The “IT War” and the problem with G.A.A.M.MS.

Thoughts on the current conflict in Europe*

· privacy,security,technology,GDPR etc

*This post is not a political statement in any way. It is purely the thoughts on the the technology aspect (it's not complete, as that is evolving daily, if not hourly).

Big Tech Helps?

Big tech and small tech have been enlisted by Ukraine to help wage an IT war on Russia. On the surface this sounds like a great idea. Google, Apple (Amazon?), Meta and, MS (G.A.A.M.MS.)s are imposing sanctions on their dealings with Russia. They are closing stores, and pulling services amid the ongoing tension. But, are they really as benevolent as they want to come across?

Apple is closing its stores in Russia, Meta is pulling [some of] its services, MS is stopping any ‘new’ sales in Russia and is working with Ukraine to beat back any cyberattacks from Russia. This sounds great. Until… 

Meta is a private company, as are all of these, and it continues to provide services to Russians, but not necessarily to the government (they are not running government sponsored ads or news feeds etc.), it is however, maintaining the links to Meta so that people can still interact (citizens, soldiers with their families etc.), because they are a private company and still want to make money. Let’s not forget that Zuckerberg has already threatened to pull Meta out of Europe if they don’t allow him to bypass (read ignore) GDPR. MS has also been fined under GDPR, as has Google. All of whom are assisting in working with Ukraine and others to impact the economy of a country by withholding services. Are they now using this opportunity to flex their collective muscle to demonstrate to the EU what would happen with the EU countries if they curtailed/withheld/limited their respective activities because of GDPR? 

I recently read an article on how a US cigarette brand changed their green logo to white during WWII, and spun it as their aid to the war effort (apparently the green colour the company used was produced using copper pigment, and since that was critical to the ‘war effort’ they would stop using it). As it turns out, that wasn’t true. The reason they did it was their female consumers didn’t like the green colour. And the action was planned much earlier, prior to WWII. The company simply used WWII as an excuse to make themselves look better and more patriotic. This is not necessarily a bad thing, my point here is that they were not being forthright in their underlying motive for the change.

Likewise, are these organisations doing this out of some altruistic motive? They are showing the world, their reach. But, like everything else, it’s a double-edged sword. Ukrainian refugees are being allowed into other countries without papers, and are being offered assistance (I will not go into the racist aspect of this behaviour when these same rules do not seem to apply as universally to those of different skin colours, or countries, Yemen, as an example), these refugees are essentially giving territory away to the Russians. When the conflict finally does stop, and it will, will those areas be given back to Ukraine, or will Russia annex them and keep them under the peace treaty so Putin can save face with his oligarchs and cabinet? Another question, what will happen to Zelensky? Will Russia/Putin allow him to continue to live?

The point amongst all this is that the companies that are helping Ukraine are not doing it, entirely, out of benevolence, they are doing it to show they can. They are subtly, or not, showing the EU what they can do, if the EU does not allow them to continue to do business the “American” way. None of which, by the way, is good for your privacy. 

Why is this an issue?

Let me start this section with this: without these organisations, much of the technology and seamless integration, communication etc. would not be possible. They have become integral to online life. However, there is always an however, these things come at a cost. In the US there are few, or complicated, privacy laws around what organisations can do with your personal data. Granted, through the EULA, you do give them certain rights to that data, but, the simple fact is, the data is your personal information. This is the heart of GDPR, and PIPEDA (the Canadian privacy legislation). You should have a bigger say in what is done with the data, for how long, and whether or not you want to allow an organisation to have all the data, a portion of it, or ultimately, none at all. All of these things should be at your control. This does not mean that organisations can not use the data they received from you, with your approval, it simply means that they should not be allowed to keep the data indefinitely, or use the data in any way that you do not agree with. This includes reselling your data, as well as the level of mining of your data. There is a reason, after all that they need your data, and much of it revolves around the end user experience.

All of that is fine, but it leaves out a crucial bit of information. It is there, it simply is something that no one wants to openly admit: they are not owners of your data, they are custodians of it. And, while there are specific do’s and don’ts around the data they can use, and what they can do with it, and what, more importantly, they have to disclose to you, in the end, they are still only custodians of your data.

This is where things like the above become an issue. GDPR, and similar legislations, are meant to protect both sides of the equation. By making sure how your data is treated and what you know, a level of transparency is there. The problem, really, is not that. The problem is that many organisations, despite their best efforts, have a problem with ongoing breaches. Who are the hardest hit? Healthcare and finance. These two sectors account for the most amount of breaches. We can speculate about the why, but that is not the point of our company. We work on the how, the where, the when and the what. In the end, our goal is to protect the data as best we can, and to mitigate the chance of a breach. 

This the part no one wants to hear, or admit: breaches will happen, despite anyones best efforts. However, there are ways to ensure minimal damage to the data, and to an organisations reputation. It really comes down to how the data is stored, how it is protected, and more importantly, education. I could go into far more detail here, but for many readers this is already enough. Let’s simply wrap this up this way, our technology allows the user a greater level of control, working in conjunction with the organisation. This means that the organisation will be complying with GDPR, and other legislations, while safeguarding your data as best as anyone can, at the moment.

Benefits for the organisation: Consumer Trust, compliance with GDPR (no fines), better secured data (fewer lawsuits), reduced damage when a breach occurs, reputation safeguarding

Benefits to the consumer: greater control over your data, if you want it, trust in the organisation, better privacy online.


All Posts

Almost done…

We just sent you an email. Please click the link in the email to confirm your subscription!