Sunday, September 17, 2017

How the Equifax debacle reminds me of traditional publishing.

gagnonm1993 | Pixabay

Y'all already know my brain makes weird connections, so I'm not gonna apologize for this post.

By now, I'm sure you've heard about the Equifax hack (sorry about the paywall). The credit bureau -- one of three that aggregate consumers' credit histories so that businesses can deem us worthy of a new loan -- was hacked earlier this year, sometime between mid-may and the end of June. The breach was not announced, however, until last week (giving two of the company's top executives plenty of time to unload some of their stock, but I digress). The hackers gained access to confidential information belonging to 143 million Americans -- including names, addresses, Social Security numbers, driver's license numbers, and birth dates. They also lifted credit card information belonging to about 200,000 consumers. Several hundred thousand people in the UK are also affected by the breach.

The hackers got in by exploiting a security flaw in an open-source software package called Apache Struts. The manufacturer had released a patch for in March, but Equifax hadn't bothered to install it. Two of the company's executives -- the chief information officer and chief security officer -- are already gone.

When people got upset about it, Equifax's reaction was not exactly helpful. For starters, their handy-dandy "how to check if the hack exposed your security info" site asked for more security info than people commonly have to hand over to anybody. Coming from a company that had already proven itself incapable of keeping consumer information secure, the request seemed clueless at best. Then, for those affected, Equifax generously offered a year of free credit monitoring -- and were happy to take the opportunity to offer the paid version to everyone else.

This lack of concern for consumers has been annoying for years, but the hack has raised it to DEFCON 1. It's particularly galling that we, as consumers, have almost no control over the information these companies have on us. We can't even choose whether to do business with a particular credit bureau -- or with none of them.

But Equifax's point of view is understandable if you squint just right. We're not the customers of any credit bureau. The businesses that buy our credit reports from them are their customers. We're the content. We're the data.

So what's the connection to publishing, you ask? Well, readers have always considered ourselves consumers of books. So we could be excused for thinking we were the publishing industry's ultimate customers. After all, publishers want to put out books we want to read, right? So that makes us the most important player in the transaction, right?

Um, no. Publishers don't sell their books to us -- they sell them to bookstores. Now, bookstores do sell to readers. But the big stores don't see us as individuals. I mean, Amazon sends me an email (or two! or three!) every day with things they think I might be interested in buying, but it's all computerized. It's not like friendly Mr. Bookseller down the street, who would set aside a copy of an author's new book because we had a lovely conversation about the last one by that author. It's Amazon's algorithm telling Amazon's email client to suggest a bunch of stuff to me because I'd searched for something similar on the web.

Bookstores are the publishers' clients. Readers are the data.

Like the Wicked Witch of the West once said, "Oh, what a world! What a world!"

In case you missed it, I've been featured by Fiona Mcvie at Author Interviews. I haven't done an interview in quite a while, and this one was fun. Thanks again to Fiona for hosting me.

Work on Maggie in Moonlight continues apace, although not as quickly as I'd hoped. I keep falling down research rabbit holes (more on that next week). However, I'm still on track to finish the first draft by the end of this month, although that may slop over into the following weekend. Stay tuned!


These moments of data-driven blogginess have been brought to you, as a public service, by Lynne Cantwell.

No comments: