If you are among the 77 million Internet users whose personal data (including VISA-card information) were hacked from Sony’s server, you can expect to get a mega-style apology (see photo) from Sony officials. Yes, it’s a nice gesture, but is it enough? Not necessarily. ‘Sorry’ simply doesn’t hack it any more. We are inundated with apologies: sorry for bombing the wrong targets; sorry for losing billions of public money; sorry for polluting our rivers and our seas. But, that is a topic for another blog.
At the same time Sony’s server was being hacked, there was security breach at Amazon’s cloud servers. News about hacked personal data from big Internet companies is becoming a regular occurrence.
Whether we receive a Sony-style ritual apology or a carefully crafted Amazon-style corporate message, this doesn’t fix what has happened. As regular Internet users, we need to be asking ourselves what we can do to protect our data and our rights. The answer, unfortunately, is ‘not too much’.
First, most of us have clicked the ubiquitous box agreeing with agreements full of densely packed fine print that covers companies for huge blunders, including hacking. But even if we’re not guilty on this score, the average Internet user – especially if he/she is not based in the USA or Japan – has very little recourse to any legal action. Think about it. We are transferring considerable amounts of detail of our private, social, and corporate lives to computer clouds – be they Facebook, Google, Sony, or Amazon – and we have almost no way of protecting our rights.
If the Internet is to continue to develop as a critical information infrastructure of the modern world, this has to change. All Internet users must have the right to take legal action and protect their interests. Admittedly, this is very difficult to do directly (e.g. a citizen of Malta protecting his/her data on the Facebook server); the only practical solution is to do so through an international legal framework agreed globally by all countries.
The first step on the long road to achieving this should be an International Framework Convention on Internet Governance, which would set out the principles that makes the Internet what it is today: openness and inclusiveness. Otherwise, the Internet – like data from Sony’s server – will continue to be hacked by interest groups motivated mainly by money, radical ideologies, security obsession….