The recent RSA Conference in San Francisco revealed that most security pros believe that social media regulation needs to be tightened but U.S. Federal Government agencies tasked with government regulation of digital privacy may not have the skillsets necessary to promulgate regulations. And for that matter to understand the link between digital privacy and cyber security.
Attendees were also skeptical of that the management teams of social media and private enterprises had the necessary depth of understanding to make informed, educated decisions to address the risks that are part of the current threat landscape.
Call for social media regulation
Venafi conducted the survey at the conference to get more insight into how industry professionals are responding to the growing intersection of cyber security, privacy threats and government regulation. Over 500 attendees responded to the survey and the results were rather shocking to say the least.
70% of the security pros said that governments should regulate the collection of personal data by social media companies. However, exactly what the expectations of government are remains a bit hazy. Which is not surprising given that 72% also indicated that they have little to no faith that government officials have an understanding of the threats to digital privacy.
This is not surprising given the heightened attention on the Cambridge Anaytica scandal which landed the Facebook CEO before the U.S. House Energy and Commerce Committee. The incident affected 87 million users and reportedly influenced the 2016 presidential election that led to a win by Donald Trump. This has raised concerns that social media platforms are being used for political advertising without government regulation, and worse affecting people’s lives and national security through the spread of hate speech and fake news. This has led to a call for stronger government regulation of social media companies, including Facebook and Twitter, and other technology companies.
The lack of faith in government’s ability to understand issues surrounding digital privacy led Kevin Bocek, vice president of security strategy and threat intelligence at Venafi to comment. “These results are disturbing,” said Bocek “While security professionals agree that government officials do not understand the nuances of social media and digital privacy, they’re still looking to them to regulate the technology that permeates our daily lives.”
Unfettered backdoor access
Other results of the survey were just as disturbing. The war on encryption was a hot topic – but respondents seem to be backing a more robust approach by government. Nearly half (45%) of the respondents believe governments should be able to impose encryption backdoors on private companies. But, 74% admit their government officials do not have a good understanding of the current cyber threat landscape.
Is backing government backdoor access that much of a good idea? That is not debatable – it’s a terrible idea. Regardless of the law enforcement implications. It’s throwing the baby out with the bathwater – and smells suspiciously like paranoia. We do live in a dangerous world. But allowing government unfettered access (especially when it comes to social media regulation) is a slippery slope towards an Orwellian future. And to suggest that government is equipped to tackle the problem of social media regulation (and access to other systems and platforms) while at the same time saying that they do not have the skills to do so may be tinged with a bit of hubris. It is becoming apparent that government regulation lags behind the technological curve that is allowing privacy to come under continual threat.
Conclusion – Security pros are here to help
The subtext here is ‘let us take care of the problem – you’re incompetent.’ There may be an element of carefully thought out truth here. 74 percent of the respondents said government officials do not have a good understanding of the current cyber threat landscape overall. So, who better to police the public than professionals? Perhaps professionals are the very people who should be gatekeepers of data security and privacy.
However, it is possible that the solutions proposed may need a little more refining.
Bocek made a telling comment; “It’s disheartening that so many security professionals think encryption backdoors will somehow make us safer. There is no question that they will undermine our global economy and make digital communication much more vulnerable. Any backdoor will be extremely lucrative, so cyber criminals will spend an enormous amount of effort to steal one. And once a backdoor is leaked it’s certain to be available to the highest bidders on the dark web.”
Would you trust a government to protect your data – and your privacy? Security pros think they are the best positioned to do that job. They may very well be right – and governments need to start paying very careful attention to what these independent consultants are saying. They are the people who are at the coalface of the issue – and they may have the keys to the castle that houses the protections that we as consumers require, especially when social media regulation is now the topic of the day.