The Strategy Bridge

View Original

Information as a Weapon: The Real Threat of Privacy & Data in 2015

“It is only the enlightened ruler and the wise general who will use the highest intelligence of the army for the purposes of spying, and thereby they achieve great results.” —Sun Tzu

War is won with information. This is no new phenomenon; since there has been war, there has been military intelligence, and generally, those with the most information have been the most successful. Protecting important information and learning about the enemy and his plans are imperative to winning war.

While information has always been used as a tool to acquire the upper hand in war, we do not generally think of it as a weapon itself. It seems however, that modern communications technology, and our reliance upon technological systems in every aspect of our daily lives could radically alter this paradigm.

At what scale would identity fraud need to be employed to paralyze our entire society?

There are many reasons why attacks like the one in June of 2015 by Chinese hackers to collect data on federal employees may have occurred, but one idea I have not seen considered is the use of private information as a tool to flood our system. The idea of having one’s identity stolen is scary to the individual at risk, but at what scale would identity fraud need to be employed to paralyze our entire society? Would the Social Security Numbers of four million people used fraudulently simultaneously be enough to overwhelm the safeguards we have in place to prevent and mitigate this risk? Would it take the information of 10 million individuals, 20 million, 50 million? I don’t know the tipping point, but it isn’t difficult for me to imagine identity theft committed on a scale big enough to bring society to a standstill and freeze our ability to function in the 21st century technology-dependent world we have created.

21st century warfare looks increasingly like this.

This idea may not be the goal of the Chinese hackers. In fact, such a plan may not be on their radar at all, but our digital footprint is everywhere, and our personal information can be retrieved fairly easily by hackers in China, Russia, North Korea, Iran, or even stateless actors.

In our post-Snowden public discussion about privacy, we have focused on the US government’s dragnet collection of our information, a trend that does indeed make me uncomfortable, although I can see the merits of the government’s rationale as well.

Whatever your level of comfort or mistrust with our government, I think there is an overemphasis on the US government when it comes to our privacy. The way I see it, a much bigger fear than the government spying on individual citizens through bulk data collection — I don’t dismiss this concern — is our private information being used as a megaweapon to paralyze society by derailing our daily routines.

It may be that such an idea is far-fetched or unrealistic, but one thing is for certain, if people with bad intentions want to obtain my personal information, they will be able to. In order to be fully integrated into the year 2015, we must have a fairly large — and likely growing — digital footprint. Some of this information may be collected insidiously, via spying, but we actively — if not consciously — forfeit much of our privacy when we expand our Twitter network, pay our friends for a meal with Venmo, or book a trip on Priceline. Activities such as these are part of everyday life in our society, and it is increasingly obvious that the information we share with a website is not very secure. What parts of our privacy we don’t voluntary cede with these actions are still readily available to people who know where and how to look.

Privacy as we once conceived of it is probably a thing of the past.

It seems inconceivable that the trend of incorporating technology into our daily lives and using it to ease facilitation of previously arduous tasks is going to reverse itself. Privacy as we once conceived of it is probably a thing of the past. The questions we must now address are how do we protect the information that comprises our digital footprint, and from whom?

There is a reason to question bulk collection of data by our government, but what frightens me about this trend is that clearly not even government servers — even classified ones — are truly safe and secure. Do I worry about my government spying on me? Potentially, yes. But I see a much greater potential threat in what may seem like a harmless heap of data. Now that our private information exists in bulk in the cloud, it can be accessed in bulk, and as such, could theoretically be employed as a weapon against our entire society.

It is foolish to think we can take advantage of technology to ease our daily lives and still guard our secrets in the same manner.

“Now the reason the enlightened prince and the wise general conquer the enemy whenever they move and their achievements surpass those of ordinary men is foreknowledge.” —Sun Tzu

The conversation about privacy, therefore, seems to be a bit misguided. Whether it is the government or another entity; your information, like mine, lives online. The greater the trend to centralize that data, whether to be analyzed by a government agency looking for terrorist threats or by Facebook looking for marketing strategies, the more at risk we are to having that information stolen and used against us — individually or as a society. Privacy has already undergone a profound paradigm shift, though we often fail to or refuse to recognize it. It is foolish to think we can take advantage of technology to ease our daily lives and still guard our secrets in the same manner.

When we worry about the government having access to our data in bulk, I think we are somewhat missing the broader point. If the American government can access our data on such a massive scale, so can many others — as proven by the June 2015 attacks, among many others. In fact, the government was collecting bulk phone data from private companies, companies whose secure servers are presumably less secure than the government’s own.

The trend we ought to be fighting is the centralized collection and indefinite storage of information. As long as we make our privacy vulnerable in such a manner we risk having it used against us.

The trend we ought to be fighting is the centralized collection and indefinite storage of information. As long as we make our privacy vulnerable in such a manner we risk having it used against us. Perhaps you still fear an over intrusive government more than the potential of a crippling attack of identity fraud, but the same trend makes both of these fears tenable, and it is that underlying trend of collecting and centralizing as much information about ourselves as possible that makes the use of information as a weapon increasingly likely.


Will Staton is the Assistant Director of Talent for Democracy Prep Public Schools in New York City. Formerly a history teacher, as well as a religious studies and history major, Will remains passionate about international affairs. When he’s not traveling the country to deliver career readiness professional development, Will reads and writes about a variety of personal and political topics. The opinions expressed are those of the author and do not represent the official position of the Department of Defense or the U.S. Government.


Have a response or an idea for your own article? Follow the logo below, and you too can contribute to The Bridge:

Enjoy what you just read? Please help spread the word to new readers by sharing it on social media.