Protecting our digital lives is our own responsibility
In the words recently used by President Obama in his remarks at Stanford University, “Everyone is online, and everyone is vulnerable.” (Cybersecurity and Consumer Protection Summit hosted by the White House on February 13, 2015.)
Not everyone is paying attention to what happens in Silicon Valley, perhaps because technology is not a top concern for all of us in our daily lives. It is just one more thing we take for granted, like opening a faucet and expecting water to flow. Many law offices function seamlessly aided by technology to the point that we implicitly trust software more than we trust human beings. However, we have recently been reminded that nobody is immune to cyber attacks.
The colossal hack at Sony Pictures Entertainment, which according to Deadline Hollywood was discovered on November 24, 2014, will make the history books − should any exist in print in the future − because of the scope and the global attention it garnered. More recently, the massive data breach that Anthem Blue Cross disclosed on January 29 gave the Obama Administration and many consumers pause.
Mega cyber attacks: are we next?
When multi-billion dollar companies like Sony and Anthem are hacked, it makes us ponder the questions: what about me, what about my family, my business? Is my data safe? How do I, as a consumer, lawyer, business owner or employee protect my data? Am I taking all the necessary precautions to protect my clients’ data too? More importantly, do I own the data that so many companies have access to?
Anthem is the second largest United States health insurer. The compromised data consisted of social security numbers, personal identification numbers, contact information, salaries, and other employment information. The question remains: why does a health-care company need or have access to our employment information such as our salaries? This could be a gold mine not only for hackers, but to Internet Advertising/Media Companies that could market to us knowing our capacity to spend ahead of time. Nearly eighty million current and former customers were affected. The fact that Anthem was hacked means that some of the medical data that The Health Information Portability and Accountability Act of 1996 (HIPPA) meant to protect, is no longer safe. According to the Privacy Rights Clearinghouse, a California nonprofit corporation, the primary goal of the law was to make it easier for people to keep health insurance and protect the confidentiality and security of their health-care information. The Confidentiality of Medical Information Act (CMIA) is in the California Civil Code and it regulates the privacy of medical information. (Cal. Civ. Code, §§ 56-56.37)
Shortly after the breach was announced by Anthem, Fortune Magazine reported that consumer lawsuits had been filed in California and Colorado. The complaints allege that Anthem did not take appropriate precautions to encrypt its customers’ data prior to the breach.
The Jetsons have nothing on us
Although that television show was on the air for only 24 episodes in 1962, The Jetsons are part of the fabric of our culture when we refer to American futuristic dreams, many of which have become a reality. Does your neighbor own a drone? Perhaps. Computers of varying sizes permeate every area of our lives. We are connected whether we are aware of it or not, every day. If you can fog a mirror, you are probably using a computer or are online at some point each day. If you think you are getting off the grid when you leave your office for the day, you are not. The elevator you take to leave your office is operated by a computer. If you drive a modern car, and you probably do, that car is run by computer chips. Once you get home, eat dinner and get on your tablet or your smartphone, you are online and vulnerable to hackers again, unless you protect your devices with encryption and other safeguards.
We implicitly trust all of our important documents, priceless photos of long-lost relatives and precious snapshots of our children to the various clouds or keep them in the memory of our digital devices. Your smartphone is a little computer that has tremendous capabilities. It can get hacked even if you are not a celebrity or anyone in the public eye.
It sounds alarming, but how did we get here? Driving down the information highway in search of a little history may seem like an episode of the cable television show The Americans, set in 1981. The premise of this FX show is based on the true story of a married couple of Russian KGB agents hiding in plain sight during the Cold War. In the story line they attempted to steal secrets from the FBI, such as the “ARPANET.” It may seem like it happened in ancient times, but it actually happened in the 1980’s.
A cyber story
Before we had the Internet as we know it today: with social media, Google and Apple, there was only the Advanced Research Projects Agency Network, known as the ARPANET. It was a computer network developed by the Advanced Research Project Agency in the 1960’s and 1970’s as a means of communication between research laboratories and universities. ARPANET was the predecessor of the Internet.
According to a study written by author Ronda Hauben at Columbia University, in the process of development of the ARPANET networking pioneers built a communication process first via email. In 1980, the United States Department of Defense (the DOD) decided that the ARPANET was slowly becoming obsolete. They proposed new hardware and decided to have networking capability built into software that would be used to connect computers that were not compatible.
