Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

10/24/2017
09:50 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Opera, Vivaldi Co-Founder Talks Internet Privacy

Most people don't understand the extent to which their personal information is at risk, says Jon von Tetzchner, who founded the Opera and Vivaldi browser firms.

The Internet often forces people to treat their data like currency: enter your information and get access to an app or service. Businesses collect bits of data for each person online and use it to track and target them.

Privacy is a human right. People should have a say in their privacy, says Jon von Tetzchner, co-founder of the firms that created the Opera and Vivaldi browsers. The problem is, many people who share their information for the convenience of using different services don't realize the consequences of having their information tracked.

Current regulations don't let anyone opt out. Oftentimes there isn't a question of implicit consent. When you go shopping on Walmart's website, you're not given the option to browse free from online trackers.

"We're being told, to get Internet services you have to give up privacy, or to get security you have to give up privacy," he continues. "But by giving up privacy we're actually giving up security. You don't need to track a person all the time to be able to figure out where they are."

For some software or services there is a need to collect certain types of information, but as von Tetzchner points out, most of the time there is no correlation. Overall, the tracking has gone too far, he continues, to a point where it "has to be in violation of law." The implications are poised to become far more nefarious than targeted advertisements on Facebook or Google.

"For a lot of us, [targeting] is maybe just a nuisance," he explains. "But when you see that being used for things like propaganda, it becomes highly problematic and even a security issue."

Growth and Consequences of Online Tracking

Online tracking and data collection is partially fueled by the size of corporations behind it. Large companies and ecosystems have so heavily invested in these operations, there is a fear of breaking the system if the collection is stopped. Unfortunately, major businesses are at high risk.

"The bigger the target, the bigger the game," he notes, citing the Yahoo breach as an example of what happens when a major data collector gets hit. "With these services, there is a problem because they can be attacked and if they get attacked, the spoils are huge." He admits he's inclined to use smaller companies because they're less connected to larger entities.

Cloud growth also plays a role in making storage of user data cheaper, easier, and more secure -- if done properly. As we now know, poor cloud security practices can affect billions.

"Sure, cloud is cheaper, but it depends on the quality of people you have doing the job," says von Tetzchner. "It's creating situations where you have single points of failure."

What does this mean for the future? "This implies problems for everyone," he continues. It's imperative for businesses to care more about privacy regulation. Many companies and app developers prioritize functionality over privacy and security due to resource and time constraints. Relaxed security and privacy standards have made mobile ecosystems appealing to attackers.

Given the size of players in the game and ubiquity of data collection, this is a difficult problem to address. Ideally, von Tetzchner says, there would be a limit on data collection and no individual tracking, which didn't even exist not long ago. One of the challenges is there aren't many sources that could really regulate this, though the United States and European Union are two potential sources.

Most Consumers Don't Understand the Problem

News reports of major cyberattacks and data leaks have driven broader security awareness, but there continues to be a general lack of knowledge when it comes to online threats, the exposure of their personal information and devices, and potential for unwanted spying. 

"Most people don't really understand how far that goes," says von Tetzchner. "All of our movements are tracked, everything we do on our computers with regards to browsing is being seen … It's like asking someone, 'Can I follow you, one step behind you, all the time?'"

The 2017 State of Privacy and Security Awareness Report by MediaPro found 70% of 1,012 US workers don't fully grasp security and privacy. Behavior on social media was especially concerning as the number of people willing to potentially risk their companies on social media grew to 20%.

Savvy users have trouble hiding in the shadows. Some are turning to the Dark Web for their online activity not because they want to do anything illegal, but because they want to use the Internet without being watched, von Tetzchner says.

"It's natural for people to want to keep their privacy," he says. "It doesn't mean you're doing anything illegal. Users shouldn't have to use Tor, or anything like that."

Related Content:

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
IoT Vulnerability Disclosure Platform Launched
Dark Reading Staff 10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-26649
PUBLISHED: 2020-10-22
AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php
CVE-2020-26650
PUBLISHED: 2020-10-22
AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php
CVE-2020-27533
PUBLISHED: 2020-10-22
A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages.
CVE-2020-24033
PUBLISHED: 2020-10-22
An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with escala...
CVE-2020-27560
PUBLISHED: 2020-10-22
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.