by Nadia Cohen
The advisory committee asked the very important question: ‘What kind of legal recourse does Jennifer Lawrence – or an everyday American citizen like you – have against hackers and websites that peddle such photos?’
The aim was to analyse exactly what contemporary expectations of privacy are in a realm of digital photography, from revenge porn to so-called ‘up skirt’ pictures taken by pushy paparazzi photographers in broad daylight. The committee discussed the suggestion that almost daily there are incidents of some kind involving stolen photos of women – the same day as it emerged that a police officer in California had stolen private photos from the phone belonging to a woman he had arrested, a practice he had allegedly described as ‘a game’.
However, the advisory committee itself is not a government institution. Rather, it is a private sector organisation, where representatives of all interested stakeholders – from corporations to private interest groups – meet. The purpose is to discuss how to ensure that members of the Congressional Internet Caucus, and Congress members in general, understand issues about which they may have to have an opinion at some stage in their working lives. The committee used the Twitter hashtag #exposedphotos to attract global attention to its event.
But as they discussed at length, the problem of all legislation when it comes to the web is that technology always moves faster than the law – legislate against one type of activity and someone will find another way to achieve his ends.
Tech experts said at the time that weak passwords had given hackers the chance to access private pictures, thanks to a software glitch, and Apple agreed to conduct an investigation into the scandal after dozens of A-listers’ passwords were stolen by a particularly sophisticated piece of hacking software.
Soon after the leak, a key piece of computer code that repeatedly guessed passwords was found online. The script was posted to software site GitHub, but a message quickly appeared saying that Apple had issued a ‘patch’ or fixes to eliminate the bug. According to the post, the script used the top 500 most common passwords approved by Apple in order to try and gain access to user accounts. If successful, it would give the hacker full access to the iCloud accounts, and therefore photos.
Owen Williams from technology site The Next Web, who discovered the bug, said: ‘The Python script found on GitHub appears to have allowed a malicious user to repeatedly guess passwords on Apple’s “Find my iPhone” service without alerting the user or locking out the attacker.
‘Given enough patience and the apparent hole being open long enough, the attacker could use password dictionaries to guess common passwords rapidly. Many users use simple passwords that are the same across services so it’s entirely possible to guess passwords using a tool like this.
‘If the attacker was successful and gets a match by guessing passwords against Find my iPhone, they would be able to, in theory, use this to log into iCloud and sync the iCloud Photo Stream with another Mac or iPhone in a few minutes, again, without the attacked user’s knowledge.
‘We can’t be sure that this is related to the leaked photos, but the timing suggests a possible correlation.’
Apple did not make any comment on the incident, but experts pointed to the weakness of many internet users’ passwords and basic security knowledge as being the cause for the widespread hack of iCloud – Apple’s own wireless storage facility that can be used to access files remotely.
Other similar services include Dropbox and Google Drive, which enable users to keep more of their files close at hand without taking up huge amounts of memory on their devices.
Rob Cotton, CEO at web security experts NCC Group, said: ‘Cyber security is not just a technology problem, humans are very much key to its success. In our day-to-day work we see too many cases of employees divulging sensitive information without first verifying the legitimacy of the request.
‘People often point the finger at technology when they’ve been the victim of a cyber attack, but poor password choices or naivety in the face of a seemingly innocent email is regularly to blame.’
He added that human error often played a part too.
Stefano Ortolani, security researcher at online experts Kaspersky Lab, added: ‘In order to make your private data more secure, you should cherry-pick the data you store in the cloud and know and control when the data is set to automatically leave your device.
‘For instance, in iCloud there is a feature called My Photo Stream which uploads new photos to the cloud as soon as the device is connected to Wi-Fi; this is to keep photos synchronised across all your devices. Disabling this option might be a good starting point to be a bit more in control.’
While the security of the cloud will now come under increased scrutiny, Ortolani pointed out that some element of risk has always existed.
He said: ‘The security of a cloud service depends on its provider.
‘However, it’s important to consider that as soon as you hand over any data including photos to a third-party service, you need to be aware that you automatically lose some control of it. This is also the case for when you upload something online.’
Within weeks of the scandal, a man claiming to be Jennifer’s ex-boyfriend admitted that he was a computer hacker. Brad Jackson, who alleged that he dated Jennifer when they were pre-teens growing up in Louisville, made the revelation in conversation with the Sun on Sunday about the breach of privacy she suffered: ‘She’s the type of person who would have done a nude scene but would have wanted to make the decision on her own,’ he said.
‘The fact a hacker did it [leaked the pictures] was pretty shitty – but that’s the kind of field I’m in.’
The IT graduate went on to claim that he had seen the computer screen of a man claiming to have been the person who accessed Lawrence’s private photographs through her computer without her permission. He went on to claim that he is not a ‘black hat’ hacker, like those who work for 4chan, but would be lured into hacking by the profit he could make from it.
‘I’m so tempted to go into the illegal part and make more money,’ he told the newspaper.
Jennifer has since said that she cannot let her happiness rest on those responsible being brought to justice, because most likely they will never be caught, adding she just has to find her own peace.
