Next EU Commissioner Responsible For Internet Says Celebrities Storing Nude Pictures Online Are 'Stupid'
from the blaming-the-victims dept
We recently wrote about the hearing of Cecilia Malmström, likely to be the next trade commissioner for the European Union. On the same day, Günther Oettinger, the candidate for the post responsible for “digital economy and society,” was also quizzed by members of the European Parliament. His replies were mostly pretty staid — previously, he was the energy commissioner, and seemed more at home among gas and oil pipes than the series of tubes that go to make up the Internet — but one comment has drawn much criticism, as the Guardian reports here:
Former EU energy commissioner Günther Oettinger, 61, is used to accusations that he is more digitally naïve than digitally native by now. But at a hearing in front of the European parliament, the EU?s next commissioner designate for digital economy and society raised some serious questions about his suitability.
During a three-hour grilling by MEPs in Brussels, Oettinger said it would not be his job to protect stars “stupid enough to take a nude photo of themselves and put it online? — seemingly unaware that the recent leak of celebrities? nude photographs had come about as a result of a targeted hacking attack.
Julia Reda, the Pirate Party’s representative in the European Parliament, wrote a fiery post pointing out why that comment was so wrong:
Let’s recap the incident he’s referring to: Recently, private photos of female celebrities were published against their will. Far from what Oettinger is suggesting, they didn’t “put the photos online”. The most likely sources of the photos were cloud-based phone backups. The women might not even have been aware of the backups’ existence, since they are created automatically in the background on many phones. It appears that attackers were able to break their encryption due to security failures, like a service allowing an unlimited number of different passwords to be tried out in rapid succession or granting access after posing “security questions” with guessable or obtainable answers. One of the victims was underage when the published photos were taken.
If you manage to look beyond the tabloid celebrity/sex angle, the statement is unbelievable: The person applying to be in charge of shoring up trust in the internet so that Europeans do more business online just victim-blamed people whose personal data was accessed and spread without authorization. He placed the moral blame for that crime squarely on the victims rather than the perpetrators.
Although that incident caught people’s attention, there were plenty of other things to be worried about in Oettinger’s replies. Aside from an evident lack of familiarity with the digital world — something that can be rectified, one hopes, given time and good advisers — there were indications that he is likely to see the Internet through an industrial prism, with its users little more than passive consumers of products sold by online businesses. Here, for example, is Euractiv’s translation of his reply to a question about the major reform of copyright in the EU, which is one of the key tasks facing him if he is appointed:
“I stand for reliable protection of copyright,” Oettinger said.
“We must adequately protect the creator, so these creators will still exist tomorrow. On the other hand, users in the digital world are interested in gaining access to all cultural products.” This requires finding a delicate balance, Oettinger said.
“I will commit to working on a draft law, finding a balance for European copyright law in the context of the digital world,” the Commissioner designate said.
Pretty generic stuff, with no hint that Internet users might themselves be creators of materials that they are happy to share, without needing to worry about “protection.” That suggests Oettinger’s idea of “balance” is likely to be skewed heavily in favor of the copyright industry. In other words, a rare opportunity to move on the debate about copyright in the digital world by looking at things from a fresh viewpoint, and trying out some new ideas, has almost certainly been squandered.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Filed Under: celebrities, eu, gunther oettinger, internet, julia reda, nudes
Comments on “Next EU Commissioner Responsible For Internet Says Celebrities Storing Nude Pictures Online Are 'Stupid'”
So where is "the cloud" ?
“they didn’t “put the photos online”. The most likely sources of the photos were cloud-based phone backups”
So where are those cloud-based backups, if not “online” ?
Granted, it’s true that they “might not even have been aware” that they were there (and hopefully needless to say that whoever managed to access them there is very much in the wrong here).
Re: So where is "the cloud" ?
“online” is commonly used to mean “accessible by others”.
Are the files on my home network “online”? They are accessible within my family.
Are the files on my private server “online”? They are on a virtual private server, which is in a datacenter somewhere.
Re: Re: So where is "the cloud" ?
