an app or website, chances are, we’re agreeing to the data that we submit being sent to other companies who mine said data. Many of these data hoarding companies are then cycling that data back out to advertisers, so that other companies can in turn make a profit off of you by serving you ads. We’ve all seen it… We’re having a conversation, or browsing the web, or texting about something, and then we open up a social media app and boom! There’s an ad for what you were just talking about. Creepy.
But these are all automated processes. In fact, these are the very earliest form of AI that’s been used by the masses. Known simply as algorithms to most people, these complex and adaptive learning systems are primitive AI, which is picking up on you, what you’re up to, and learning how to better interact with you. There’s no one sitting there controlling your data by hand, or picking you out of the data pool. For all intents and purposes, the companies mining your data couldn’t care less about you. Their goals are to inform someone else about why you and so many people like you, do the things you do. That doesn’t mean these companies aren’t violating your personal boundaries though.
Take for example, Cambridge Analytica (CA). Now known as the company involved with data mining during the 2016 US elections and Brexit. CA is widely seen as the entity who helped sway portions of the electorate by targeting demographics most likely to respond to specific political campaigns (real or fake), and then vote based on their own confirmation bias. And, it appears to have worked well. They aren’t the only company– they’ve since rebranded and reformed as another entity—there are thousands of similar companies who are working silently to predict niche events, the usage of products, or how they can sway your purchasing, voting and other private actions in the future. They’re all sharing data and in a lot of cases, they already have your permission.
This data is most easily collected on your phone, which is what you’re using most of the time. But, the data hoarders don’t stop there. They’re after everything, and your private data is not much safer on your typical PC/desktop internet. Earlier in this post, we talked about American Medical Collection Agency hack which took place over eight months. This included lab/diagnostic data from both LabCorp and Quest. That information is important for a data thief. Not only are your SSN and medical records of value, but the idea that those can be held hostage are valuable for extortion. AMCA certainly didn’t publicize this event, and it appears that many users would never know, had it not been for the SEC revealing billing information. Your browsers are loaded with trackers and ad serving software which is also intrusive, and also collecting data points about your web habits. Some of these are sending critical data to thieves, which is then used to find a weakness where they can enter the system and steal information. Other information could include data about your shopping habits, your banking, and really just about anything you do on the web. We haven’t even scratched the surface of this topic, including the 2012 Snowden files, which show the other side of this collection – the government spying on its allies and individuals. This is a topic best left for another post.
Luckily, there are some ways you can help protect your well-being, keep your stress levels lower and keep your data safer online. Here are a few quick tips to help all of us wade through this new wave of data collection.
Block ads – This should be a top priority for all desktop and mobile users – Ublock and HTTPS Everywhere are your best friends. These apps are critical to web browsing. They will kill ads on everything you use (except some mobile apps) and also block trackers which check and share your information. HTTPS Everywhere will force secure connections to your browsers, which will help thwart unwanted attackers. This is the single best step you can take to controlling who is getting your data.
Read the terms – Yeah, this is not fun. No one wants to read legalese, and most of us are quick to just click accept and move on. But, if you’re at all worried about what’s happening with your data… Then, you should be reading the terms. It will usually be clearly marked as to what/how your info is being managed/collected/stored and shared.
Use password management tools – Many health insurers will offer factor two authentication on their websites/mobile apps. This means using two forms of “ID” to enter the site. Typically, this is a phone number, additional email, etc. Many browsers now have password tools, make good use of them. Don’t reuse passwords, and don’t use easy to hack passwords. The most common password on the planet is password followed by 123456. Be better than this. Also, try not to center your passwords on items that can be found about you online (streets you lived on, birth dates, significant others, etc.)
Learn about your digital rights – We, as a society, are critically uninformed about our digital rights and privacy rights. If the words “net neutrality” mean nothing to you right now, put it on your to-do list to change that. The telecoms and cable providers are not going to get in trouble for trampling your rights as an individual. Only through proper policy channels can we affect change that guides the industry. The tech industry will not police themselves.
If you don’t know something, or you need more information, use Google! If you want to use a search engine that doesn’t track your browsing, use DuckDuckGo! Ultimately, be smart with your information. Nothing, not even your personal health information, is above security. Take the precautions now to protect yourself in the future.