Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

10/24/2017
09:50 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Opera, Vivaldi Co-Founder Talks Internet Privacy

Most people don't understand the extent to which their personal information is at risk, says Jon von Tetzchner, who founded the Opera and Vivaldi browser firms.

The Internet often forces people to treat their data like currency: enter your information and get access to an app or service. Businesses collect bits of data for each person online and use it to track and target them.

Privacy is a human right. People should have a say in their privacy, says Jon von Tetzchner, co-founder of the firms that created the Opera and Vivaldi browsers. The problem is, many people who share their information for the convenience of using different services don't realize the consequences of having their information tracked.

Current regulations don't let anyone opt out. Oftentimes there isn't a question of implicit consent. When you go shopping on Walmart's website, you're not given the option to browse free from online trackers.

"We're being told, to get Internet services you have to give up privacy, or to get security you have to give up privacy," he continues. "But by giving up privacy we're actually giving up security. You don't need to track a person all the time to be able to figure out where they are."

For some software or services there is a need to collect certain types of information, but as von Tetzchner points out, most of the time there is no correlation. Overall, the tracking has gone too far, he continues, to a point where it "has to be in violation of law." The implications are poised to become far more nefarious than targeted advertisements on Facebook or Google.

"For a lot of us, [targeting] is maybe just a nuisance," he explains. "But when you see that being used for things like propaganda, it becomes highly problematic and even a security issue."

Growth and Consequences of Online Tracking

Online tracking and data collection is partially fueled by the size of corporations behind it. Large companies and ecosystems have so heavily invested in these operations, there is a fear of breaking the system if the collection is stopped. Unfortunately, major businesses are at high risk.

"The bigger the target, the bigger the game," he notes, citing the Yahoo breach as an example of what happens when a major data collector gets hit. "With these services, there is a problem because they can be attacked and if they get attacked, the spoils are huge." He admits he's inclined to use smaller companies because they're less connected to larger entities.

Cloud growth also plays a role in making storage of user data cheaper, easier, and more secure -- if done properly. As we now know, poor cloud security practices can affect billions.

"Sure, cloud is cheaper, but it depends on the quality of people you have doing the job," says von Tetzchner. "It's creating situations where you have single points of failure."

What does this mean for the future? "This implies problems for everyone," he continues. It's imperative for businesses to care more about privacy regulation. Many companies and app developers prioritize functionality over privacy and security due to resource and time constraints. Relaxed security and privacy standards have made mobile ecosystems appealing to attackers.

Given the size of players in the game and ubiquity of data collection, this is a difficult problem to address. Ideally, von Tetzchner says, there would be a limit on data collection and no individual tracking, which didn't even exist not long ago. One of the challenges is there aren't many sources that could really regulate this, though the United States and European Union are two potential sources.

Most Consumers Don't Understand the Problem

News reports of major cyberattacks and data leaks have driven broader security awareness, but there continues to be a general lack of knowledge when it comes to online threats, the exposure of their personal information and devices, and potential for unwanted spying. 

"Most people don't really understand how far that goes," says von Tetzchner. "All of our movements are tracked, everything we do on our computers with regards to browsing is being seen … It's like asking someone, 'Can I follow you, one step behind you, all the time?'"

The 2017 State of Privacy and Security Awareness Report by MediaPro found 70% of 1,012 US workers don't fully grasp security and privacy. Behavior on social media was especially concerning as the number of people willing to potentially risk their companies on social media grew to 20%.

Savvy users have trouble hiding in the shadows. Some are turning to the Dark Web for their online activity not because they want to do anything illegal, but because they want to use the Internet without being watched, von Tetzchner says.

"It's natural for people to want to keep their privacy," he says. "It doesn't mean you're doing anything illegal. Users shouldn't have to use Tor, or anything like that."

Related Content:

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing Writer,  2/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9342
PUBLISHED: 2020-02-22
The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper.
CVE-2020-9338
PUBLISHED: 2020-02-22
SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
CVE-2020-9339
PUBLISHED: 2020-02-22
SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
CVE-2020-9340
PUBLISHED: 2020-02-22
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
CVE-2020-9341
PUBLISHED: 2020-02-22
CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.