As already discussed, it was widely believed that Jennifer had taken the private photos to send to her then boyfriend Nicholas Hoult, and the British actor was asked about the leak while chatting with Good Day New York about his upcoming film, Young Ones.
‘It’s shocking that things like that happen in the world,’ he said. ‘It’s a shame.’
The scandal became rich fodder for comedians who suggested it could have been avoided simply by not taking such explicit photos in the first place. Ricky Gervais was forced to issue a public apology after he wrote on Twitter: ‘Celebrities, make it harder for hackers to get nude pics of you from the computer by not putting nude pics of yourself on your computer.’
And the satirical cartoon South Park also poked fun at Jennifer’s situation, but Jennifer’s Hunger Games co-star Josh Hutcherson was among those who rushed to her defence, saying: ‘I just think all that stuff is so ridiculous. We’re people, too, man, we just want to live. We want to be normal people, it’s not fair.
‘I think everyone has their own way of getting through it. It’s something you obviously don’t want to happen to you and it’s really unfortunate that it happens. I hate the way the world sort of views those sorts of issues.’
Josh said he and Jennifer often talked about how experiencing sudden fame on a huge scale had changed every aspect of their lives: ‘Like Jen and I always say, people say, “Well you chose to be an actor, you are going to have to deal with this kind of thing.” Well, no. I started when I was nine years old. She started when she was, like, twelve.
‘We didn’t choose to have public scandal. So because this is what I am good at and this is my career means I also have to suffer on this other side?’
r /> Actress Sigourney Weaver also praised the dignified way in which Jennifer had dealt with the humiliation surrounding the leak, and expressed her admiration for how she had been forced to live her life under constant scrutiny: ‘There is no escape now,’ said the Alien star. ‘It’s something actors need to figure out how to combat, as it doesn’t serve anyone to have privacy invaded to such an extent.
‘Jennifer is brilliant. Leave her alone. But I’m a grandmother practically,’ Sigourney told The Sunday Times newspaper.
Natalie Dormer, the actress who starred alongside Jennifer in the final two Hunger Games movies, also came out in support of her co-star: ‘What Jen went through recently was just horrific,’ she told Nylon magazine. ‘And I don’t think there’s any level of fame that can justify that kind of invasion into privacy, not to mention laws being broken. I mean, people just need to get a grip if they think that’s even halfway acceptable.’
Spider-Man star Andrew Garfield also spoke out on Jennifer’s behalf, slamming the hackers who stole nude photos of women and posted them online as misogynistic. The actor told The Daily Beast: ‘It’s disgusting. “I have a right to your naked body or images that you’ve sent to your husband, or lover”. It’s disgusting. It’s violent, and it’s misogynistic, and it’s revolting, and it’s another example of what this distance [through the internet] has enabled us to do – it’s enabled us to be disassociated from each other.
‘There’s enough awful shit coming from it that hopefully we’ll get to the point of, “OK, wait a second.” What’s scary is that we haven’t reached that point yet, and there hasn’t been a referendum put on it.’
Meanwhile, Jennifer was forced to condemn the actions of Perez Hilton, the celebrity blogger who initially published the images uncensored, before deleting them from his widely read site and issuing a personal apology to Jennifer.
‘[Perez] took it down because people got pissed, and that’s the only reason why,’ she said. ‘And then I had to watch his apology. And what he basically said was, “I just didn’t think about it.” “I just didn’t think about it” is not an excuse. That is the exact issue itself.’
Perez later admitted that he had ‘made a mistake’ in publishing the actress’s intimate images on his website, and claimed that he did not wish to harm others with his work. When asked what prompted this unexpected change of heart, he said: ‘I look at mistakes as an opportunity to learn. I made a mistake and instead of not doing anything I decided not to post any photos of anybody like that going forward, which I haven’t.’
Speaking about the apology he gave Jennifer, Perez added: ‘I’ve been trying to do better and be better for four years now. I’m not perfect, I’m not trying to be, but it’s a constant journey and a process.’
In the meantime, Jennifer was devastated yet further when it emerged that there were plans for some of the stolen nude celebrity photos to be publicly displayed in an exhibit at an American art gallery. A then anonymous artist, known only as XVALA, real name Jeff Hamilton, intended to use the images as part of their show titled ‘No Delete’ in the Cory Allen Art Gallery in St. Petersburg, Florida.
When asked about the controversial plans, actor Andrew Garfield responded furiously: ‘The internet is the new Wild West. There’s a guy now taking these pictures and putting them up in an art gallery. What right does he have to do that? It’s absolutely revolting.’
But following public backlash, and pressure from a petition, the artist changed his mind. XVALA decided not to showcase leaked images of the celebs in life-size, unaltered form; instead the exhibit would feature the artist’s self-shot, life-size nude images: ‘It wasn’t just about being “hacked” images anymore, but now presented in the media as stolen property,’ XVALA said in a statement to E! News. ‘People were identifying with Jennifer Lawrence’s and Kate Upton’s victimisation, much more than I had anticipated, which is powerfully persuasive.’
Gallery owner Cory Allen added: ‘It was inspiring to see people take action through a petition, signing their name and not just commenting on a thread.’
