Establishing Digital Trust: Don't Sacrifice Security for Convenience
Think the furor over WikiLeaks is dying down? Its just getting started, folks.
Regardless of how this mess ends up, WikiLeaks has provided everyone some lessons in how the business world and the web continue to evolve. Even if your company doesnt trade in secret memos about assassinations and the like, WikiLeaks has something to teach you. Here are nine lessons from the most talked-about website of 2010 and probably 2011, too.
- Information really wants to be free. Think about this: It took over two years for the Watergate mystery to unravel and for Nixon to resign. Today that kind of hush-hush news would last about a week. Thats because the Internet has made secrets virtually impossible to keep. Not only is information easier to come by, people have gotten more curious, spoon-fed a steady diet of gossip from the teats of Perez Hilton and Matt Drudge. No doubt politicians would love to suppress all of this, but they simply cant. As every celebrity with a sex tape knows: If you want to make something go viral, simply try to get it suppressed. Even if you do manage to shut one source down, a mirror (or ten) will pop up in its place, making matters worse.
- Crowdsourcing works. In its first few years, Wikipedia seemed to prove that crowdsourcing was the future until the website became the hostage of a small cadre of paranoid and power-mad editors who ensured that only a small minority of veteran users ever got to hold on to the reins on the site, souring the tech community on the virtues of the anyone-can-edit model. WikiLeaks proved that the idea still has merit, provided you have a smaller number of rabidly fanatical users. Rememeber: No one involved with site is compensated at all.
- Oppression (or anything else) is a state of mind. WikiLeaks original goal was exposing oppressive regimes in Asia, the former Soviet bloc, Sub-Saharan Africa and the Middle East, but it wasnt until actions closer to the West started to be exposed that WikiLeaks really took off. The business takeaway is this: You need to be ready to float with the current to see where your customers or users take you, even if its not what you originally had in mind. You may have a lot of thoughts about how you think your businesss service should be used. Your users may have other and better ideas.
- Your business partners arent your friends. WikiLeaks used Amazon to host its data and PayPal to collect donations in order to keep operations up and running. In late 2010 both companies kicked WikiLeaks to the door concerned about legal fallout, of course leaving WikiLeaks homeless and without an income source. Fans of the site cried foul, but ultimately there wasnt much to be done: Both companies were pretty much within their rights to cancel contracts at any time; its right there in the terms of service. Such are the perils of doing business in the cloud. Understand what youre getting into before you commit to a provider.
- There are no originals any more, only infinite copies. After (one of the times when) WikiLeaks was shut down, it didnt take long for regulators and investigators to start going after mirrors next. It didnt matter that the mirrors werent the original recipients of the leaked documents and couldnt possibly have told anyone who provided them the information was seen as equally criminal. Much like someone who buys a stolen computer, on todays web youre just as guilty as the original source, even if youre just making copies.
- They will go after your users too. When the U.S. government investigation into WikiLeaks kicked into high gear, the feds went after Twitter, reportedly subpoenaing information from the main WikiLeaks Twitter account plus info from various WikiLeaks volunteers and unaffiliated users who supported the site. Who knows how many people could get wrapped up in the witch hunt, but email records, social networking profiles, and even shopping histories could ultimately come under legal scrutiny. Even if your company doesnt have anything to do with WikiLeaks, you could eventually get drawn into it as investigators build a case. How would you respond to a subpoena? And what kind of message would handing data over to investigators send to your customers?
- Always have a Plan B (and C, D, etc.). WikiLeaks has been up and down more times than anyone can count and has even been delisted from various DNS systems but it always comes back. Why? Because the organization has a deep list of alternatives on tap that keep it up and running. When one web host balks, the site finds another usually closer and closer to the third world. WikiLeaks didnt invent this idea, of course. It stole this strategy from another notorious website that has also proven infinitely resilient despite endless attempts to shut it down: The Pirate Bay.
- You cant beat Facebook. Julian Assange lost Times Man of the Year slot to another notorious nerd: Mark Zuckerberg, who even had a movie made about his exploits. Perhaps well soon be preordering tickets to Assanges biopic: The Antisocial Network.
- Always have an escape plan. Probably Europe.
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.