Most Northwestern students have a good relationship with technology. Our generation grew up with our hands accustomed to keyboards and touchscreens, and we are very comfortable with and reliant on devices like computers and smartphones. Our dependence on technology has made living easier than it was in previous generations in some ways, but it has at the same time introduced new, frightening prospects into our lives.
In an ideal world, it would not matter that someone was careless about how information was protected online. Organizations and people with valuable digital information would have taken more steps to safeguard their information against those who would try to access it. But two recent stories involving breaches of cyber security have placed a heightened focus on keeping information secure. It is important to note the role that carelessness played in each situation.
Former St. Louis Cardinals scouting director Chris Correa pleaded guilty last week to five counts of unauthorized access to a protected computer for his role in hacking the database of the Houston Astros. This might lead you to imagine Correa dropping, Mission-Impossible style, into the Astros front office in the middle of the night, entering lines of code into a central computer and absconding with a flash drive full of valuable information. However, what actually happened is much less exciting. Correa accessed the Astros database by using a password similar to one that Astros GM Jeff Luhnow had used during his time as a Cardinals executive. From there, Correa was able to gather data about trade discussions, Houston’s targets in the MLB draft and various other personnel decisions.
Correa was clearly wrong in his violation of privacy and, more importantly, the law. But shouldn’t there be more of a responsibility on Luhnow to guard such essential information with the utmost caution? Some people don’t even use similar passwords for Facebook and Twitter, and he used a similar password to guard his multimillion dollar organization’s database? Access to crucial information should come with the responsibility to protect it from others.
Let’s look at another example. Last month, Hillary Clinton’s campaign accused Bernie Sanders of stealing voter information. Bernie’s team gained access to the Clinton campaign’s information after a bug in the technology used to store voter lists for Democratic candidates, known as NGP VAN, displayed all candidates’ information for half an hour. The Sanders campaign gathered data on voters in several influential states before informing the database of the bug. In response, the Democratic National Convention temporarily barred the Sanders campaign from accessing any data from the database.
What the Sanders campaign did was wrong; they clearly shouldn’t have taken that important information. But again, it’s not as if the crimes were the result of a frenzied campaign to infiltrate the Clinton database. It was the fault of a database that, as Sanders communication aide Michael Briggs said after the incident, “continues to make serious errors.” It is the responsibility of the DNC to ensure that campaigns are confident that their information will be secure.
These technological advances are only going to become more intertwined with our daily experience. For example, New York City Mayor Bill de Blasio just announced the city will replace 7,500 phone booths with tech kiosks that provide free wifi — an exciting development, for sure, but one that holds a massive security risk.
With so much of our lives dependent on technology, we should make absolutely sure that our information is sufficiently protected. People will take advantage of any lapse, whether it’s the fault of the user or of the technology itself. Those with important information, therefore, should take all the steps necessary to ensure that it is protected sufficiently.
The views expressed in this piece do not necessarily reflect the views of all staff members of The Daily Northwestern.