Although the COVID-19 crisis has given us a lot to be nervous about in the short term, what scares me even more is the potential for the crisis to permanently erode our freedoms.
In response to the pandemic, it’s clear that we will be shifting more of our productivity, learning and communication online. As our use of web-services grows, we need to pay more attention to the lack of data privacy rules to protect our rights on the Internet.
One of the first things we need to look at is the explosion in the use of the video conferencing platform Zoom. Hackers are “Zoom-bombing” video conferences, doing everything from listening in to making disruptive noises, and in several cases, showing pornography. The solution proposed by the FBI is to kick hackers out of the conference and alert law enforcement. This response is wholly inadequate and shows how unprepared the United States law enforcement is at fighting cyber crimes such as hacks and data breaches. According to the University of Cincinnati Political Science professor and data privacy researcher, the FBI does not have funds to investigate most cyber crimes, especially ones as frequent and minor as Zoom-bombing.
Although the Zoom-bombing might only be a minor annoyance, the FBI’s response to major cyber crimes, such as big data breaches, is not that much more robust. The fact of the matter is that without a dedicated law enforcement branch, internet users in the United States will never have the protection they need from cyber crimes. Under the current system, bad actors on the internet rarely go punished. This cannot continue as we increasingly utilize these web-services.
Another situation that we need to look at is the mass data collection by technology companies. The New York Times recently published an article in which they used cell phone data collected by the telecommunication companies to track how well people in different areas of the United States were practicing social distancing. Although this data can be useful in fighting against the COVID-19 and future infectious diseases, we need to have the political conversation of what appropriate data collection looks like in our country.
Who has access to our data? How specific and how much of our data do we own? How is our data being protected from bad actors? Are we okay with private companies having our data? Who is liable for a data breach? These are the questions that we need to be asking our lawmakers as we move more of our daily activities onto a digital space.
We cannot just allow any company to collect any data they want from consumers. One concern is that people need to know that their data is stored in a secure manner. For example, operators of a website need to inform consumers of the levels of protection that are keeping user data safe and the federal government needs to enforce some minimum safety standards.
The second concern is who owns the data. Other than health records and personal information, companies aren’t for keeping our private information safe. They don’t even have to tell us if our data is stolen by hackers. One way to change this is by making sure personal data collected by companies remains the property of the user, not the company itself. This would allow all of our data to be protected. Something that is necessary if we are to preserve our personal liberties.
COVID-19 is a moment where we need to think about the places our society is weak. As more of our lives shift to the digital world, we need to have a much needed discussion about the rules of engagement.