The privacy freakout sparked by hacker group AntiSec's leak of Apple user identification numbers last week turned out to be unwarranted. But the Anonymous offshoot taught us some things about the culture of paranoia that has become a feature of our digital lives.
The group claimed that it had pilfered millions of iPhone/iPad user IDs from an FBI laptop. As it turns out, the database came from a digital publishing and development firm called BlueToad. The company ran tests internally based on a tip from an outside security researcher and confirmed that the data did indeed come from its own servers.
Sure, the information may have ended up in the hands of the FBI before it was leaked by AntiSec, but it's not likely. Moreover, the FBI and Apple have denied it. With yesterday's BlueToad revelation, there remains little credible evidence to support the claim of FBI involvement.
Regardless of the hackers' motives, the case illustrates something about the online news ecosystem. All AntiSec had to do was claim that it obtained the data from an FBI laptop and, before long, the narrative became "OMG, the FBI is spying on our iPads and iPhones." It doesn't help that reporting on and fact-checking Anonymous is problematic, due to the organization's evenescent structure and spoofish culture. Things got clearer as time passed - though the story is still unfolding - but not before legions of readers gained a false impression that the FBI was up to something truly creepy.
We saw a similar hole in the online news cycle a few weeks back when a hoax about an asymmetric screw Apple was said to be developing turned into headline news. Like that story, the report that the FBI had collected million of UDIDs was plausible given recent headlines about government requests for data from mobile service providers and Internet companies. A new round of domestic spying by a U.S. intelligence agency fit into an existing historical narrative.
The whole thing played into a growing paranoia about digital privacy. This fear seems to be an inevitable byproduct of online life. As more and more of our lives are lived in digital spaces, we are entrusting a massive amount of personal information to tech companies, which in turn each have different privacy policies and approaches to dealing with government requests. Just this year, we've seen Twitter spar with authorities over user data requests, mobile carriers hand over troves of information, and the U.S. government trying to address concerns over the tracking Web users. While some of the skittishness around privacy is overblown, plenty of legitimate issues are raised by technology that's evolving faster than laws and social norms can.
While the hyper-rapid online news cycle allows for false or unconfirmed facts to turn into headlines, it's worth noting that the Web is also remarkably good at self-correction. Often, it brings itself back into line more quickly than the old, top-down media system could. In this case, a more realistic picture of what happened emerged within a few days, thanks in large part to diligent homework by security researcher David Shuetz and an honest admission by BlueToad's CEO on the company blog. Perhaps in the coming days, we'll get a complete picture of what on Earth really happened last week. But the paranoia over privacy will remain.