I would say that if the files can be reached via the Internet they are on-line, and you are relying on fallible security to keep them private. The risk of a compromise goes up with the degree of fame a person has.
Re: Re: So where is "the cloud" ?
My Internet accessible bank account is termed “on-line banking”. I certainly hope it is not accessible to others. I would use the term “on-line” to mean anything accessible via the Internet despite whatever levels of security exist to block general access.
What Julia Reda calls victims, I call negligent individuals.
If Car A and Car B got in a wreck, and the driver of Car B was unquestionably at fault in the collision, and the driver of Car A ended up dead or severely injured because they were not wearing their seat belt, and it appears that they almost certainly would have been safe if they’d been wearing a seat belt, would you call it “victim-blaming” to point out this fact?
If not, what is the difference?
Re: Re:
I think this shows clearly that we like to treat our Hollywood actors better than citizens.
Their stole nude fucking photos is bigger news that the federal exchange hacking. People are FORCED to participate in government affairs, no one was forced to store their nakes ass online… unless you go through he airport.
Re: Re: Re:
It’s a sad world we live in, educating the kids of today and putting them through tests of character – yet we have multi-billion dollar industries aimed at celebrating the idiosyncrasies, idiocies and immaturity of a select few.
Re: Re: Re:
The real problem here as I see it:
– Everyone is outraged about the hacking and “violating” these women.
– No one is concerned about the fuckin’ vulnerability the “hacker” used – namely no protection against brute-force attacks – that apple knew about and choose to do nothing.
I’m glad in some way this happened, because if some poor chap did the right thing and reported this with proof, he’d be in prison now, and apple would not got the publicity it deserved.
Remember, embarrassing pictures are the least valuable commodity you can stole. It could be bank account details. Contact lists, blackmail material, etc.
Re: Re:
The difference here, is that Driver A knew about the seat belt and decided not to use it.
Not everybody has the mind or the means to figure out that their phone is automatically backing up all your shit, thus also placing it at risk. And even then you’d need to suspect that Apple fucked up the security around their iCloud in such a way that your shit was at risk.
A better comparison would be that Driver A had his seat belt on, but that it was torn in a place out of sight. He dies due to a faulty seat belt, but could have prevented it by inspecting the car meticulously before driving.
Re: Re: Re:
Yes. I’m all for RTFM, but that relies on the information in question being in the FM. And it’s very likely that it didn’t say that pictures would be backed up to the cloud by default, nor that they’d be stored unencrypted on an insecure server, nor that they’d remain there if you deleted them from your phone.
Re: Re: Re: Re:
I… I don’t think you understood my reply.
To sum up: I agree with you agreeing with me.
Re: Re:
For everyone who blames the hacker I ask; “Do you want your utilities(power grid) to be on-line? Why not?”
Re: Re: Re:
For everyone who blames the hacker I ask; “Do you want your utilities(power grid) to be on-line? Why not?”
How does that make the hacker blameless?
He sounds perfect for the job
And seemingly unaware? his response sounds more like he was perfectly up to date on how these things work.
Puting photos you don’t want the world see online (automated backups doubly so) is a bad idea and doing so whilst being a person of interest just makes the inevitable occur promptly.
Though his statements on copyright are about as bad as you’d expect.
So expecting common sense from people is now victim blaming?
Also this pirate party lady should know that cloud based backups are online. Perhaps she thinks they get stored in the sky?(Progressive or not stupid politician is stupid politician)
Also too much privilege, sexism, etc in this lady’s article.
Probably the fault of evil males again.
Old news time to move on
there are more important issues than people not knowing how the cloud works
do not want nude photos out in the wild then use a camera without cloud backups duh!!
Copyright
Someone stole and disseminated said photos in violation of the owner’s copyrights as the original creators of said photos… he seems to care about copyright in a selective manor.
Re: Copyright
This data was entrusted to a corporation. The ultimate responsibility lies with the corporation that failed to protect the data of it’s customers. Unlike some stupid starlet, the likes of Apple Corp are actually supposed to know what they are doing.
They chose to become responsible for the data of their end users.
