Hackers broke into a website that invites married people to cheat on their spouses, exposing personal information about millions of users, the New York Times reports.
The owners of the website, Ashley Madison.com, issued a statement calling the actions of the hackers illegal. “It is an illegal action against the individual members … as well as any freethinking people who choose to engage in fully lawful online activities,” a statement from Avid Life Media said. “The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world.”
The hackers, though, say their theft and publication of users’ information had nothing to do with morality. Rather, they exposed the information to prove that data on the Internet is not secure, regardless of whether a company promises it is, according to a story on ABC News.
Voxitatis reported in October that there were four basic threats to the privacy of data stored online, including data about school records and possibly personally identifying information about minor students:
- criminals, such as in the Target or Home Depot breaches
- incompetent I/T staff, such as in the University of Maryland breach
- whistle blowers, as in Edward Snowden (see also #1)
- educators who don’t appreciate computer security, ubiquitously
For schools, unless and until these people are eliminated from the path of any student data, the public should never warm up to allowing companies to store students’ personal data, such as test scores or how well Johnny is learning fractions or what types of dolls Susie plays with, on their computer systems or in their data warehouses.
I’m not sure which group the Ashley Madison hack falls under—probably a combination of #1, #2, and #3. But as New York Times op-ed writer Jennifer Weiner points out, tongue-in-cheek, many of the people who signed up for Ashley Madison.com were too “stupid” or “lazy” to sign up for a fake email account from Gmail.com or some other email service provider before they divulged their personal information.
Although I don’t quite find the humor funny, it’s interesting that so many people still expect privacy from a website. In the presence of any of numbers 1 through 4 above, those promises aren’t worth the bits they’re written on. Given that the site is for cheaters, there’s a slight chance many of them wanted to get caught. They like to live dangerously, these people.
But still, fake emails can be traced by someone doing private investigatory work. I’m therefore pretty confident that the Ashley Madison.com victims—philanderers from a different perspective, but victims in the sense of privacy being invaded—were just too stupid to know privacy can’t be guaranteed so it shouldn’t be expected or too lazy to find an easy way to cover up their identity.
In that regard, they are no stupider or lazier than officials in our schools. They believe, in the face of powerful evidence to the contrary, that their privacy will somehow be protected if they use the Internet. They trust privacy policies that suggest their data won’t fall into criminal hands, won’t fall victim to incompetent I/T personnel, and won’t ever be exposed.
They believe these things about their own Internet activity despite having heard, no doubt, about several privacy breaches on systems that are much more guarded than the ones they’re using. They believe high-tech corporations care about their privacy, that good people are actually smarter than bad people, and that they are immune to the publication of their personal information when someone wants to prove a point.
Voxitatis has always maintained—and we are turning blue in the face—that Internet privacy cannot be guaranteed. The only way to make sure student data that is potentially sensitive won’t fall into the wrong hands is to not give it to anybody in the first place. And don’t even think about sending it to Facebook or to a school database maintained by for-profit corporations with shareholders who are, ultimately, more concerned about financial gain and keeping companies afloat than about your kid’s education or the quality of his school.