Quill and Quire

REVIEWS

« Back to
Book Reviews

Database Nation: The Death of Privacy in the 21st Century

by Simson Garfinkel

The Hundredth Window: Protecting Your Privacy and Security in the Age of the Internet

by Charles Jennings and Lori Fena

Cybershock: Surviving Hackers, Phreakers, Identity Thieves, Internet Terrorists and Weapons of Mass Disruption

by Winn Schwartau

Back in the old days before the Web was born, sometime around 1985, a Toronto computer dealer set up an online bulletin board. It was a modest affair that enabled his customers to post messages and download public domain software. Soon after, his system was attacked by an unknown hacker who damaged it so badly he had to shut down the service.

“Anything created by people can be destroyed by other people,” he told me sadly. That tragic sentiment has resonated with me ever since. And 15 years later, it still applies to the growing issue of “digital security.”

Even the most cursory scan of recent headlines confirms this disturbing trend. The “I Love You” virus circled the globe this spring, causing up to $8-billion (U.S.) in damages. In May it was discovered that the Canadian government was keeping a secret file on every citizen; Ottawa pulled the plug on the database after a massive outcry. And a British documentary aired in July revealed that NASA suffered half a million cyberattacks in the past year alone.

The list is long, and every item underscores the sad truth of that computer dealer’s experience: any network built, any tool developed, any system conceived by people can be warped, misused, and attacked by other people.

Three recently published titles provide a wake-up call on these important issues of protecting individual, civic, and commercial security and privacy in today’s highly wired world.

The Hundredth Window: Protecting Your Privacy and Security in the Age of the Internet is the calmest of the three. This book will appeal to a broad, general readership, since it provides a good balance of insight into the issues and practical recommendations on how to deal with them. Both co-authors have solid credentials. Charles Jennings is co-founder of the Web privacy watchdog TRUSTe, and Lori Fena is chairman of the advocacy group the Electronic Frontier Foundation. Both also have a vested interest in seeing the networked world expand, though they are not blind to the issues.

In legal terms, “privacy” means the right to be left alone. In this highly networked era, it means the right to control who knows what about our lives. It’s a right we can’t take for granted, the authors tell us, or expect businesses or governments to automatically protect. Digital privacy is a new skill we must develop for our private lives, a core competency that our organizations must learn to stay competitive, and a demand we must impress on the businesses we deal with.

The book’s title refers to the parable of a stone villa whose walls contain 100 doors and windows. No matter how vigilant the owner, one of those windows will eventually pop open, or be left open by a servant, or be pried open by a thief. Today, many of these windows have been deliberately left open in the design of our operating systems and networks, simply to help our machines communicate. The message is that everyone is vulnerable.

From this starting point, this clear-headed volume examines the past, present, and possible future evolution of the Net. There are many shocking revelations about just how much personal information is being collected about our lives every day, especially as we merrily click our way around the Web. But the authors feel we’ve done well in the past 50 years to avoid the dystopias of George Orwell’s 1984 and Aldous Huxley’s Brave New World.

Our challenge in the next 50 will involve new technologies like personal genetic coding, automatic facial recognition, and high-resolution sky-cams. The authors remain optimistic that a combination of individual vigilance, more sophisticated technology, and occasional sabre-rattling from government will help us find the proper course.

Each chapter provides helpful, family-oriented tips, with web sites to visit to discover more. Parents especially will appreciate the material on safe computing, and tips on what to expect and demand from your children at different ages. And the back of the book provides a generous array of appendixes, notes, sources, a 15-page glossary, and an index.

In Database Nation: The Death of Privacy in the 21st Century, author Simson Garfinkel is angrier and more outraged than Jennings and Fena, less trusting of market and government forces to lead us out of the nightmare he foresees, and more willing to indict a whole sector of the economy. “The future we’re rushing towards isn’t one where our every move is watched and recorded by some all-knowing Big Brother,” he warns, but “a future of a hundred kid brothers that constantly watch and interrupt our daily lives.”

Among the dangers he covers are the end of due process, the fallibility of biometrics, the systematic electronic capture of everyday routines, the misuse of medical records, out-of-control marketing, overintelligent computers, and of course, personal information dished up as a commodity.

To flesh out all of these concerns, Garfinkel recounts horror stories of people unjustly losing their credit rating, having their identity stolen and thousands of dollars of purchases made in their name, or receiving torrents of junk mail addressed to a dead parent.

Just as he scrutinizes the present and peers into the future, Garfinkel looks into the past, reaching back to the U.S. census problems of the late 1800s, and the invention of the tabulating machines, from which sprang mighty IBM.

Database Nation is intensely researched and closely argued, complete with rigorous footnotes, an annotated bibliography, and a thorough index. Even the illustrations are carefully credited. It’s refreshing to see a book about an important high-technology issue maintain such high standards of scholarship, and not slip into the kind of insipid, opinionated rant that passes for journalism in many cyber-boosting magazines and web sites. Garfinkel’s stated goal is to serve as a kind of Silent Spring to spearhead the digital privacy movement, the same way Rachel Carson’s 1962 book was a call-to-arms for the fledgling environmental movement. I hope he succeeds.

As its title suggests, Cybershock: Surviving Hackers, Phreakers, Identity Thieves, Internet Terrorists and Weapons of Mass Disruption takes a half-bemused, half-serious tone. Author Winn Schwartau is a respected computer security consultant who coined the phrase “information warfare” and has written many technical books and articles. For years, he’s worked both sides of the street, as a computer security consultant and a regular fixture at hackers’ conventions.

His book is funnier, more anecdotal, and ultimately more entertaining than the other two, with a lighter, more conversational style. More than once, he even tips his hat to Hunter S. Thompson and his drug-addled gonzo journalism. Along the way, Cybershock delves deeper into the shadowy world of hacker culture and government security than the other two titles. Describing everything from hackers breaking into cell phone calls in Las Vegas to a politically inspired attack on the Pentagon, this guided tour is always entertaining, and sometimes enlightening.

Illustrations, lots of web sites to check out, and frequent asides from the author break up the chapters into digestible morsels. And the text is punctuated by the occasional zinger, like the story of Schwartau’s cousin, a well-to-do retiree whose identity was stolen by Internet thieves who went on a $350,000 (U.S.) shopping spree for cars, jewellery, and other goodies. Blindsided by hackers and hounded by creditors, he succumbed to a fatal heart attack. “And it could happen to you!” warns the author, finger wagging.

At 470 pages, this book is probably too long for any reader seeking a quick overview and a simple checklist of things to do to safeguard their computers, their credit, or their lives. Schwartau is clearly a man with a message. But his message in this volume is aimed more at computer industry insiders and corporate IT types than at casual PC users. Even though it won’t be accessible to everyone, Cybershock still provides a rewarding read for the more technically inclined.

All three titles take an American focus, discussing recent bills passed by Congress and the like. For Canadian content, readers may want to start with Privcom.gc.ca, the well-designed web site for the Privacy Commissioner of Canada, which includes annual reports, speeches, and links to other sites that lay out a Canadian perspective on the issue.