On Tuesday November 22, 2016, there was a full front page advertisement published in The Times of India. It was for one of India’s top consumer Internet startups – Paytm that is currently valued at about $2.3 billion. In bold letters the advertisement urged readers to “Become a part of India’s Digital Revolution!” and that it was “100% Safe & Secure” to use their solution. The fastest growing major economy at that time had recently made a bold move to step on the accelerator towards digitization.
Common Lies on Digital World
There is simply no such thing as “100% Safe and Secure” in the digital world. For anyone wanting to learn and understand the big picture on cyber security, I suggest watching this Keynote at the Blackberry Cyber Security Summit 2016 from the Former Mayor of New York City, Rudy Giuliani. When someone who took on the white collar frauds from Wall Street, drug cartels from Colombia and the Italian mafia talks about the capabilities of organized crime (cybercrime or not), I will take it seriously.
Let me highlight a few points:
Fastest growing form of crime in the world is cyber theft.
Cybercrime affects national security and is growing at 20%-40%.
It is going to be our challenge for the next 10-15 years for our security to catch up with our ability to use, store and gather information.
During 2016 RSA Conference in San Francisco, Bruce Schneier, Chief Technology Officer, Resilient Systems, put forth suggestions on the way forward to deal with the cyber mess. His recommendations included the need to start disconnecting digital systems that make our society less secure and creating a new regulatory framework. Sadly, the corporate inertia in America is taking it in the wrong direction.
On the consumer side, “I’ve read and understood the terms and conditions” is the most common lie we make in the digital domain. Neither do we fully read them nor do we fully understand the terms and conditions when we download and use digital apps. As Finnish Data Privacy Specialist Jarmo Eskelinen points out, digital platforms need our data to work and we do not know where our information is and how it is being used.
Fundamental Issues with Digital World
Cyber Security must be addressed as a broad social issue rather than as a technical issue. Lack of effective checks/balances and impotent regulation are the biggest hurdles we need to clear in order to progress towards a more secure digital (and physical) world. What makes the task harder is privacy devaluation and a lack of awareness/acceptance of grave national security implications of excessive gathering and storage of user data through digital platforms.
Ken Van Meter, Energy Executive at Capgemini, says this about the digital world: “anyone- police, criminals, merchants, enemies – can come into your home and see anything they like and do anything they wish with it, day or night.” Personalized consumer data could be purchased and used by a marketing and sales company in Mumbai, by Chinese intelligence sponsored agents in Shanghai to track and target high value targets, or by a Karachi based organization to plot a terrorist attack in Hyderabad, India. In each scenario, digitization makes execution easier.
In a welcome development, Paytm is being studied for potential Chinese misuses of user data. This was triggered based on the fact that Chinese online retailer Alibaba Group is believed to own more than 40% of Paytm and the possibility of China using Paytm platform to promote Chinese products. The Economic Times reports that Indian ideological leaders are concerned that Paytm growth would fuel terrorism in Pakistan through China and also kill the Indian indigenous industry.
Today, digitization is intrinsically tied to global connectivity and widespread use of smart phones. Our location could be tracked all the time, the microphone and camera in our smart phones could be controlled remotely to capture our very personal and private moments along with professionally sensitive information. It is one thing to let the police or national security agencies have authorized access, however the prospect of easy access to everyone from a simple app developer to a petty cybercriminal must be socially UNACCEPTABLE.
In my previous Socio-Tech article, I highlighted the lack of effective regulatory frameworks and the reality that Governments across the world are helpless. We need to apply the brakes instead of accelerating towards Digitization of Everything.