Who saves us from having to go clear?
Of Breaches and hacks
“Bottom line, (government) can’t be trusted to safeguard our data,” tweeted Colorado Senate Republican Communications Director Sean Paige on Tuesday. But is noting the fact that the government can’t keep our data safe a bottom-line observation or a top-line observation? It’s one that begs a raft of questions, starting here: Who can be trusted to safeguard our data?
Paige was responding to back-to-back news reports.
In Washington, the Internal Revenue Service reported that hacker-thieves might have swiped detailed information from more than 300,000 taxpayer accounts as part of a scheme to steal tax returns next year.

In Colorado, the Department of Health Care Policy and Financing reported that, in a kind of anachronistic steam-punk screw-up, its glitchy Benefit Management System mailed old-school ink-and-paper letters that included the private health data and Social Security numbers of more than 3,000 residents to the wrong house addresses. The data “breach” opened up benefits recipients to identity fraud, although no instances of which have so far been reported, officials said.
On Wednesday came news from the private sector.
Ashley Madison is a “dating site for married people,” which means it’s a website for people – mostly men, it turns out – looking to cheat on their spouses. Ashley Madison hosts tens of millions of users, and this week it was the target of hackers, who rode roughshod over its security system, such as it was, and got ahold of data tied to some 33 million accounts. The hackers, who call themselves the “Impact Team,” said the site was as fraudulent and deceitful as its customers and demanded that the publisher, Avid Life Media, shut it down. When the publisher refused, the hackers released the data they stole – 10 gigabytes of user names, house addresses, email addresses, phone numbers and encrypted passwords.
Hackers are now combing through the data and exposing the identities and profile details of the site’s would-be cheaters. There will be humiliation. There will be pain.
One of the first high-profile figures exposed in the hack is Christian-right reality TV star Josh Duggar, one-time executive director of the Family Research Council, a lobbying group that aims to “champion marriage and family as the foundation of civilization, the seedbed of virtue, and the wellspring of society.” As Gawker reported, Duggar appears to have paid nearly $1,000 for his Ashley Madison account subscriptions and was looking for extramarital “one-night stands,” “experimentation,” “gentleness,” somebody who is “good with [her] hands,” and so on.
Members of the hacker site 4Chan say they’re starting their work on the data-dump by looking at the 15,000 or so Ashley Madison users who signed up using military or government email addresses. In other words, they’re looking to expose soldiers and politicians. For now at least, no one has posted anything about subscribers to the site tied to Colorado government email addresses – ones that end in @state.co.us.
In a grim side note, however, digital security firm CyberAngel told The Guardian that about 1,200 people on the leaked list subscribed using emails based in Saudi Arabia, where convicted adulterers face the death penalty.
Going clear
It feels like we have stepped into digital territory this week that has long stretched out in front of us. We have become used to the idea that hacker-thieves steal data and inflict financial loss, but this Ashley Madison hack is about making personal secrets public, and indiscriminately, for everyday citizens as well as for various kinds of celebrities. As John Herrman, put it at The Awl, “this feels like a momentous event … millions of lives may be about to change profoundly.”
“Here were people expecting the highest level of privacy that the commercial web could offer as they conducted business they likely wanted to keep between two people,” he wrote. “This hack could be ruinous-personally, professionally, financially-for them and their families. But for everyone else, it could haunt every email, private message, text and transaction across an Internet.”
Dave Eggers called that kind of transparency “going clear” in The Circle, his novel published two years ago about a Google-like company that effectively dissolves the border separating public life from private life. In the book, the end of privacy is a worthy goal achieved. Politicians and eventually the main character, a Circle employee, are forced through public pressure to go clear. They are fitted with tiny cameras and microphones. Psychologies and society are transformed. It’s not a fun ride.
Inside-outside the government
When Colorado GOP Senate spokesman Paige tweeted about the government being untrustworthy, he drew heat. Tweeters found it ironic, hypocritical, inappropriate.
“Including govt employee tweeting for govt officials from govt account?” responded Charles Buchanan. “Usually when a caucus hires a PR ‘pro’ it’s to promote their vision for governance. @SeanPaige seems intent on tearing govt down.”
Paige is a free-marketer conservative who has long reveled in digging at the government. He didn’t say it, but he seemed to be getting at the fact that there is a difference between public- and private-sector cybersecurity disasters. No one is required to sign up for Ashley Madison services, but you have to pay your taxes, you have to share your personal health data with the state to get Medicaid or other Obamacare benefits. In the Information Age, where data wants to be free and hacktivist collectives and hacker criminals want to speed its way, it seems safe to assume we will all end up sitting ducks at one point or another.
But it’s also true that public-sector versus private-sector distinction matters less than maybe it should. Increasingly, the sectors mix. Google cloud services are integrated with government services around the country. Digital communications company Accela just entered a $14 million partnership with San Antonio to run its database and outreach services.
So who can be trusted to safeguard our data? Who will save us from being forced to go clear?
– john.tomasic@gmail.com


