Online privacy is becoming a luxury and it’s everyone’s job to ensure our data is protected, according to Nico Sell of Wickr Inc.
Sell has worked in digital security for two decades. During that time she has co-founded Wickr Inc, the company behind the most secure encrypted messaging app on the web, as well as its non-profit arm the Wickr Foundation.
She joined The Guardian’s Nathalie Nahai for a talk on online privacy on the Centre Stage at this year’s Web Summit.
“Privacy is something that now only billionaires and celebrities can afford and yet it’s something we all deserve,” she said. “A decade ago it was really hard to be a public figure; now it’s really hard to be a private figure, so this is what the kids are striving for. The editor of Vogue, Anna Wintour, actually said that it’s more in vogue to be un-Googlable.”
Sell works to educate children about online security and privacy through R00tz Asylum, an organization which teaches cybersecurity to young people aged eight to 16. She warned about the dangers of parents putting images of their children online before they are old enough to make their own decisions about their digital footprint.
“It’s irresponsible to put pictures of your kids online for a number of reasons,” she said. ““Firstly, there are geotags involved, and protecting your children’s location is of utmost importance. The internet is forever, and I want to make my own decisions about the digital footprint that I leave, and I’m lucky enough that I did get to make my own decisions, and I want my daughters to make their own decisions as well.”
R00tz Asylum empowers children to make these decisions by focusing on white hat hacking rather than infosec threats and vulnerabilities.
“When I ask who wants to learn about privacy and security maybe a few raise their hands,” she said. “But when I say who wants to eavesdrop on phone calls and hack into people’s messages on Facebook, hands shoot up. By learning those lessons, kids can make their own decisions. You’re empowering them.”
Wickr takes user security very seriously and has one of the biggest hacker budgets in tech. The company employs hackers to ensure the app is secure and launched a bounty last year to anyone who can find a vulnerability in the system which could compromise users’ data.
“Wickr is number one most secure messaging app in the world,” Sell said. “We enlist hackers and use them on our side. We have largest bug bounty in the world – we offer $100,000 if they find a hole in the system and fix it. We spend over a million dollars a year on hackers and every company needs to be doing this. We need to engage with them and bring them in.”
Threats to our privacy are increasingly coming from governments seeking access to user data for surveillance. Sell cited the 2013 demise of encrypted email provider Lavabit, which abruptly shuttered its service rather than comply with a US government order requesting user data when it emerged Edward Snowden had used the service. Such orders are accompanied with gag orders, meaning that companies facing data requests are precluded from alerting users to the possibility that their privacy will be compromised.
Wickr is one of an increasing number of companies using a warrant canary to allow its users to know that it is not currently the subject of a secret gag order, and users can infer the reliability of that statement based on whether the canary is being regularly updated.
“The last decade was really about society building out the public web,” she said. “Companies like Facebook and Google, they’ve done a great job bringing us together but that’s only half of the brain. The second part of the brain the private web which will grow to be just as big as the public web.”