You might have recently heard about the controversy around facebook messenger and the fact that it liberally permits itself to access your camera,
microphone and even your call list. There was also the very peculiar case of celebrities’ icloud accounts being hacked which led to exposure of their
private photos. Moreover companies like google insist to automatically post your Picasa uploaded photos to their Google+ social media platform. Microsoft
with Windows 8.1 requires cloud authenticated usernames to access any services such as onedrive skype.
Tech Companies like many other companies are hungry for our personal information, our daily habits and even the nature of our relationships with others.
That is understandable since many of these tech companies rely on consumer’s disposable income for their revenue.
The questionable practices of Microsoft, Google and Facebook, LinkedIn, Yelp are out of the scope of this article and instead this article focuses on
Apple’s recent security breach. It is quite bizarre for a company like Apple to claim no responsibility in relation to leaked private none-wholesome photos
of celebrities. Apple like other Tech Companies would claim that both the user and the company are responsible to mutually protect the customer’s data.
However many of the hacking scenarios would fall under “willingly providing your credential clause”. That is a user might be targeted by phishing attack or
perhaps their password might be too easy to guess. Frankly the phrase mutual responsibility is a farce when the user has very little choice but to hand
over her data over to the company’s datacenters.
The reality is a company like Apple that forces users to provide their credit cards for the task of activating an IPhone should be held to a higher
standard. For instance Apple by default turns on Photo-Sharing on IPhone which results into uploading of all your photos to Apple’s DataCenter. Mutual
responsibility could be appropriate in scenarios where the user is empowered to take security measures. For example the user should be responsible for any
data breach that occurs as result of physical access to the phone. However when a user is forced to create a cloud account for the simplest of functions
such as updating a map app she could not be held accountable for proper security measures to protect that account.
When a Firm leaves the consumer very little choice and shows an appetite for a whole lot of their data then they must take appropriate security measures to
ensure the safety of data. Banks actually set a pretty good precedent for such security practices. They don’t allow trivial passwords by rejecting
passwords such as your birthdate, your name, abcd as your password. They of course go much further by detecting your logon from different GEOS and
occasionally requiring you to perform multifactor authentication.
Apple, Facebook, Google and Microsoft are really the worst offenders with respect to our privacy when it is coupled with our security. They realize that if
they push overtly strict security measures it will hamper usability and thus dissuade consumers from handing over more of data to these companies.