Twitch Data Leak – Are Platforms Doing Enough To Secure Our Data?

9

October

2021

Data Security: Recent Twitch data leak shows how confidential information can be accessible for anyone through data breaches. Are platforms doing enough to prevent this?

5/5 (1)

Three days ago, another platform and its users became victims of a data leakage. This time it was Twitch, a highly popular (game-)streaming platform owned by Amazon with approximately 8.07 million active streamers/users just last month (Clement, 2021). The top streamers on the platform gather millions of viewers around the world and subsequently get paid by Twitch for providing their users with entertainment through streams. Last Wednesday, for the first time in Twitch history, confidential company information and streamers’ earnings were leaked as it became clear how much the top streamers have earned in revenue. And it was not a small leak either: BBC has reported that it was due to a massive breach of over 100GB in data (Tidy & Molley, 2021).

2021: Record-breaking amount of data leaks?

Unfortunately, this data leak of a widely-used platform is not the first and certainly not the last. According to The Identity Theft Research Center, the number of (publicly announced) data breaches so far this year has already surpassed the total number in 2020 by 17%, with nearly 281.5 million people being affected by these breaches in 2021. There have been 1,291 breaches so far, compared to 1,108 breaches last year. The report also states that we could be headed towards a record-breaking year when it comes to total amount of data leaks, with the current all-time high of 1,529 breaches being set in 2017 (Morris, 2021).

More data = more data security?

Whether this year will mark the most amount of data breaches or not, it illustrates that data security is becoming increasingly more important in order to prevent these breaches from happening. With the growth in data produced and collected by almost every business or organisation, the likelihood of the (increasingly valuable) data being leaked or systems being breached naturally increases. To put the increase of data into perspective: In 2010, the world created about 2 ZB (zettabytes) of digital information. Last year, this increased to a whopping 44 ZB in that year alone (Saha, 2020).

Needless to say, more data requires better data security. Especially considering the increase in breaches/leaks this year, companies should look to invest more in protecting their (users’) data. According to a cybersecurity market report, the global cybersecurity market size is projected to grow from 217.9 billion USD in 2021 to 345.4 billion USD by 2026 (MarketsAndMarkets, 2021). Although the cybersecurity market is increasing, will it be enough to significantly decrease data leaks/breaches?

Data equals money

Not only does a data leak hurt a platform’s reputation or its users’ privacy, it can also cost the concerned organization a lot of money. According to the annual Cost of a Data Breach Report, 2021 had the highest average cost in 17 years as data breach costs rose from 3.86 million USD to 4.24 million USD: “the highest average total cost in the 17-year history of this report” (IBM, n.d.). When looking at the example of Twitch, source code was leaked alongside revenue information of top streamers. Therefore, its competitors (e.g. YouTube Gaming) now have access to their rival’s source code and revenue information about the platform’s most valuable asset: their content providers. With the added privacy aspect of the leak, this might result in a significant loss of competitive advantage and thus loss of revenue for Twitch.

Discussion: is it enough?

Now you know how much is invested in cybersecurity and how much an average data leak actually costs, do you think companies should invest even more? In addition, do you think 2021 will go into the history books as the “least safe” year for online platforms so far? And do you think this particular breach will mark the end of Twitch’s dominant competitive position in its industry?

Let me know your thoughts and perspective.

References

Tidy, J. & Molloy, D. (2021). Twitch confirms massive data breach. Available at: https://www.bbc.com/news/technology-58817658

Clement, J. (2021). Active streamers on Twitch worldwide 2021. Available at: https://www.statista.com/statistics/746173/monthly-active-streamers-on-twitch/

Morris, C. (2021). The number of data breaches in 2021 has already surpassed last year’s total. Available at: https://fortune.com/2021/10/06/data-breach-2021-2020-total-hacks/

Saha, D. (2020). How The World Became Data-Driven, And What’s Next. Available at: https://www.forbes.com/sites/googlecloud/2020/05/20/how-the-world-became-data-driven-and-whats-next/?sh=2161cb1d57fc

MarketsAndMarkets. (2021). Cybersecurity Market with Covid-19 Impact Analysis by Component (Software, Hardware, and Services), Software (IAM, Encryption, APT, Firewall), Security Type, Deployment Mode, Organization Size, Vertical, and Region – Global Forecast to 2026. Available at: https://www.marketsandmarkets.com/Market-Reports/cyber-security-market-505.html#:%7E:text=global%20Cybersecurity%20market%3F-,In%20the%20post%2DCOVID%2D19%20scenario%2C%20the%20global%20cybersecurity,9.7%25%20from%202020%20to%202026.

IBM. (n.d.). How much does a data breach cost? Available at: https://www.ibm.com/nl-en/security/data-breach

Please rate this

Author: Roël van der Valk

MSc Business Information Management student at RSM Erasmus University - Student number: 483426 TA BM01BIM Information Strategy 2022

What is your Price for Privacy?

21

September

2021

3.5/5 (2)

‘This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.’ This is stated in Art. 1 Sec. 2 of the General Data Protection Regulation (GDPR). The GDPR is said to be the toughest privacy and security law in the world (General Data Protection Regulation (GDPR), 2013). GDPR was drafted and passed by the European Union, but it affects organizations around the world that target or collect data on European citizens. On May 25, 2018, the regulation was put into effect (Wolford, 2018).

