We Are All Responsible for Online Security

Recently we’ve seen a number of sensational stories about hacking and security breaches. The hacking of celebrity photos is a high-profile example of personal information being shared online without consent. We’ve also seen the rise of cyberbullying, teen sexting and “over-disclosure” online. At the same time, security breaches at major retailers have shown us that millions of credit and debit cards can be put at risk in one fell swoop.

As headlines like these become more common, it’s easy to label them as privacy or security incidents, but to think of them solely in those terms is a mistake.

There’s a much larger issue at work here: Our society has failed to keep up with technology. These breaches, which could happen to anyone, are a wake-up call for all of us to think, and act, differently than before. Put simply, as technology changes, you and I need to change, as well.

We’re at a point where we need new life skills so we can safely and fully enjoy the benefits of the Internet. We need to prepare ourselves to use new communications technology, just like when we learn to drive. We go to driving school to improve our safety and the safety of others. Why shouldn’t we do the same when we decide to go online? Ideas like these are embodied in a growing movement known as digital citizenship. Digital citizenship represents an evolution in our norms — the ways we think about our personal responsibility, and the ways we respect and look out for others online.

This movement is gaining momentum. Service providers have made some great strides here, such as requiring stronger passwords and offering multi-factor authentication. However, there is a tendency for individual users to rely on others to protect them online. Ultimately, we need to take on a fair share of this responsibility ourselves. We need to adopt commonsense practices to protect ourselves, and everyone else who is traveling the information superhighway with us.

For example, imagine if we understood how to use commonly available encryption tools. People could encrypt their photos, so there would be nothing to disclose even if files get hacked. Better yet, imagine if content like that was largely ignored in the first place. Thinking back to our celebrities, if the images hadn’t been so widely viewed, the impact could have been limited. (Jennifer Lawrence even accused the people who looked at her photos as the perpetrators of sex crimes.)

As you can see, responsibility begins with individual users, and then quickly extends to all participants in the online ecosystem — the users, publishers, providers and developers that define our digital world.

We’ve seen a collective approach like this work elsewhere, such as when Mothers Against Drunk Drivers (MADD) prompted social change by challenging social norms. Driving sober became not just an individual responsibility but also the responsibility of friends, family, bartenders and so on.

If we apply this model to the digital world, we might see some positive changes, as well. What if we treated people’s personal information the same way we’d treat someone else’s diary? Chances are, we wouldn’t read it, let alone find someone to publish it in a newspaper. The same norms should apply online. Again, just because we can do something online, doesn’t mean we should.

While there is much work ahead of us, there are reasons to be optimistic. Examples of digital citizenship are starting to proliferate. Policy makers on both sides of the Atlantic are promoting changes that protect individual rights, like the European cookie-consent law, newly enacted revenge-porn laws, California’s new smartphone kill switch bill, and new solutions for online comment sections.

At the same time, organizations like Common Sense Media have rolled out digital citizenship curriculums in thousands of schools across the United States. My company, AVG, through the Clinton Global Initiative, is building a digital citizenship initiative calling on carriers, OS providers and phone manufacturers to build in simple, engaging tools that deliver basic online safety skills to users as they start to use their new smartphones.

The online world is young. It’s evolving, and we’re all learning to live in it. Looking again to the recent hacking incidents and data breaches, it’s encouraging to see, for one of the first times that I can recall, our society calling for more personal responsibility in the matter — instead of just relying on systems security. Perhaps this will be one of those societal nudges on the arc of history that bends toward justice. At the very least, we can hope to approach the next breach differently, as new norms take root. Just because you can look doesn’t mean you should. Would you look?

Harvey Anderson joined AVG Technologies in the role of chief legal officer in February 2014. Previously, he was SVP, Business and Legal Affairs at Mozilla, and has held executive or senior level positions at Seven Networks, Flywheel Communications, Medscape and Netscape. He was a catalyst for the SOPA blackout, a leader for the Do Not Track campaign, and has challenged the use of IP laws that infringe upon free speech and privacy rights online. Reach him @chefhja.

This article originally appeared on Recode.net.