Happy weekend, Cyber Saturday readers.
I spent the evening with a friend who is far bolder than me. Having deactivated his Facebook profile three years ago, he upped the ante this week by deleting his Instagram account. Even more drastically, he plans officially to delete his long-dormant Facebook account—the last vestige of his serfhood in Mr. Zuckerberg’s fiefdom—sometime very soon, after his girlfriend has had an opportunity to port its photos elsewhere. (He prefers offline storage.)
I asked him to explain the decision. “Privacy, I guess, is the short answer,” he said. “I don’t want to put any more stuff on the internet. I know I put some dumb [expletive deleted] on it in the past and what’s done is done but going forward I don’t want to be a part of it.”
“It was something I was kicking around for probably close to a year,” he continued. “But all the news it’s gotten recently has lit a fire under me.”
It’s hard not to feel similarly. Recent revelations around the improper acquisition of millions of Facebook users’ data for the purposes of political suasion do not inspire much confidence in the social network’s ability to protect people’s personal information. Nor does it help that Facebook’s business model is predicated on selling its users out to advertisers, the company’s true customers, as endless editorials have reminded us this week. Why don’t we all make like my digitally ascetic friend—or Elon Musk, or WhatsApp cofounder Brian Acton, for that matter—and walk out?
For many of us the choice isn’t so simple. Businesses, big and small, depend on the reach of these platforms to hawk their wares. People across a swath of foreign countries rely on Facebook’s Free Basics program for internet access. Plenty of us are content simply to keep the door open for friends and family (and hundreds of otherwise forgettable acquaintances, no offense)—even if merely to stave off potential pangs of FOMO, or fear of missing out.
The truth is that even if you #deletefacebook, the social network probably still collects data about you. Facebook builds shadow profiles, dossiers of information on people who are not a part of its network. These profiles are fed with contact information uploaded by other users. Try as you might to make yourself invisible, slipping out of sight like a mosquito in the dark, Facebook hunts like a bat.
The U.S. should use this moment to think much harder about what data collection practices it deems permissible in the digital world. In a couple of months, the General Data Protection Regulation goes into effect across Europe. The new law prioritizes user consent and severely penalizes companies in breach of its mandates. It is a start.
Instead of withdrawing, perhaps we should be more publicly pushy.
Have a great weekend.
Robert Hackett
@rhhackett
robert.hackett@fortune.com
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
THREATS
Nice try, GRUciffer. What many security experts deemed a pathetically thin front for a Russian intelligence operation has effectively been exposed as such, per a report in The Daily Beast. The person(s) controlling “Guccifer 2.0,” the online persona that claimed to be a lone, Romanian hacker and who took credit for hacking the Democratic National Committee in 2016, apparently failed to connect to a VPN service before logging onto a social media site (probably WordPress or Twitter), thereby exposing the trickster’s actual IP address. The digital footprints trace back to the Moscow headquarters of the GRU, Russia’s military intelligence directorate. We’re not surprised.
Pry it from my cold, dead hands. Police are using the fingerprints of dead suspects to unlock phones. For criminal investigators in states like New York and Ohio, the practice has become commonplace, Forbes reports. Cops do not seem to believe they require a warrant to attempt to access the encrypted contents of a dead target’s Apple iPhone this way. Apparently, the privacy protections enjoyed by the living are not afforded to the recently deceased.
Ouch, that burns. Earlier this month Kaspersky Lab, a Russian cybersecurity giant, exposed a malware campaign dubbed “Slingshot” that for six years compromised thousands of devices in and Africa and the Middle East. The operation was apparently part of a U.S.-led intelligence operation aimed at countering terrorism from the likes of ISIS and al-Qaeda, CyberScoop reports. Complicating the matter: Kaspersky is currently embroiled in a legal feud with the U.S. over allegations that its software poses a risk to national security. It’s unclear whether the Russian company expected its report would expose such a sensitive military mission.
Changing of the guard. In the wake of controversies surrounding Russia-funded election ads and Cambridge Analytica’s improper acquisition of user data, Alex Stamos, Facebook’s chief security officer, is said to be leaving the company by August. His team has apparently dwindled from 120 people to three in recent months. Meanwhile, Michael Coates, Twitter’s chief information security officer, is departing to found a cybersecurity startup. Michael Zalewski, director of information security engineering at Google, said on the same day he was leaving his post by month’s end.
Leaving this here, since we all have beef with Facebook.
Share today’s Data Sheet with a friend:
http://fortune.com/newsletter/datasheet/
Looking for previous Data Sheets? Click here.
ACCESS GRANTED
The devil is in the details. Should the government provide presidential candidates and their campaigns with digital security? That’s what Nate Fick, CEO of Endgame, a cybersecurity company, argues in an op-ed published by Fortune this week. Fick’s recommendation for a Cyber Secret Service aims to counter the meddlesome influence of foreign adversaries in American politics. During election seasons, he says, spies and hackers have the upper hand over those who aspire to the nation’s highest offices.
Presidential candidates receive Secret Service protection after meeting criteria set by the secretary of homeland security and an advisory committee comprised of the leaders of both chambers of Congress. This protection, codified after the assassination of Robert F. Kennedy in 1968, is provided not only for the candidates’ safety, but also to preserve the integrity of the U.S. political system.
As is true with most policies predating the digital era, however, Secret Service protection only extends to the physical world; candidates and their campaigns are responsible for securing themselves in the digital realm. With the 2020 presidential campaign season approaching, the U.S. should establish a Cyber Secret Service to protect the platforms of future national candidates from digital attack or manipulation.
FORTUNE RECON
Everyone Wants Your Health Care Data, by Erika Fry
Hackers Shut Down Atlanta Government Computers and Demand Bitcoin, by Chris Morris
Why Thousands of Human Moderators Won’t Fix Toxic Content on Social Media, by Michal Lev-Ram
Expedia’s Orbitz Says Data Breach Affects 880,000 Payment Cards, by Robert Hackett
Craigslist Removes ‘Personals’ Section After Congress Passes Sex Trafficking Bill, by Kate Samuelson
Tariffs Are the Wrong Way to Punish China for Stealing Our Technology, by Christine McDaniel
Hackers Don’t Want Your Credit Card. They Want Your Medical Records, by Daniel Bentley
Cryptocurrency Token Drop Makes It Rain $1 Million, by Jen Wieczner
Apple Watch and iPhone Owners Are Mistakenly Triggering Emergency SOS Calls, by Don Reisinger
Bitcoin’s Blockchain Has ‘100s of Links’ to Child Pornography, by Lucinda Shen
ONE MORE THING
Strongmen of letters. Have you ever wondered why so many autocrats write? Rulers like Mao, Mussolini, Lenin, and Hitler rose to power on the popularity of their works. Others like Saddam Hussein (who published romance fiction) and Kim Jong-Il (a film critic) dictated their texts once already dictators. A new book, The Infernal Library by Daniel Kalder, analyzes this perverse canon and probes the psyches of its authors. The genre rarely produces anything of quality or lasting value; as this review in The New Republic puts it, “when you rule with an iron fist, who dares to edit you?”
SPONSORED FINANCIAL CONTENT
