In this day and age, following hack after hack, it almost seems as though online security is a bit of a misnomer. The latest big online security breach to make the headlines is, of course, the intrusion into adultery-themed dating site Ashley Madison. It's situation I find incredibly concerning. Not because it's yet another example of how securing online data seems futile, but because of how people have reacted this time around.
Every time something new comes out about the hack, there has been a lot of consensus in internet commentary — even here on Giz UK. The idea that somehow this hack is justified because of the nature of the website, and that anyone using the site deserves to have all their personal information posted online for the world to see. I'm not condoning the actions of Ashley Madison users, and I'm of the opinion that if you happily cheat on an unwitting partner then you're an incredibly shitty person, but I'm shocked at how hypocritical people's words seem in light of the situation.
I tweeted this back when the original hack took place last month, and I think it pretty much sums up the whole situation for me:
When your data is hacked: FUCKING HACKERS SHOULD ALL BE SHOT When it's the data of someone you hate: LOL YOU GO HACKERS. THAT'LL TEACH 'EM
— Tom Pritchard (@tepritchard) July 20, 2015
Major hacks happen an awful lot these days, more often than should be possible. Any information personally linked to you is potentially at risk. But what if, say, Amazon or Facebook had been hacked and hackers were threatening to release all your personal information? You'd probably be a mixture of terrified and furious, but regardless of how much they disagree with those sites, nobody is going to come out and tell you that you shouldn't have had an account there in the first place.
Impact Team, the hackers who supposedly obtained and released Ashley Madison's user data, also believe that they are morally justified in what they did. Part of their issue with the site is that the group claims Ashley Madison is a scam, taking away people's hard earned cash with the promise of security and then asking for more if users want to scrub their personal data from the site. Impact Team claims that, should a user get cold feet and cough up more cash, Ashley Madison doesn't even properly wipe account data after a user has paid. I disagree with the methods, but if those claims are true then at least the initial reasoning for the hack is somewhat noble.
The problem is that that's not all they were up to, and a statement released yesterday, around the time Ashley Madison user data was posted on the dark web, had this little snippet:
Too bad for those men, they’re cheating dirtbags and deserve no such discretion. Too bad for ALM, you promised secrecy but didn’t deliver.…
So, apparently those users now don't deserve privacy because they signed up to a website geared towards enabling infidelity, even if they didn't actually have an affair to begin with. Again I'm not supporting those people or the purpose of Ashley Madison, but do users really deserve to be outed in such a way? From what I've seen, a lot of people seem to think so. They did (or tried to do) a horrible thing, so that means they must be exposed in front of the entire world.
The thing is, it's not just about these people being caught out by their unsuspecting partners, otherwise the data that was released would just be names and profiles. Reports indicate that the 10GB of released data includes full names, phone numbers, addresses, and credit card transactions. Even if you take the information at face value (which you shouldn't), it's not just enough information to ruin relationships and marriages. That's information that could easily be used for identity theft and, in a worst case scenario, ruin peoples' lives.
Let's not forget, though, moral justification is a tricky business. Remember Lizard Squad, the 'hackers' who brought down Xbox Live and the PSN with a DDoS attack on Christmas Day? Their justification for that attack was to highlight incompetence at Microsoft and Sony because both companies were unable to prevent such attacks. Again fairly noble goal, really fucked up execution. It's hardly the same sort of situation – there was no question of gamers' moral compass at stake there – but it's worth keeping in mind when you hear why hacking groups do what they do.
Hacks like these are starting to happen more and more often, and while it's up to the organisations to make sure user data is suitably protected, it's almost certain that the Ashley Madison incident won't be the last time a group of hackers posts detailed personal information online for the world to see. Chances are that it'll be your information out there one day, so have a little bit of empathy.
You don't have to agree with what the Ashley Madison users did, nor do you have to defend it, but nobody "deserves" to have their private data exposed. It doesn't matter who they are, or what they did – if we consider privacy a fundamental human right, we can't pick and choose who gets to benefit from it. That puts us all on a slippery slope into the same murky moral soup that adultery already seasons.
Image credit: Shutterstock/Piotr Marcinski