Data privacy crisis: what can we all do?

Privacy is a quaint notion, one that doesn't really exist when we venture online whether it is on our desktop, tablet, or mobile phone. The examples are everywhere: ranging from something as harmless as people not realizing they're on webcam to unsecured webcams recently posted for anyone to see on a Russian hacker's website.

As illustrated by a video from the ACLU, we are all starring in a dystopian reality show of our own, one where a growing and largely invisible infrastructure of public and private entities enriches itself by monitoring our every keystroke.

"The Internet is not a magical thing. It's a human institution," said Jay Stanley of the ACLU. "It's an amazing thing that's brought so many benefits to our lives. It doesn't mean we're not human enough to screw it up. And these giant machines that are being built to spy on Internet use need to be reined in if we're going to have the kind of internet we should have."

Privacy rules that we agreed to without a second thought a decade ago when we were interacting with the web primarily through desktop computers, often at work, now enable the tracking of our every move on our mobile phones.

As we enter the age of what's known as the "Internet of things" -- a.k.a. homes that are equipped with web-enabled devices -- the potential for abuse is staggering.

This month, in a move straight out of George Orwell's novel "1984," Samsung issued a security alert warning people not to divulge sensitive information in front of its voice-activated smart TVs. The fear is what could potentially happen when your words are transmitted to servers at a third-party voice-recognition company that enables the computer inside the TV to do what you tell it to.

It is enough to make you want to just hop into your car, go for a drive, and clear your head. Well here's the thing: "they" are watching you there, too. License plate readers, which store where and when you traveled on major roadways, have become ubiquitous across the country. But civil rights advocates say maybe the brakes need to be put on the expansion of license plate readers.

"When you start looking towards the future when there's three of these on every block, you're getting a data trail that's high resolution enough, it's the equivalent of putting a GPS tracker on everybody's car," ACLU's Stanley said. "That's too much power for the government to have. When you have that much information about where people are going and when, you know a lot about how they're living their life."

And it is not just the government; corporations are keeping tabs, too.

"Well, I started hacking when I was a teenager in high school," Kevin Mitnick said. His life is right out of a Hollywood screenplay. He has even served time behind bars for hacking. Mitnick is now one of the world's leading IT security consultants. He is widely known as the world's most famous hacker.

"It's kind of scary because if you're living a legitimate life in the United States of America, it would take me 60 seconds on my laptop right here on this laptop to basically look up your Social Security number, your mother's maiden name, your date of birth, your last 10 addresses, your cell phone number and your land line number," he said. "That's because all our information in America is for sale!"

This is a troubling situation that President Barack Obama spoke defiantly about in this year's State of the Union address.

"No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids," the president said.

The hack President Obama referred to is the historic one North Korea allegedly committed against Sony.

Adam Levin, the former director of the New Jersey Division of Consumer Affairs, is an expert in data security. Levin said the Sony hack was a game changer.

"I don't think we've seen anything of the magnitude of the ferocity or the viciousness of this attack on any company ever before," he said.

Levin, the founder of IDT911, added that companies need to take a closer look at their cybersecurity systems. In essence, all of us are vulnerable.

"This is going to require a paradigm shift in thinking," Levin said. "That companies are going to need to do what they need to do to shore up their security.

But despite the strong words from President Obama, Levin would like to see the government step up its game.

"And this government, our government has not been as serious about this as it should have been," he said.

We talked about the corporations, but what about you and me?

"About 91 percent of Americans now feel that they are losing control of their personal data," said Lee Rainie, the director of internet, science and technology research at the Pew Research Center.

Nine out of 10 Americans is a staggering number. But Pew Research said Americans are getting the message. You need to take certain steps to be less vulnerable.

"Americans are more and more aware that pieces of their identity are out there for other people to capture," Rainie said. "So we see this really interesting component of their lives of literally monitoring their reputation and trying to adjust it if they see that there's a problem."

Consumers can use certain tools to protect themselves.

"It's all very simple you don't even have to remember to do it," said Rob Shavell, the co-founder and CEO of Abine, an online privacy and security company. The company's goal is to help the consumer control his or her information by making sure the sites you do business with never actually see your real info.

"When you get to the checkout form and you get to the credit card, right when you tap into that field you'll get a choice, including use your existing cards that you have in your online wallet or something called 'mask my card,'" Shavell explained. "'Mask my card' is that choice to protect my card. When you click on that you can instantly create right there on the shopping form a new credit card that is limited to any amount you want. ... You can register for anything, sign up for anything, shop and buy anything and you never have to worry about 'Hmm, what's that company going to do to with my information?'"

New York State Attorney General Eric Schneiderman said that consumers shouldn't have to go such lengths to protect their identity. He told fox 5 that he wants more accountability from corporations.

"Whenever we have spoken to people about the fact that private information is currently defined in New York ... doesn't protect your e-mail address and password, doesn't protect health insurance information, it protects virtually nothing -- people are surprised to hear that," Schneiderman said. "But there is a certain degree to which people just figure that someone is watching out over the Internet. And it's really not true."

While the general public may be surprisingly apathetic about the safety of its data, Schneiderman said he is not. He is urging lawmakers to update laws requiring companies to safeguard people's personal information. He is adamant that creating a well-defined set of security best practices for companies to implement is in everyone's interest.

"That would provide an incentive for companies to do the right thing. We also provide a safe harbor which is a very new concept for companies that follow the gold standard, that follow standards that are required for contractors with the federal government," he said. "And if you do that, we limit your exposure to liability for my office and also limit your civil liability. We want the companies that are being hacked to view government as their partner in this."

In the meantime, keeping our information secure remains our responsibility. Former hacker Mitnick offers these tips. Be smarter about your passwords. He suggests downloading and using password managers.

"What password managers do is allow you to put all your passwords on a database on your computer and you protect it with a passphrase," he said. "What is a passphrase? Instead of using a password like 'computer 1, 2, 3' you use a password like 'the quick brown fox jumped over the fence' so it's long and hard to break. And you protect all your passwords with this long passphrase."

That is helpful advice from a man who has been on the other side of the law but is now looking out for you and me.

"So it's really up to the individual like you and I to take that extra step and protect our privacy," he said.

The ACLU's Stanley offered a sobering thought: "We might be living in a country we don't recognize in a few years, and maybe one we don't like that much."

EXTRAS

Watch an extended interview with Kevin Mitnick. He explains how he first got started as a hacker and how he wrote a program to steal his teacher's password.

View Pew Research's report on the public perceptions of privacy.

Watch more Fox Docs.