Forget WikiLeaks - here comes DickiLeaks!

Filed Under: Cryptography, Data loss, Privacy, Social networks, Twitter

Forget WikiLeaks - Australia is currently embroiled in a data leakage saga of its own, dubbed "DickiLeaks".

In short, the story is that a young woman has published nude photos of football players from high-flying Australian Football League club St. Kilda, rapidly accumulating thousands of Twitter followers as a result.

Varying accounts exist of how she came by the photos. The youngster is reported to have claimed that she took the photos herself. Another report documents a counterclaim by the manager of team captain Nick Riewoldt, one of the pictured players. In the counterclaim, the photos were copied from the laptop of a teammate who snapped the photos on a club trip to the USA last year.

Riewoldt himself claims that his pic was taken one morning last year in a Miami hotel room. Riewoldt says that he asked his teammate to delete the snap and assumed that he would do so. The teammate backs his skipper's claim, adding a personal apology for what subsequently became of the photo.

There is a whole raft of questions emerging from all of this. But this is a computer security site, so I'll concentrate instead on the privacy lessons - both social and technical - that we can learn from this saga, no matter what is finally deemed to have happened.

* Don't snap a photo with your friends in it without their explicit permission. If they ask you to delete a photo they took, do so immediately - even if the law says you don't need to. They're your friends, after all.

* If you are going to let someone else use your laptop - a favour many of us may grant to travelling acquaintances over the coming holiday season - then create a new account for them to use. Don't give them an administrative account. Let the operating system help you keep everyone's files separate.

* If you are serious about security - and if your computer is used for any sort of business, including internet banking - consider some sort of encryption solution. Full disk encryption will protect your entire computer if it gets stolen; file, folder and network encryption will protect your data from other users on your network.

This whole sorry mess also brings into question current laws about who gets the rights to a photo. In many countries, the law comes from a time when photographs were comparatively difficult to take, develop, publish, index and search.

The law therefore generally hands the rights to the photographer. These days, of course, digital images can be easily acquired, even in huge volumes - as CCTV systems and Google StreetView remind us quite clearly.

I've discussed this issue before - I think that the law needs changing, especially to protect us from what I see as mechanised predatory photography - but have had numerous people tell me that I'm being paranoid, or unreasonable, or petulant, or Luddite. (The Luddites, as it happened, weren't anti-technology. Their concern was social justice, though they chose violence as a way to make their point. I am neither anti-technology, nor pro-violence.)

You can read more about this at the links below, but whether you agree with me or not, please take heed of the advice above.

And if you aren't ready for a full-blown encryption system just yet, here's a Christmas present to help you keep your private stuff safe, both at rest on your PC and in motion across the internet: Sophos Free Encryption.

* Read more about the ownership of rights in photos taken by others:

http://nakedsecurity.sophos.com/2010/12/06/google-off-the-hook-with-cops/

http://nakedsecurity.sophos.com/2010/06/07/public-unprivacy-googles-fault/

* Learn from recent data leakage disasters how to protect yourself and your business:

(10 December 2010, duration 9:25 minutes, size 9.0MBytes)

The podcast is also available as a transcript.

, , , , , , , , , , ,

You might like

One Response to Forget WikiLeaks - here comes DickiLeaks!

  1. Zee · 1408 days ago

    DickiLeaks - --- love it! The whole sordid affair has been 'blown' out of proportion. The Australian media on one hand claims to be shocked and outraged and yet they cant wait to publish the latest details in this heated he-said/she-said affair. The photos themselves are posted all over the Internet and much ado about nothing -- they might be stars on the field but its clear they wont be starring as the lead in any adult movies anytime soon!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog