Data in the wrong hands: Taliban may have seized private data

Possible privacy breach in Afghanistan shows how data can be a double-edged sword

“I don’t think anyone ever thought about data privacy or what to do in the event the [HIIDE] system fell into the wrong hands,” one expert told The Intercept.

The Taliban have apparently seized US military biometric devices known as HIIDE, or Handheld Interagency Identity Detection Equipment, to identify Taliban sympathisers and possible terrorists easily.

So far, frankly, so what. The Taliban already know who their sympathisers are; they know who the terrorists are that work for them.

In any case, they may find it hard to hack into the devices and decrypt the data.

There are two problems with this; not every country in the world is on the same side as the US, and some non-allied nations have sophisticated technology.

The other problem is that the HIIDE devices weren’t exclusively used to identify potential enemies. They were also used to identify Afghans who assisted the US.

The devices, which can be used to identify people from biometric data, such as iris scans and fingerprints, were apparently used in the hunt for Osama bin Laden.

But a crucial part of privacy considerations is what they call data minimisation. Only store the data you have to store to fulfill the task for which it was collected in the first place. If the purpose is to identify terrorists, don’t use it to identify people who support you.

ESG one of the most transformative issues of our time

The author of a report from S&P Global Market Intelligence says that “ESG will become not only one of the hottest issues of our time but potentially one of the most transformative for both industries and societies as well.”

Techopian - The conversation and voice for ethical technologyMichael Baxter

There is another point. The likes of Apple have in the past resisted calls to create a backdoor to its devices. When the FBI requested that Apple create a backdoor to iPhones to access data on two attackers who died in a terrorist incident, Apple declined. It argued that hackers could also use the technology.

And let’s face it, authorities have previous. Remember the WannaCry virus that created havoc amongst health services across the world in 2017? The US National Security Agency knew about the vulnerabilities to a version of Microsoft Windows, but they kept the knowledge for future use.  The vulnerability, called EternalBlue, was leaked to The Shadow Brokers.

You may or may not feel comfortable with security services holding data on private citizens for their use. But the big problem here is that the security services themselves can be hacked.

Data is a double-edged weapon — it can be used to support security but can be used against you. The more data you control, the greater the vulnerability.

Asimov’s created the three laws of robotics — in fiction.

Maybe we need the first law of data: no one can hold data that could threaten lives if it gets into the wrong hands.

Why #Instagram is a huge risk for your small business

It is not secret that here at Techopian we are critical of the social media platforms. This criticism ranks from ‘they are ok, but irresponsible’ to ‘how is this even legal’.

Techopian - The conversation and voice for ethical technologyRob Hughes