The sinister side of technology

At the height of the Facebook-Cambridge Analytica happenings, I had penned my thoughts for India Inc. magazine.

Over the last few weeks, the sinister side of technology has come to the fore. Cambridge Analytica is alleged to have collected the data of up to 87 million Facebook users worldwide, the majority of which were in the US.

While this data is said to have been used to target and influence voters in the US presidential election and in the Brexit referendum in the UK, it is also thought, according to press reports, that Cambridge Analytica’s parent firm had offered services to Indian parties for the 2014 elections to carry out caste research, behavioural polling, and target audience analysis, amongst several projects.

The fact this has happened shouldn’t really be a surprise to anyone in the technology industry. Whether you’re in London or Bangalore, the tech startup scene is full of thousands of wannabe entrepreneurs with the latest app, looking to rapidly sign up and grow the number of users of their app? Why? Because the more data they have on their users (in whatever way it is collected, whether it’s a game or a consumer lifestyle app), the more valuable it becomes. It enables them to sell that data to brands, advertisers and sponsors. They’re all trying to become the new Facebook or Google.

Data value

The data held by companies like Facebook has massive value, since the volume of data enables accurate profiling. In the US and UK, this enabled the political campaign teams to profile voters and precisely target them with specific ads to help influence their vote. It’s reported that between Trump and Clinton, some $81m was spent on Facebook advertising.

In the tech world, there’s a constant debate around data security, and Facebook-Cambridge Analytica is a high-profile example of how data collected by an app can be potentially misused. In Europe, a new data protection law, GDPR, comes into force on 25th May 2018, that is supposed to reduce the risk of data misuse. The big US tech companies are already trying to figure out how they will provide a fix that enables them to conform to the new law, though it’s reported that Facebook is considering implementing any measures to conform only for European users, leaving those in the rest of the world open at the same level of exposure as before.

It’s not the only security risk from technology in the modern world. The more that countries around the world (including the Indian government) talk about implementing smart cities, the more the potential for cyberattacks that bring down cities and nations.

Art imitates life

They say art imitates life, so if you want to see examples of the risks of the technology we have today, you only need to watch movies like the Bourne Ultimatum and Die Hard 4.0. You may think the ideas are far-fetched, but these films illustrate technology which is already in widespread use. In the Bourne movie, the ability to track and follow every move of anyone is not just fiction; every smartphone’s operating system is traceable, even if they have their phones in flight mode. You only have to witness the revelations made by Edward Snowden, the former intelligence community officer and whistleblower, who made public documents that revealed the US security agencies’ and their international intelligence partners’ secret mass surveillance programs.

And in the Die Hard movie, we see the ultimate doomsday scenario that could happen from our quest to implement smart cities and the internet of things (IoT). The ‘bad guys’ are able to take control of traffic systems and cars, power grids, bank accounts and more. This is indeed possible – during the London Olympics for example, traffic management systems were able to control traffic signals to enable VIPs to be sped through congested roads in London, giving them priority when their vehicles were detected in designated lanes. Imagine if the wrong people got hold of the traffic management system, as they do in the Die Hard movie. 

Smart cities

In smart cities, everything is supposedly connected for the public good, but in a cyberattack situation the connected networks can also be commandeered by people who have the knowledge to control it for their own benefit.

We just have to remember the WannaCry cyberattack that paralysed the UK NHS system in May 2017. The UK’s National Audit Office (NAO) said about it: “It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice. There are more sophisticated cyber threats out there than WannaCry so the department and the NHS need to get their act together to ensure the NHS is better protected against future attacks.”

India itself is concerned about the rapid progress of digitisation without proper cybersecurity policies in place. India's Telecom Secretary, Aruna Sundararajan, acknowledged as much at a recent conference in Geneva, and said, “Every nation faces cybersecurity challenges. Countries like India, where digitisation growth has been exponential, the magnitude and complexity of these challenges become multi-fold. For example, 300 million Indians adopted digital payments in just 6 months.” She added that a sound and comprehensive cybersecurity policy is a key building block for India’s infrastructure. “We are also working to ensure that all layers of digital access are appropriately secured, including the content, transport and device layers.”

To conclude, it’s easy for governments to get on the technology bandwagon, talking about the need for IoT, smart cities, and the use of artificial intelligence tools and programmes. However as recent examples have shown, there really needs to be more consideration about policies and regulation that helps safeguard the users that the technology is supposed to provide benefits to. I am not suggesting we should be luddites, but we need more people who understand the technology and its impact involved in the policymaking process, especially those who are independent and not part of big technology companies or their connected think tanks. 

For the full original article, click here.