Editor’s Note: Jeff Yang is a columnist for The Wall Street Journal Online and contributes frequently to radio shows, including Public Radio International’s “The Takeaway” and WNYC’s “The Brian Lehrer Show.” He is the co-author of “I Am Jackie Chan: My Life in Action” and editor of the graphic novel anthologies “Secret Identities” and “Shattered.” The opinions expressed in this commentary are solely those of the author.
The massive hack of Ashley Madison by Impact Team may be an extinction-level event for privacy as we know it
Jeff Yang: Given how easy it is to get people's personal data, when are we going to care about privacy?
Scientists theorize that about 65 million years ago, a huge asteroid smashed into our planet, causing vast waves to course across the oceans, igniting runaway wildfires and sending plumes of ash into the air that blotted out the sun, bringing on an endless winter. The result of this event — Jurassic World notwithstanding — was the extinction of the dinosaurs, and the end of one of the most vibrant and exotic species of life on Earth.
Well, if you’ll excuse the metaphor, the massive hack of the online adultery marketplace Ashley Madison by the aptly named Impact Team may be an extinction-level event for privacy as we know it.
The initial consequences were bad enough. Once the names were exposed to the world, it was revealed that thousands of public figures were among its paid members, including disgraced reality TV star and conservative family values icon Josh Duggar.
But the ripple effects of the breach are likely to be far greater. That’s because in the wake of the hack, enterprising coders created online tools that allowed anyone to search their network of email addresses to check if their friends, family, partners and spouses used the website.
These tools turned a laborious search focused initially on celebrities into a simple process implicating individual private citizens. The most notorious of these engines — now voluntarily shut down by its creator — gave people the ability to automatically compare their Gmail contact lists to the website’s database, to instantly see if anyone they corresponded with by email was an Ashley Madison subscriber.
Using this tool, one of my friends was horrified to discover her brother-in-law’s email in the database. “This is horrible!” she said. “I have to assume it’s a mistake. I mean, talk about something you don’t want to know.” Another of my friends discovered over 200 matches among her contacts — “and I’m not surprised about any of them,” she snarked. I’ve since received a number of “pre-emptive strike” messages from people who saw my posts about the search tools and sought to warn me that their email addresses might come up because of periods of their lives in which they exercised “poor judgment.”
It’s likely that the fires this has sparked will run unabated for months, continuing to end relationships and destroy lives in the process. Divorce lawyers are celebrating like it’s Christmas, and there have already been unconfirmed reports of several suicides by people implicated in the leak.
And yet, it’s the long-range results of this privacy assault that will change our lives the most.
Because the Ashley Madison debacle has brought data invasion to the masses and crowdsourced it. It’s no longer faceless corporations, famous figures or powerful government institutions whose privacy has been assaulted. Most of the millions of Ashley Madison members are ordinary people, engaged in a shady but absolutely legal (and apparently, commonplace) activity. And the subsequent rapid deployment of publicly available tools that allow not just the media, but everyday individuals, to search for their own names or those of others, has established what will inevitably become a pattern.
The Ashley Madison hackers will inspire copycats. This time, the victims were wannabe cheaters. Next time, the target might be one that inspires less prurient schadenfreude: Rehab centers, churches, foundations, political campaigns – or Planned Parenthood.
After the Ashley Madison hack, we have to adapt to what is essentially a post-privacy world. It’s survivable, if you’re not a digital dinosaur.
Take a lesson from the creatures that survived the Cretacean cataclysm. They were small and nimble, with tiny footprints; they burrowed deeply underground, or climbed high up in the trees — open and exposed, yet ready to take immediate flight at the first sign of trouble. Because everything you ever said, did or shared potentially could become public.
And if you happen to feel a sharp, sudden chill spreading across the digital landscape, it’s nothing that security experts haven’t been predicting for years. So when are you going to care about privacy?