It’s not cool to break into an online cloud and swipe what isn’t yours, but at the same time I’m not sure I understand what would make people want to take nude pictures of themselves in the first place. I can understand if you’re a porn star and getting paid for it, but… yeah, this is a thoroughly gray situation for me that both sides should learn from.
Re: Re:
2. meh, it’s not ‘unnatural’ (especially when you are young and good looking) to be interested in your own body, how it ‘stacks up’ (no pun intended) against others, and to ‘show it off’ to your intimate friends, lovers…
3. BUT, i do see your point, it is WEIRD to see SO MANY obsessed with this shit; but then i don’t ‘get’ all the twitter, instagram, facebook crap: do ANY of those people have a REAL job ? ? ? who has time for time-wasting nonsense like that, except for otherwise useless members of society…
Too many people are naive about the privacy of what they put on a computer. This even after hearing about the break ins at large chain stores and governmental offices.
A simple rule of thumb is that you don’t put on your computer that which you don’t want your worst enemy, or the government to find.
I am not a cracker, but I did some time setting up a 500 node ethernet system. A fellow administrator, in an armed service no less, bet me I couldn’t break into his system. A half hour later I had his password along with 3/4 of those of his staff. Done with kiddie scripts available all over the net. He hadn’t even changed the admin’s default password.
If you are going to use a device, you learn just how dangerous it is. Cars, guns, chainsaws, knives, axes, et al, are dangerous. We treat them with respect (at least without imbibing 5 shots of Tequila. Use of computers should command at least as much regard.
Re: Re:
does your friend even password?!?
I guess not since the default was still there.
Re: Re:
Yeah, that’s why Julia Reda’s response rubs me the wrong way. It overplays the victimhood card and implies that people should not have to take steps to educate themselves about the technology they rely on every day.
Course, she’s also directing those remarks toward a person who SHOULD be focusing on protecting people from these incidents, but it still sounds like no one on either side wants to takes responsibility for their actions.
He is right, though. Those people were stupid to put nude pictures of themselves online. If they put them on some phone backup service, they were stupid to assume perfect security. If their phones did it automatically, they were stupid to take nude pictures of themselves with a device who’s function they know nothing about.
It is stupid to take nude photos in the first place but since adults have the right to do it and share the images their privacy should still be protected with better encryption. Also the user should be better educated on what exactly he or she is doing with a device before it is used.
Re: Re:
“Also the user should be better educated on what exactly he or she is doing with a device before it is used.”
I submit that if you are taking nude pictures of yourself with a device you know nothing about and using services you know nothing about that it is your own responsibility to educate yourself about these services.
It would be different if cloud storage was a hidden feature, but if by now you don’t know about iCloud it’s because you don’t care, and when your ignorance bites you it is no ones fault but your own. Again provided the information was not hidden or excessively technical/difficult to obtain, and you are provided with the option to opt out.
With iCloud the situation is neither. This is the equivalent of taking nude photographs and then storing them in a P.O. Box somewhere. If the box is broken into then sure, it may mean that the post office failed in their responsibility to protect your private mailbox, but the resulting shame and embarrassment from your nude pictures being released is your fault for storing such sensitive information in a known location with few security protections.
But it's more than just "Nude Pictures"
It seems that most of the victims are actresses who have posed nude before, which would presumably blunt any embarrassment of being seen naked, which is pretty much a requirement for anyone young and female trying to make a living in Hollywood these days.
But these pictures are worse than that. The odd thing is that more than a few of them are filming themselves in a bathroom mirror with a camera in one hand while masturbating with the other hand. Excuse me for living under a rock, but is this some sort of recent craze or something? For one thing, it just seems like a bathroom (no less a messy one filled with personal-hygiene and cosmetic clutter) would be the last place anyone would want to have their likeness captured, nude or not.
But yes, people who are surprised that any personal content of any kind could ever possibly end up in unfriendly hands are naive, if not stupid. Celebrities should be the last ones on the planet to ever expect privacy.
And anyway, the NSA already has *everything* sent over the internet.
He is right, though.
Example.
I know the combination to a safe.
I tell that combination to a third party, leave for a few hours, then come back to find the safe open and stuff stolen.
