What the Ashley Madison breach means

In the most recent of what seems to be a blizzard of high-profile hacks, infidelity Web site Ashley Madison had the profile information of thousands of users seeking partners for extramarital affairs leaked by self-styled defenders of monogamy The Impact Team, which is demanding owner Avid Media shut down the Web site.

On the surface, it seems like the hack has a superficial footprint, affecting only a relatively small group of people. But there are layers to the danger, and Toronto lawyer Hugh Scher says the Internet is exposing individuals, enterprises and governments is ways we haven’t contemplated.

So what does the Ashley Madison hack mean?

CSOdigital ad

* To users who have been exposed, the impact is obvious. Personal data and financial transaction records have been released. And by the very nature of the community involved there’s great risk of families being wrenched apart. And there are roughly 39 million users who haven’t been exposed, but are obviously at risk. At least two suicides have been linked to the publication of the information, and Avid has offered a $500,000 reward for information that helps collar the hackers.

* To those on the outside looking in, there is still considerable significance to the hack, and they’re ominous when driven to the logical extreme. Of the profiles released by the group, about 2,000 profiles linked to federal and Ontario government e-mail addresses are included. Many of these could be falsified for the purpose of using the service, of course, but most employees aren’t that sophisticated.

These people—civil servants, teachers, peace officers, etc.—operate on sensitive systems that affect us daily. The exposure of profile data heightens the risk of intrusion by hackers with even more malevolent intent into government systems.

* We’ve seen hackers choose targets for national interests, military security, and political reasons. This is different. Whether it’s true or not, The Impact Group has stated its purpose to be the closure of a Web site it considers immoral, which opens up a whole new can of worms, says Scher. What is the role of hackers in enforcing morality?

* The legislative tools to prosecute such invasions of privacy are lacking, Scher says. Thought the right to privacy is enshrined within the Charter of Rights and Freedoms—and, some 400 years previously, common law—it’s largely a “freedom from” right, says Scher—freedom from interference, discrimination, and harassment, and it’s largely applicable in a government context. While privacy commissioners federal and provincial have been doing stalwart work, the Criminal Code doesn’t specifically address technology in a privacy or harassment context, Schur says.

But Schur points to encouraging signs from the east coast, where the province of Nova Scotia has introduced cyberbullying legislation in the wake of the tragic suicide of a 17-year-old girl after explicit pictures of her were posted online. “Causing significant distress” to a person through a campaign of online harassment is specifically addressed.

* Even where the legislative tools exist, enforcement can be difficult. On the Worldwide Web—which is still to a huge extent still the Wild Wild West—anonymity is an economical shield that’s expensive for law enforcement and the legal community to crack. Take defamation law, which clearly prohibits the publication of untrue content intended to harm the reputation of the victim. But if a restaurant receives a damning and clearly unwarranted anonymous review, Scher says, it can’t afford the legal costs of tracking down and prosecuting the authors. At the same time, though, “there’s a permanent record of those comments.”

Scher says the legal value framework and enforcement power is in adequate to deal with the unfolding world of cyber threats to privacy and freedom from harassment and intimidation. Moreover, the landscape is changing so quickly, it’s nearly impossible to keep up.

“We’re in an unprecedented evolution of information expansion, Scher says. And in a largely unregulated environment, simply applying those rights is challenging. Freedom of expression, and freedom of use of the Internet, are competing demands that challenge enforcement.

“It’s messy finding a balance between these human interests,” Scher says.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Dave Webb
Dave Webb
Dave Webb is a freelance editor and writer. A veteran journalist of more than 20 years' experience (15 of them in technology), he has held senior editorial positions with a number of technology publications. He was honoured with an Andersen Consulting Award for Excellence in Business Journalism in 2000, and several Canadian Online Publishing Awards as part of the ComputerWorld Canada team.

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now