Wednesday, February 17, 2016

Your Data is at Risk … Will Apple Save You?

imageA hot topic of the day is that Apple has receive a court order from the FBI.

This will extend far beyond Apple. There are significant questions related to loss of credibility, loss of business and of course the loss of control of YOUR data.

I highlight some of these below. I’d like to get your thoughts too. Chime in on the comments or on social media channels.

The court order is asking Apple to do several things.

Two of the more specific requests are:

  1. Bypass the iPhone Auto-Erase Feature
  2. Enable unlimited password attempts 

The court order is relying upon the All Writs Act, a law that can trace its origins to the first Congress in 1789. In short, it says courts can require that people do things to comply with their orders. (source: NY Times)

Read Apple CEO Tim Cook’s response here – it’s thoughtful, cogent and spells out both the case for Apple and for every other technical firm that will likely be brought into this issue. Especially, if Apple (which means every other tech company) is compelled to create a back door.

This will reach far beyond Apple.

Politicians, Pundits and Wannabe Politicians

They are all chiming in. Some are going off the rails (as expected) because extreme positions makes the news cycle.

Make no mistake:  YOUR data is at risk.

Your data privacy, your data sovereignty, your personal information is at risk.

  • What do think?
  • Would you abandon Apple if they expose your private data?
  • Will you join a class action lawsuit to sue Apple (and others)?

Case In Point

imageRikki Kliemon of CBS is WRONG! (video)

This is NOT a narrow case. She is a smart lady, but she is over-interpreting the law.

This is a case of people NOT in the technology industry making too many assumptions about how technology works.

As I wrote on Facebook here:

If Apple concedes to the FBI's request to open a backdoor to the iPhone who will be responsible when someone else uses this backdoor to access YOUR data.

Will Apple be exposed to lawsuits for a breach of confidential data?

If yes, who will ultimately pay? Who else will be named in the inevitable lawsuits?

  • Will the FBI (meaning ... US citizens) pay for data breaches? Will Target, Sony, AT&T, Neimen Marcus and others sue or at least name Apple in a lawsuit.
  • What about all the cloud services and applications that could be compromised? What will file sharing services do? What about banking apps? What about social media / networking apps?
  • Will the (likely) loss of business for Apple be covered by the FBI?
  • Will consumer around the world want to stay on a device that could compromise their data privacy?

Kudos to Tim Cook and Apple for standing tall and standing up for their business and YOUR data rights.

As my friend (and lawyer) Dan Arildson posted:

Hat's off to Apple for fighting a court's order to help the government hack the iPhone's encryption. Encryption backdoors are a bad idea. If the good guys get access to the backdoor, you can be sure that the bad guys will figure it out to. I applaud Apple's stance on protecting its customers' data.

image

This is the kind of issue that the Voices for Innovation team seeks to address and provide guidance around. In this day and age with ubiquitous internet access and device proliferation there is a need to provide for data privacy, data sovereignty, and data protection.

imageFor more information on Voices for Innovation (VFI) see my post Voices for Innovation … Is your voice being heard? and get involved.

As always I welcome your comments.

Image Credits: Voices for Innovation, Huffington Post, Apple, Mike Deerkoski

clip_image001Jeff is an expert in the Enterprise Content Management industry. He brings over 20 years of Channel Sales, Partner Marketing and Alliance expertise to audiences around the world in speaking engagements and via his writing. He has worked for Microsoft, Kodak, and K2. He is currently the consulting with Microsoft and partners to drive Community Engagement and Alliances.

Tweet him
@jshuey or connect on LinkedIn, Facebook, or Google+ He is active in the Microsoft Partner Community and is the co-founder and President of the IAMCP Seattle chapter.

He is a contributing author to
Entrepreneur, Elite Daily, Yahoo, US News and to the Personal Branding Blog

image

2 comments:

Jsaav said...

This is an incredibly difficult situational use case, Information, data, is in fact at risk. So are lives. I agree with both sides of this argument and I disagree with both sides of this arguement. How is that for an opinion.

First off, just as if it were dr. Patient confidentiality, with regard to information, data. If that information, data, is in regards to a felonious act that has happened, or will happen, with a very high likelihood of harm and or death as a result, then the dr. Is required to report that information and dr. Patient confidentiality is no longer in affect. So this is where I agree with law enforcement, that the information contained within this particular device may very save human lives from future attacks, attackers, or point to others who may be involved in training, and or funding these types of attacks. But, on the other hand, once the ability to Crack through the security is lifted for law enforcement, where does it stop? It's no longer the dr. Patient confidentiality scenario, now it's big brother defining what they believe is or isn't a threat, or worse, the ability to get to the data is shared, or stolen or otherwise used for other means or entities. So I don't agree this should be done, there is no guaranty that once it's done one time, here in this case, that it won't be used in the future and for what purpose and to what end.

I have to admit, I'm torn on this one.

Jsaav said...

This is an incredibly difficult situational use case, Information, data, is in fact at risk. So are lives. I agree with both sides of this argument and I disagree with both sides of this arguement. How is that for an opinion.

First off, just as if it were dr. Patient confidentiality, with regard to information, data. If that information, data, is in regards to a felonious act that has happened, or will happen, with a very high likelihood of harm and or death as a result, then the dr. Is required to report that information and dr. Patient confidentiality is no longer in affect. So this is where I agree with law enforcement, that the information contained within this particular device may very save human lives from future attacks, attackers, or point to others who may be involved in training, and or funding these types of attacks. But, on the other hand, once the ability to Crack through the security is lifted for law enforcement, where does it stop? It's no longer the dr. Patient confidentiality scenario, now it's big brother defining what they believe is or isn't a threat, or worse, the ability to get to the data is shared, or stolen or otherwise used for other means or entities. So I don't agree this should be done, there is no guaranty that once it's done one time, here in this case, that it won't be used in the future and for what purpose and to what end.

I have to admit, I'm torn on this one.