2016: The Year in Privacy & Security
As the year comes to a close, we take a look back at 2016. This year, the debates over privacy and security continued to rage on with victories and setbacks alike.
By far, the biggest theme of 2016 was encryption – and the debates over privacy and security that came along with it. The Apple v. FBI case in early 2016 ignited a worldwide debate, calling attention to important issues about privacy, security and the right to protect yourself online. The debate hit the main stage when the FBI asked Apple to offer access into encrypted communications on an iPhone (iMessage) app, and Apple refused as they do not have access to the messages. This set off a huge debate about when – if ever – it is OK to break encryption. Most of the tech community and privacy companies took a strong stance against backdoor encryption, citing threats to innovation and technology as well as the danger of introducing vulnerabilities that can be exploited by bad actors.
Unfortunately, this year we saw a trend of surveillance practices increasing around the world. Some shocking revelations were made about massive spying projects in both the United Kingdom and the United States, as well as many other regions who increased their ability to spy or access personal communications. Legislation was also passed which granted more powers to mass surveillance in many areas, continuing the debate about what the appropriate balance is between personal privacy and national security.
Decline in Internet Freedom
As detailed in an annual report by Freedom on the Net, Internet freedom was on the decline for the 6th consecutive year in a row. This alarming trend illustrates increasing censorship around the world, both of websites and content. This year there was a trend of popular messaging apps (for example, WhatsApp) being blocked in various countries – sometimes due to the fact they employ unbreakable encryption, at other times to stymie communication or organizing during protests. These outages took place in a span of areas, but were strong in the Middle East and Africa, and other regions. Countries like China, Russia and others also tightened grips via mass censorship and the introduction or strengthening of “Great Firewalls.”
Data Sharing & Privacy
This year, we saw several regulations aimed at both protecting consumer privacy and restricting the amount of personally-identifiable data that can be viewed or shared by companies or across platforms. On the other side of this, the year brought legislation aimed at decreasing privacy and data protections for users, as well as measures for data retention. At Golden Frog, we delved into the topic “you are the product,” exploring ways that companies often exploit user data.
Some of the legislation that went into place this year included:
- New FCC regulations calling for explicit consumer consent before sharing or collecting any data about users
- The Investigatory Powers Bill in the UK, which is not only a surveillance bill but also allows for sharing of personal information
IoT and Insecurity
The Internet of Things (IoT) continues to be a big topic this year, with reports about the insecurity of connected devices appearing in the news. The IoT was a major focus at this year’s CES in early January, and continued to dominate the news throughout the year. Just recently, a study again highlighted how dangerous this network of items is and the inherent vulnerabilities that exist. There were some very large DDoS attacks at the end of the year, which employed botnets comprised of IoT devices to carry out attacks (a departure from the past when they employed computers). As more and more devices continue to be connected, it’s likely the buzz over the IoT will continue.
Some other themes this year included an increase in consumer awareness and concern over privacy, which is a positive step in that people are taking more ownership of their privacy and strides to improve it. We also saw a trend of people becoming concerned and more aware of unsecured Wi-Fi networks, and the risks associated with these.