The data breach over the weekend of celebrity cloud accounts, currently attributed to a combination of weak security safeguards by Apple’s iCloud and lack of real security concern by the victims. While most of the coverage about this hack/leak/theft has talked about the former, I’d like to focus this post on the latter.
Let’s start the conversation off with a quote from one of the most vocal of the journalists who are blaming the women, Nick Bilton. His advice to celebrities: “Don’t take nude selfies.” Even if you agree with his victim-blaming stance (and I don’t) let’s take a look at how easy it really is for the victim, famous or not, to avoid a similar theft.
Put together a list of tips for celebs after latest leaks: 1. Don’t take nude selfies 2. Don’t take nude selfies 3. Don’t take nude selfies
— Nick Bilton (@nickbilton) September 1, 2014
Step 1: taking the photo.
Analog photography is pretty much gone and consumers who still use film probably also have a personal darkroom to develop it, so don’t tell me that’s the way to keep photos private (it is, but it’s irrelevant.) More importantly, in digital photography, consumers have two options:
Point-and-shoot and DSLR cameras. These offer generally better quality photos but little or no connectivity, especially not to social networks.
Mobile phones, always on, always connected and the quality isn’t that bad, either.
So what are consumers really using to take photos today? Flickr, a photo-sharing community, driven by quality, says the 4 most popular cameras used by the community are different iPhone models, with only the fifth entry being a DSLR. This data is from Flickr, a community focused on quality. If Instagram, Facebook and Twitter offered such statistics I’m positive the percentage of photos taken by mobile phones would be close, if not equal to, 100%. Anecdotal evidence supports this: at tourist locations around San Francisco and on my recent vacation I rarely see people pulling out their big DSLRs any more, or even smaller point-and-shoot models. Instead, I see people taking photos with phones of every model and occasionally even tablets, as unwieldy as they are!
In short: consumers are taking photos digitally and with their phone. But you knew that already, so let’s move on.
Step 2: saving the photo.
Here’s something that mobile phones do really well: backup. They’re always connected and since online accounts are required for Android, Apple and Microsoft phones, there is always a place in the cloud where these photos are stored. In fact, backing photos is so easy, it’s automatic and fast. Really fast. It’s so fast that I occasionally find myself surprised that photos that I immediately deleted from my phone after taking them were backed up in that second I hesitated. I’m not complaining, I rather like this feature. I have had to change my phone twice in the last year alone and I’m grateful that all the photos on those two phones are backed up.
However, Android (and I assume Apple devices as well) automatically turns on the photo backup. It is not easy to realize that this is happening and to turn it off as it is hidden in the Google+ application settings. And again, why would users want to? Automatic backup is a good thing.
Finally, and this is perhaps my biggest peeve with this entire “blame-the-user” argument that has sprung up around this theft, users are constantly and relentlessly being extorted to release just a little bit more of their privacy. They’re being asked for additional permissions every time they install an app and when they update old ones. Just give us just a little bit more of your information, ask the apps, in a not always clear manner.
Just recently I noticed that Android’s camera application asks you to please, share your location the first time you open it after an update. When launching the app for the first time, users are presented with a splash screen with the “Tag your photos and videos with the locations where they are taken” option pre-checked. The user only has to click the big, blue “Next” button and voila, location will be saved with photos and other applications can use that location. If the user is in a bit of a hurry, trying to capture a moment a la Cartier Bresson, they might not notice that pre-checked option and unknowingly add location to their photos. And not knowing it’s turned on means they won’t try to turn it off.
Apple, Google, app developers: don’t blame the users for using the products as you intended them to be used, whether to collect more personal information or to benefit the user. It’s wrong to chastise users for using the features you enticed them to use. Try to be clearer about privacy and data collection and make sure users are aware that these features are turned on and where they can be controlled. Think about asking for less personal data and making that collection off by default, not on.
And again, don’t blame the users.