April 19, 2017 By Douglas Bonderud 2 min read

Digital privacy is a hot topic. Contentious net neutrality discussions have been happening for years, and the American government recently empowered companies to buy consumer search histories from internet service providers (ISPs).

Add in the increasing number of device searches carried out by border security personnel — often requiring travelers to give up their passwords voluntarily — and it’s clear that users need a new strategy to keep their data safe. Computerworld suggested one solution is tossing the truth to embrace the value of little digital lies.

Is Digital Privacy Inherent or Optional?

Do citizens have an automatic right to digital privacy? Should it be an inherent part of the contract with any ISP, or are companies only obligated to offer such protections if consumers are willing to pay? Forbes noted the recent decision by Congress empowered ISPs to collect and sell browsing data made this a critical consideration for consumers.

For example, proponents of less powerful privacy legislation argued that ISPs and social giants such as Facebook — which already collects and sells consumer data — are not fundamentally different and should both be given the same opportunity to make a profit. Privacy-as-a-right supporters, meanwhile, make a double case: Shouldn’t consumers have the right to opt out of the collection and distribution of personal data, and see who’s using it if they opt in? Furthermore, if they do allow such collection, shouldn’t they get a portion of the revenue?

Privacy is also making corporate waves. More than 200 American companies are now covered by the EU/U.S. Privacy Shield legislation, which sets data collection and notification requirements while protecting companies from undue harm.

Ultimately, digital privacy is now moving into a new realm of debate: Are these concepts more accurately described as unassailable rights or legislated privileges?

The Art of Lying Well

While government mandates tilt the privacy issue to one side or the other, consumers can’t wait for the hammer to fall before protecting their data. Traditional privacy methods that rely on concealment — such as creating strong passwords, using VPNs and encrypting data — may no longer be enough. If passwords are up for grabs, ISPs are selling data and tech companies build in easy access backdoors, obfuscation is sound and fury that amounts to nothing.

Computerworld noted that one solution is polluting web browser and social site history with fake searches and queries designed to lower the value of private data. The source considered the theory of Steven Smith from MIT, who promoted a concept that polluted web traffic with arbitrary searches and site visits.

An example of this method is the browser plugin Noiszy, which produces “misleading digital footprints around the internet” by visiting random websites. Given the current privacy climate, expect a sharp rise in the number and sophistication of these tools over the next few months.

Telling the truth is always a good idea — until innocuous search data or social posts become potential threats and valuable commodities. To stay safe online, consumers may need to master the art of digital disinformation.

More from

How to calculate your AI-powered cybersecurity’s ROI

4 min read - Imagine this scenario: A sophisticated, malicious phishing campaign targets a large financial institution. The attackers use emails generated by artificial intelligence (AI) that closely mimic the company's internal communications. The emails contain malicious links designed to steal employee credentials, which the attackers could use to gain access to company assets and data for unknown purposes.The organization's AI-powered cybersecurity solution, which continuously monitors network traffic and user behavior, detects several anomalies associated with the attack, blocks access to the suspicious domains…

Being a good CLR host – Modernizing offensive .NET tradecraft

14 min read - The modern red team is defined by its ability to compromise endpoints and take actions to complete objectives. To achieve the former, many teams implement their own custom command-and-control (C2) or use an open-source option. For the latter, there is a constant stream of post-exploitation tooling being released that takes advantage of various features in Windows, Active Directory and third-party applications. The execution mechanism for this tooling has, for the last several years, relied heavily on executing .NET assemblies in…

The current state of ransomware: Weaponizing disclosure rules and more

4 min read - As we near the end of 2024, ransomware remains a dominant and evolving threat against any organization. Cyber criminals are more sophisticated and creative than ever. They integrate new technologies, leverage geopolitical tensions and even use legal regulations to their advantage.What once seemed like a disruptive but relatively straightforward crime has evolved into a multi-layered, global challenge that continues to threaten businesses and governments alike.Let’s take a look at the state of ransomware today. We’ll focus on how cyber criminals…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today