Just a few days earlier, both Allen and XVALA said they were proceeding with the art show despite public outrage, claiming the images were ‘art’. But then they claimed that once their goal of raising public awareness had been accomplished, they were willing to cancel the show and to move on: ‘This concept was always about self-examination in our current culture,’ XVALA said. ‘Why we feel the need to know and cross the lines of other individuals’ privacy.’
Jennifer was delighted when Google agreed to pull links to the nude photos from their search engine. Google came under pressure from many lawyers representing various celebrities whose private photos were published by hackers. But according to the Guardian newspaper, the decision was only made in a bid to combat the numerous lawsuits filed against the technology giant. ‘Google has come under pressure from lawyers representing various celebrities whose private photos were published by hackers,’ the newspaper claimed. ‘The top entertainment lawyer Martin Singer has written to Google demanding that the company pay for its “blatantly unethical behaviour”, threatening to sue the search giant for $100 million.’
Singer’s Los Angeles-based firm Lavely & Singer P.C. represents more than a dozen of the women affected, as well as actors including John Travolta and Charlie Sheen. Lavely & Singer wrote to various website operators and Internet Service Providers (ISPs) demanding that the images be taken down under the Digital Millennium Copyright Act (DMCA).
Repeating its statement from early October 2014, Google said: ‘We’ve removed tens of thousands of pictures – within hours of the requests being made – and we have closed hundreds of accounts. The internet is used for many good things. Stealing people’s private photos is not one of them.’
Google removed two links to a site hosting stolen nude photos of Jennifer, following demands from her lawyers. The takedown requests were filed under the DMCA, with her lawyers stating that the stolen photos impinged on Lawrence’s copyright. The DMCA, which governs the use of copyrighted material and is usually used in reference to pirated TV shows, films and music, requires sites to ‘expeditiously’ remove unlawful images from their servers.
The site removed from Google’s search results has since changed its domain, which has caused the site to be re-indexed by Google and reappear in search results under a different website address. The takedown notice did not list the new domain, requiring another request to be filed to remove it from the search results.
The site hosting the photos targeted by Jennifer’s lawyer claimed that it would take down the stolen photos, if requested.
The whole hacking debacle made Jennifer more wary than ever of using the internet, indeed she shies away from any social-networking sites, unlike most celebrities of her generation: ‘I will never get Twitter,’ she explained in an interview with Radio1 DJ Nick Grimshaw: ‘I’m not very good on phone or technology. I cannot really keep up with emails, so the idea of Twitter is so unthinkable to me.
‘I don’t really understand what it is. It’s like this weird enigma that people talk about. It’s fine, I respect that, but no, I’ll never get a Twitter. If you ever see a Facebook, Instagram or Twitter that says it’s me, it most certainly is not.
‘I really, like, laser focused on that. It’s because the internet has scorned me so much that I feel like it’s that girl in high school that I’m like, “Oh, you want to talk about her? Yeah, I’ll do that! Take my hoops off, I’m ready to go.”
‘All that doesn’t interest me for a second. I’m always hundreds of emails behind. I have 112 unread emails,’ she added, holding up her phone. ‘I don’t want anyone to talk to me, ever.’
Jennifer was far from alone in her horror at the leak. Former Harry Potter star Emma Watson said in March 2015 that she too was left ‘raging’ after a hoax website threatened to release nude photos of her online. The film star and UN Ambassador for Women said a website targeted her after she spoke up for women’s
rights.
She said: ‘After I gave my speech [at the UN] there was a website threatening to release naked pictures of me. I knew it was a hoax, I knew the pictures didn’t exist, but I think a lot of people that were close to me knew gender equality was an issue but didn’t think it was that urgent, that it was a thing of the past.
‘And then when they saw that the minute I stood up talking about women’s rights I was immediately threatened, I think they were really shocked, my brother was particularly upset.
‘This is a real thing that’s happening now, women are receiving threats. I was raging, it made me so angry. I was like, this is why I have to be doing this. If anything, if they were trying to put me off it, it did the opposite.’
In September 2014, a web page entitled ‘Emma You Are Next’, featuring an image of the actress next to a countdown clock, appeared to have been created by a user of 4chan, on which the nude photos of Jennifer Lawrence had been posted.
Months later it emerged that ‘The Fappening’ had significantly changed the way in which British people send raunchy text messages, but it had not altered the number of them doing it, according to research released in March 2015. Three quarters of British men and women apparently changed their sexting habits after the online scandal, which saw almost 100 celebrities’ private nude photographs hacked, with many taking extra security precautions.
Globally, during 2014, the number of men ‘sexting’ increased by 2.5 per cent, while there was a 9 per cent increase in the number of women sexting. Of these women, 72 per cent claimed they were sending and storing their messages more securely. In comparison, 68 per cent of men said they were changing their habits. The Fappening mainly targeted young female celebrities and prompted a huge discussion over online privacy and protection.
The survey, titled ‘Apps and Appetites’, also found that one in four – 26 per cent of men and 22 per cent of women – had not changed their habits at all, despite the publicity the significant data breaches received.