The GDPR came into existence to signal the stance of Europe on data privacy and security. This was especially relevant since more and more people are entrusting their personal data with cloud services and daily data breaches are a daily occurrence. Even if your company is not situated in Europe, but you do offer services or goods to people that do, GDPR applies to your too. But where did the need to protect our online privacy come from? Let’s have a look at a real-world example.

Most of us know what Instagram is, but if you don’t, it’s a popular platform used to share pictures with others. Did you for example know that everything that you do on their mobile application is being tracked? Instagram knows how long you have bene scrolling for, how long you have looked at a certain picture and where you like a picture. The same could be true for other platforms such as Facebook (Nast, n.d.).

From an information strategy perspective, it makes sense to collect data on your users and to use that data to maximize profits by identifying your targets. At the same time, from a privacy perspective it makes sense to prohibit organizations from collecting these kinds of data without prior consent of the user. Businesses need to collect data to be able to analyze that data and capitalize on it. This is how online businesses generate income, for example by running targeted advertisements to the visitors of their website. These advertisements can only be targeted if you agree upon that beforehand, since the introduction of the GDPR (Elias, 2021).

From all this information it becomes clear that companies need to collect data on their users to improve themselves and make money, but it also becomes clear that companies can collect huge amounts of identifiable data on specific individuals, such as yourself. This brings up the question, whether companies would be able to survive by introducing the option where you pay for your privacy and that you will not be tracked by any platform. So, the question that remains is whether you would be willing to pay for your online privacy and how much you would be willing to pay? Maybe you don’t even want to have to pay for it, but then the question becomes, are you fine with the fact that companies are tracking your online behaviour?

References:

General Data Protection Regulation (GDPR). (2013). General Data Protection Regulation (GDPR) – Final text neatly arranged. [online] Available at: https://gdpr-info.eu/art-1-gdpr/.

Wolford, B. (2018). What is GDPR, the EU’s new data protection law? [online] GDPR.eu. Available at: https://gdpr.eu/what-is-gdpr/.

‌Nast, C. (n.d.). How to stop Instagram from tracking everything you do. [online] Wired UK. Available at: https://www.wired.co.uk/article/instagram-story-ads-privacy-delete [Accessed 21 Sep. 2021].

‌Elias, M.G., Jennifer (2021). How Google’s $150 billion advertising business works. [online] CNBC. Available at: https://www.cnbc.com/2021/05/18/how-does-google-make-money-advertising-business-breakdown-.html.

Please rate this

Can we ensure privacy in the era of big data? – Great power, great responsibility.

14

October

2018

No ratings yet. In the age of social media and online profiles, maintaining privacy is already a tricky problem. Companies collect more and more data of its customers through internet, and with the help of AI programs, analyzing our data gets faster and more sophisticated, making it a commodity for companies and a liability for us.

There are a numerous small examples of questionable data use, most of the time harmless. But what happens when governments or potential employers can gather what seems like innocent and useless information to uncover your most intimate secrets – like health issues even you didn’t know about yet? Furthermore, a lot of people are unaware of the value of their data, exposing them to cases of identity theft and data fraud.  People use various technical products and most of the time people sign in without reading the terms and conditions stating how their private information will be used. It looks like without the meaningful data literacy, people will keep sharing their private information online, while being oblivious of the impact of their data being made available in this way.

Various  scientists and professors already spoke out their concern of the loss of privacy, stating now is the time to insist on the ability to control our own data.

The rules and regulations for data protection tend to be very lax in a lot of countries. most companies do not invest enough in ensuring the protection of their users since there are no real consequences for the mishandling of private or personal information. A dilemma here is the regulation, collection storage and trading of data when companies and operations operate across multiple continents and jurisdictions.

concludingmany challenges remain in how best to use these massive datasets while ensuring data security and privacy. It is important that all parties – companies, individuals and governments – take responsibility to help and try solve this big problem, before the consequences can no longer be overseen.

What are your thoughts about this topic? What does privacy mean to you? How important do you find it to have control over your data? Do we need new laws or corporate policies? How can we ensure our data does not get used for nefarious purposes?

 

Conn, A.(2017). Can We Ensure Privacy in the Era of Big Data?.[online] Future of Life Institute. Available at: https://futureoflife.org/2017/02/10/can-ensure-privacy-era-big-data/?cn-reloaded=1 [Accessed 3 Oct. 2018].

Kwamboka, L.(2017). Privacy in The Era of Big.[online] Medium. Available at: https://medium.com/read-write-participate/privacy-in-the-era-of-big-data-45d5eb1cea75 [Accessed 3 Oct. 2018].

Porter, C.(2014). Big data and privacy: every click you make.[online] the Guardian. Available at: https://www.theguardian.com/technology/2014/jun/20/little-privacy-in-the-age-of-big-data [Accessed 3 Oct. 2018].

Schmitt, C.(2018). Security and Privacy in the Era of Big Data.[online] Renci.org. Available at: https://www.renci.org/wp-content/uploads/2014/02/0313WhitePaper-iRODS.pdf [Accessed 3 Oct. 2018].

Please rate this