The end of January sees the commencement of Data Privacy Week (this runs January 22nd to the 28th). The 2023 event provides an opportunity to consider the implications of privacy in social media and how it relates to authentication.
Against the backdrop of an evolving regulatory landscape, as well as the influx of artificial intelligence, into businesses practices, it is important to understand how these factors impact upon data privacy.
To gain an insight, Digital Journal caught up with Eve Maler, ForgeRock CTO and former Forrester analyst. Maler is keen to establish a clearer, more effective consent processes to respect privacy.
Maler considers how AI is impacting the control and passage of data, noting “This Data Privacy Week, it’s critical to pay close attention to the increased use of artificial intelligence (AI) in the age of social media.”
In particular: “Consumer-accessible AI is increasingly making its way into popular social media sharing applications. For instance, enhancing self-portraits with AI to then share with followers on social media is the latest trend in photo editing applications.”
There are implications here, which Maler draws out: “However, in doing so, consumers are handing over biometrically-significant data – a dozen or more photos of your face – to an unknown third party. The service’s privacy policy, security protections, AI model particularities, and trustworthiness gain new importance in light of the need to share so much data.”
Biometrics have special requirements when it comes to keeping personal data safe and secure.
Acknowledging this, Maler explains: “Service providers need to make ethical management of biometric data a guiding principle. Pay special attention to meaningful user consent and to oversight of data management. Performing facial recognition also exposes the service to a wealth of derivable personal data, such as age, gender, ethnicity, and health. Decentralized device-based storage of biometric data is always safest.”
In terms of other important privacy issues, as well as a practical measure that consumers can adopt, Maler adds: “Data Privacy Week marks an ideal time to revisit and reprioritize authentication, to help protect consumers’ personal information. The two most concerning authentication practices in wide use today are passwords and SMS one-time passwords – the risks rapidly outweigh the benefits.”
In terms of a warning, Maler states: “Bad actors have perfected their game, with 4.7B U.S. data records compromised in 2021, a 37 percent increase over 2020. The king of attack vectors is unauthorized access, the class of methods used to perpetrate fully 50 percent of 2021’s data breaches. Quite often, password sharing, stealing, or guessing is at the root of this method.”