The person who took the items is at fault for stealing them; I, however, am at fault for being a fucking idiot and telling someone the combination.
That was the first smart sentence he has ever uttered.
Here is the thing, putting something “in the cloud”, that you might be embarrassed from, is at your own risk. You give up sole control over that material to the provider of whichever service you use. That means you are at the mercy of the security mechanisms and intentions of that provider. Normally that is not that much of an issue, but there is never a certainty that your data is safe. The only way to be reasonably sure that embarrassing material won’t get published is to keep in on your own hardware. The moment it is on a service that is accessible over the internet, it is just a leak waiting to happen.
Oettinger is wrong in that governments do have a responsibility to ensure the average person is informed enough about the handling of their personal data to make good decisions about their privacy. Apple encourages their customers to not worry, or even think, about how they use their iWhatever. So, as part of providing a “seamless experience” they tend to hide, or at least not point out, that backups to the cloud are done automatically by default. They made a major security error in allowing unlimited attempts to logon via their “find my iPhone” service. In this case, the users still could have come up with a secure password, one that still could not be discovered despite millions or billions of guesses. I wouldn’t call a victim stupid, nor would I blame them for being a victim. Given that, if someone really wants their nude picture to be private they should know they can take steps to guarantee that. Users are not helpless when they can use cryptography themselves and disable functions that defeat such security.
The role of a government is in creating incentives, regulations or otherwise, for companies to inform their customers about the handling of personal data. I’m not sure I can expect that anytime soon given that many governments want all your data to be available to the government itself. So, here is my advice to celebrities. Stop using your smartphone to take risque pictures. Use a dedicated digital camera instead (you can afford it) and download those photos only to your computer. If you want to send it to someone, use encrypted email.
Re: Re:
Oettinger is wrong in that governments do have a responsibility to ensure the average person is informed enough about the handling of their personal data to make good decisions about their privacy.
An interest maybe, but I would say the responsibility for being informed lies with the individual, not the government.
Stupid Is, Stupid Does
The proliferation of data storage capacity with terabytes of storage space built into smaller, portable and less expensive flash drives which are readily available to most users negates the need to store data with some entities cloud computing services.
Whenever you store data remotely you open your data up to be exploited by both criminals and government.
I agree people taking nude photos are stupid to put them online.
The commissioner got it exactly right.
Anyone who takes private nude pictures of themselves and then hands them to a third party for safe keeping has started a chain of events that is very likely to end badly.
The stupidity started at taking the nude pics to start with. Handing them to a third party is like a +19 on a D20, you almost are certain to roll the extreme.
Re: Re:
While I think “stupid” is a bit harsh a word for the taking of the pictures, I agree that it was neglectful, if not outright stupid, to allow their pictures to be stored online by a third party. And while they may not have known that the backups were occurring, so what? They knew their phones were internet connected devices. So the same rules still apply, don’t put anything on the internet (or an internet connected device) that you wouldn’t want everyone to see.
I’ll be damned, I just agreed with Whatever on something. Wonders never cease.
Celebrities storing nude pics online are actually brilliant. Store photos online, wait for the online service to be hacked, get free publicity, pretend to be the victim, and BAM everyone is talking about you.
The Real Problem -
The problem is – things are getting too complex and too technical for the average user. Most likely the “victims” did not realize that what used to be private was now being copied to an online service, yet the only protection was the same (weak) password system as before.
That’s what the EU should be focussing on – security problems are similar to the previous issues about cellular roaming and data gross overcharges. The EU commission needs to be able to say they can produce the rules to properly defend against this if manufacturers fail to, or don’t bother to. Sadly, this require an even more technical person to lead, not a less technical one.
Re: The Real Problem -
“Most likely the “victims” did not realize that what used to be private was now being copied to an online service”
This is an excellent point (except that I’d lose the scare quotes around “victims” — they really are victims.) Let me add this to my lengthy list of reasons why the cloud is currently a terrible thing
Well Glyn, to be fair we do see every sort of computer security breached time and time again….
Relying on some corporation to adequately protect your privacy is kind of dumb…