Keep it private: Security/privacy
Keep it private: Security/privacy
What do you get when you mix the avalanche of data that pours from every computing crevice, the proliferation and interconnectedness of apps and portable devices such as Fitbits, persistent criminals out to steal information, lax or incomplete data protection laws and a population proficient in gaining access to and moving information around? A recipe for privacy headaches that defy the soothing effects of even the strongest painkiller, that's what. 

“A first grader can easily access things from all over the world,” says Larry Clinton, president of the Internet Security Alliance (ISA), noting that the lure of easy information flow “is so seductive that we haven't thought through how to manage the downside.” 

Explains J. Trevor Hughes, president and CEO of the International Association of Privacy Professionals (IAPP), “Technology advances are exceeding our ability to manage. There is an unprecedented gap between our ability to develop standards and the bleeding edge of technology. With the rise of social media, he explains, “we don't know what the social norm is.”

But 2015 might be counted as the year that businesses, government and consumers finally woke up and pursued answers – or at least fixes – to the privacy conundrum in earnest. At the very least, this year marked privacy's arrival and permanent residence on the center stage. Here's what happened over the course of the year to keep the spotlight where it belongs – on privacy.

Data breaches just keep rolling in. “The number one challenge to privacy is the wantonness of [stealing] personal data being carried out by the millions by cybercriminals,” says ISA's Clinton (left), contending that the constant stream of attacks is more cause for concern than the NSA's surveillance activity. Anthem, the State Department, the Office of Personnel and Management (OPM), VTech, were among those hardest hit by bad actors out to steal sensitive information. The worst-case scenario played out at OPM – which Rep. Ted Lieu (D-Calif.) says was “a very big wakeup call” – where information on millions of former and current federal workers was exposed, including the highly confidential data in the security clearance database maintained by the agency. 

The Internet Engineering Task Force (IETF) designates .onion as a Special-use Domain Name. Calling the formal recognition of the .onion by the IETF “a small and important landmark in the movement to build privacy into the structure of the Internet,” Jacob Appelbaum, a security researcher and developer, privacy expert and a core member of the Tor Project, said in an October blog post that the draft to register the domain name included security and privacy considerations that likely “will help to protect end-users from targeted and mass-surveillance.”

The standards body's confirmation of the special-use domain name is a culmination of work done in conjunction with Facebook software engineer and internet security evangelist Alec Muffet, and others, since 2013, or as Appelbaum called it, the “Summer of Snowden,” to ensure that .onion not become a Top Level Domain (TLD) that could not be sold by the Internet Corporation For Assigned Names and Numbers (ICANN).