One specific data breach was In 2019, Snapchat employees used an internal tool to access user data.
They used this to spy on users, including data like location, phone number, and saved snaps
The tool was originally designed for law enforcement and court orders, but some employees were using it outside of the need for law enforcement or court orders to collect information like emails for personal reasons.
What was the harm caused?
The harm caused is employees having access to data they shouldn’t, and being able to use it for personal reasons.
Even the idea that they have a back-end tool for law enforcement or for court orders is worrying, as it almost shows our data isn’t truly private, and that we are always being watched somehow
In The Goal Is To Automate Us, it is said “First of all there was the arrogant appropriation of users’ behavioral data – viewed as a free resource, there for the taking. Then the use of patented methods to extract or infer data even when users had explicitly denied permission, followed by the use of technologies that were opaque by design and fostered user ignorance…the entire project was conducted in what was effectively lawless – or at any rate law-free – territory.”
This quote really is a massive issue with the snapchat data being viewed by employees and how users should be very concerned about how their data is being stored, by who, and how it can be accessed.
more on the harm
The results of data breaches can be bad for users and companies. For companies, it can result in large financial losses.
According to the Harvard Business Report, “It is well known that a cyber incident can sink an organization’s stock price, especially in the short term. Publicly traded companies suffered an average decline of 7.5% in their stock values after a data breach, coupled with a mean market cap loss of $5.4 billion”.
Data breaches are also terrible for users, with their personal information and data potentially being used and sold by bad actors. While users may get compensation from the companies this happened with, they cannot have their data un-stolen.
how to mitigate the harm
The harm may be mitigated by people becoming more aware of how their data is being stored and used, as well as having knowledge that these back-end tools exist.
Surveillance Capitalism Apathy, it is said that “ignorance and cynicism are often behind surveillance apathy. Users are either ignorant of the complex infrastructure of surveillance, or they believe they are simply unable to avoid it.”
I think that building more awareness of this “complex infrastructure of surveillance” will help users make more informed decisions on the media they use, whether it be snapchat or other social media.
Something like an educational campaign should be done to help inform users about the potential risks and the importance of data literacy in protecting their privacy.
Transparency reports on how user data is accessed and who has permission to access it from the tech giants themselves would be good.
They should also implement more privacy settings and have clear, user friendly information on how their data is being used.
Tips based on my research
- Try to stay informed: Keep an eye on how different social media collect, store, and use your data
- Review privacy settings: Regularly review and customize your privacy settings on your social media accounts. Ensure you are only sharing the information you are comfortable with and restrict access to you data as much as possible
- Be skeptical of permissions: Question the necessity of permissions requested by apps. If an app asks for access to data that seems irrelevant to its function, consider denying the permission or not using the app.
- Be cautious of what you share: Think twice before sharing personal information online. Even seemingly harmless details can be pieced together to form a more complete picture of you.
- Demand transparency and accountability: Advocate for greater transparency from companies regarding how they handle user data. Support policies and regulations that aim to protect user privacy.
- Consider alternative platforms: If a platform has a poor track record of protecting user data, consider using alternative services that prioritize privacy and security.
sources
The Goal Is To Automate Us
Surveillance Capitalism Apathy
https://www.virsec.com/resources/blog/snapchat-employees-abused-data-access-privileges-to-spy-on-users
https://www.idtheftcenter.org/post/2023-annual-data-breach-report-reveals-record-number-of-compromises-72-percent-increase-over-previous-high/#:~:text=According%20to%20the%202023%20Annual,high%20in%202021%20(1%2C860).
https://hbr.org/2023/05/the-devastating-business-impacts-of-a-cyber-breach
Credits:
Created with images by • Summit Art Creations - The modern creative communication and internet network connect in smart city . Concept of 5G wireless digital connection and internet of things future. • Bits and Splits - Data breach concept with faceless hooded male person • jirsak - Cybersecurity corporate data concept with shocked user