This is Hollywood’s very own horror story.
The cache of private, nude photos stolen from A-List actresses and uploaded for public consumption has the industry shaking over the security of its stars and their data; victims in the latest round of hacking include Jennifer Lawrence, Mary Elizabeth Winstead, and Kirsten Dunst. Reps and managers are used to shooing away paparazzi, but when the photos were taken by the actresses themselves and then stolen without any indication at all, things are a lot more complicated.
“There’s no way of protecting anything on the internet,” Martin Garbus, a trial lawyer who has represented Al Pacino, Lenny Bruce, and Robert Redford as well as argued in front of the Supreme Court, told TheWrap. “[Hackers] can get anything, there’s no way of protecting yourself on phones. Any of that stuff can be reached: pictures, phone calls, everything can be tapped. You can buy various security devices, but the hackers are ahead of the security device people.”
The photos that leaked on Sunday were largely thought to have been taken from cloud services that save users’ data; Apple said on Tuesday that they came in targeted attacks instead of a larger breach of security on its iCloud database. As Winstead noted in a tweet, the data still exists in the cloud even when the photos have been deleted from the mobile device.
“We’ve always recommended that our clients use two-step [password] authentication, but I don’t think anybody necessarily understood what that was until this weekend,” one publicity exec told TheWrap on Tuesday. “People need to be smarter about what their passwords are; I’m sure clients of ours have passwords that are their dog’s name plus 1-2-3-4-5, and if you’re famous, it’s easier for some to guess those things since all your information is out there.”
In short: The best that can be done is following smart privacy protocol, which agencies have sent to their clients once again in the wake of the disaster.
There have been various responses to these breaches; some actresses have confirmed that the photos were authentic, while others vehemently denied their presence in the leaked pictures. Reps for Lawrence threatened to pursue legal action against anyone who posted her photos, though Garbus in general doesn’t put much faith in the possibility that those responsible would be properly punished, or that any legal victory would stop others from posting the pictures.
“Very often you’re best off leaving it alone. You can stop one person, but then it will appear elsewhere,” Garbus reasoned. “These things go viral. You can try and punish somebody, the probability is the person you’re trying to punish doesn’t have funds. Once they put it up there, ultimately there’s little you can do. If somebody big puts it up, a big responsible company, that’s one thing. With Murdoch, you had people tapping into things, so someone was held responsible.”
And as the publicity exec told TheWrap, the potential violation of privacy could have been even more catastrophic had hackers targeted victims’ medical and financial records, which are almost certainly stored somewhere online.
All told, Hollywood must do what it can to be smarter about preventing violations of privacy, though security, as Garbus said, always lags behind determined hackers. And so, unfortunately, the best defense is not putting information or photos on phones or in cloud databases, which puts responsibility on the victims — a regretful solution in that it limits personal freedom and reinforces a culture of misogyny that enabled and emboldened the hackers in the first place.