By now you know that Ashley Madison — the Christian Mingle of infidelity — was hacked last month, and at long last the hackers have publicly released their findings online. Information on tens of millions of users, including full names, credit card numbers, private messages sent through the site, and more, is now available for you and everyone you know to comb through.
The internet has predictably erupted in proclamations of apocalypse. “Welcome to the first day of the rest of your internet,” writes John Herrman at The Awl. “The information the Impact Team just unleashed onto the Internet is more than an amusing sex scandal,” writes Michael E. Miller at the Washington Post, “It might be Pandora’s box.”
In one sense these predictions are almost certainly wrong. This scandal, like all scandals, will blow over, and probably quickly. Sure, it could plausibly implicate lots and lots of people. But in all likelihood only a handful of prominent names will be plucked from the haystack and the rest of The World’s Laziest Cheaters will live to cheat another day. That’s because huge datasets provide considerable obscurity. If the Impact Team (the hackers who hacked Ashley Madison) had published a list of 100 or 200 users, a lot of people would scan through it to see if they recognized anyone. Which is to say, almost everyone on the list would be impacted by its release. Since they released information on 30+ million users, there’s a pretty good chance that most of the people on the list won’t get noticed.
In another sense, though, I think the predictions point to something important. Herrman writes that:
Most leaks of this size don’t implicate people in anything aside from patronizing major companies. This is new territory in terms of personal cost. The Ashley Madison hack is in some ways the first large scale real hack, in the popular, your-secrets-are-now-public sense of the word. It is plausible—likely?—that you will know someone in or affected by this dump.
It’s easy to kid about the fact that these people were using a site intended to help them cheat. But if understood in more abstract terms, this hack has the potential to alter anyone’s relationship with the devices and apps and services they use every day. Here were millions of people expecting the highest level of privacy that the commercial web could offer as they conducted business they likely wanted to keep between two people (even if a great number of the emails are junk, or attached to casual gawkers, the leak claims to contain nine million transaction records). This hack could be ruinous—personally, professionally, financially—for them and their families. But for everyone else, it could haunt every email, private message, text and transaction across an internet where privacy has been taken for granted. Ashley Madison, in the strange hacker economy of 2015, may have had an especially big target on its back. But it’s a powerful reminder of the impossibility of perfect privacy.
It should probably strike us as strange that we thought “perfect privacy” was possible in the first place, but we did. Not before the internet, mind you. Before the internet, I imagine most cheaters took for granted that the process of finding someone to cheat on their partners with, communicating with them about the cheating, and then doing the cheating itself, carried with it a certain amount of risk. For all of those activities happened with some non-zero level of public visibility.
But the internet changed things, or at least how we think about them. Paradoxically, it simultaneously made it possible for individuals, businesses, and governments to collect more information about us than ever before, while also promising us a world of complete anonymity.
In the heyday of ‘90s internet it didn’t matter what the meat machine behind the screen looked like — on AOL you could be whoever and whatever you wanted to be. Mid-40s male insurance broker by day? SexyMermaid23 by night! This produced the sense that the internet was a space of pure privacy. If no one knew I was really something entirely different from my online persona, surely they didn’t know anything else about me either.
Indeed, some were so taken by the possibilities of all this that they imagined leaving their fleshlives behind entirely. In the early 2000s we got Second Life and people spent untold hours and vast sums of money kitting it out with houses, malls, and universities.
But this was mostly a facade. At the same time as we were getting settled into our perfectly controlled, perfectly private digital lives, a number of forces were rapidly de-anonymizing them. The rise of e-commerce necessitated connecting our online avatars with real-life names, addresses, and credit cards. MySpace and Facebook trained us to reveal more about our banal, everyday offline lives online. And post-9/11 government surveillance turned to the internet for insight into who was or might become a threat to the state.
For some reason, though, our thinking about privacy and the internet didn’t keep up with the times. We continued believing that the information we made available about ourselves online was private by default, and it was only in rare cases that that privacy was threatened. More information about us than ever before is now collected, stored, and analyzed, and yet the way we understand it remains stubbornly old fashioned.
This, perhaps, is what hacks like this latest one could plausibly change. Not our relationship to the internet, but how we understand it.
The internet is real life. There is no clear distinction between life “online” and life “offline”. The vast majority of what we do in the “real world” leaves a trail of data behind it, and the things we do on websites and in apps point straight back to our fleshy, physical selves. And in this world, as in the world before the internet, privacy is neither perfect nor impossible. It is fragile and changing and requires effort to produce.
When people get caught using the internet to cheat they should be no more surprised than when they get caught doing it some other way. Life is short and full of risks.