In layman’s terms, instead of connecting two computers, the software would allow them to connect different networks of computers. Why is this important, you ask? The networking research was funded by the U.S. Department of Defense because of how important it was to our government. In 1980 the network reportedly included approximately five thousand users. In 1987, Yuris Fuentes, a graduate student at University of Wisconsin at Madison at the time, was one of those five thousand users. He was able to send emails to his friends at the University of Chile. It was history in the making. The University of Chile was on the early network because of its connection to the National Aeronautics and Space Administration (NASA). According to Mr. Fuentes, by 1986 the complete world-wide computer network diagram could be printed in a very legible piece of paper that fit on an office door. You can still see that historic chart – you guessed it – on the Internet (see references at end of article).
Smartphones have become our daily companions. Some of us go to sleep with the phone at our fingertips and wake up when it alerts us. The problem is that we have gotten so comfortable with our digital devices that we tend to get complacent. We forget that we are putting financial information, tax records, health records and photos that could be hacked and deleted with a few keystrokes by a bad actor.
In a recent San Francisco radio interview Marc Goodman, a former law enforcement officer, now cyber guru and author, recounted what happened to Mat Honan, a feature reporter for Wired Magazine. Mr. Honan had all of his digital devices digitally kidnapped by a group of hackers who invaded all of the reporter’s devices and deleted everything that he had saved on each device and on the cloud. Forever.
Like so many of us, Mr. Honan did not have hard copies of many of the pictures that he had stored digitally. Some of the pictures of his ancestors and his young child were impossible to reproduce after they were deleted. According to Mr. Honan’s own 2012 article about his nightmare experience, the hackers deleted everything in his MacBook and eight years’ worth of emails in his Gmail account. The hacker did not have a vendetta against him. He simply wanted to take over the journalist’s Twitter three-character username, because he wanted it for himself. Messing things up for Mr. Honan was just gravy according to one of the hackers’ own admissions. It was done for fun.
Who’s watching me?
The 1980’s were abundant in songs that mentioned some form of paranoia. Who can forget “Somebody’s Watching Me”(by American artist Rockwell, released by the Motown label), or the first single by Men at Work: “Who Can it Be Now?”These two songs would be very trendy in today’s society. Technology has made it so easy to monitor employees in the workplace that it has become standard operating procedure for many companies. Even though the law contains many protections for employees’ privacy, some employers are determined to monitor every keystroke, every website visit, and how much time each employee spends on the Internet for his or her own personal use.
Protecting your devices
There is a Do it Yourself Guide with the basics for protecting your digital devices across all platforms available for free at https://www.opendns.com. Leo Laporte, a popular Bay Area technology journalist and guru, recommends it. Once you are on the site, you may change your DNS settings (which are like the phone directory that routes Internet traffic) or set up controls to protect all of your Internet-connected devices at once.
Our digital future remains un-certain and exciting at the same time. Technology can cut both ways and it is up to us to protect what matters most in our digital lives.
White House website https://www.whitehouse.gov/issues/foreign-policy/cybersecurity/summit
Swisher, Kara, President Obama: The Re/code Interview. Published 2/13/15 YouTube
Hauben, Ronda, From the Arpanet to the Internet, Columbia University, http://www.columbia.edu/~rh120/other/tcpdigest_paper.txt
Huddleston, Jr., Tom, Anthem’s Big Data Breach is Already Sparking Lawsuits. Fortune Magazine, 2/6/15
Saint John, Liz, Weekly Public Affairs Show, Sunday Magazine on Alice@97.3 radio. Interviewing Marc Goodman. Broadcast date 3/4/15
Cisco website: http://share.cisco.com/internet-of-things.html
The Bit Mat network circa 1986- http://personalpages.manchester.ac.uk/staff/m.dodge/cybergeography/atlas/bitnet_topology.txt
Rebecca Hirsch, J.D. is a bilingual legal researcher, a writer, and a Spanish/ English translator. She can interview witnesses while translating for them. She attended the University of Chile, where she majored in Literature. She received the Outstanding Volunteer in Public Service Award by the Bar Association of San Francisco three times. Her translations include four consumer legal books published by Bet Tzedek, a public interest law center. She received the Wiley Manuel Award by the State Bar of California twice for her public interest advocacy. A music and TV enthusiast, she sings with two nonprofit choirs.
2023 by the author.
For reprint permission, contact the publisher: www.plaintiffmagazine.com