Welcome to 2025, where technology has become an inescapable force shaping every aspect of our lives. What was once a tool for convenience and connection is now a pervasive influence, capable of both empowerment and harm. The real question is no longer what technology can do—we’ve seen its possibilities—but what we, as a society, are willing to tolerate.

This normalization of pervasive technology is an example of bad security because it undermines personal agency. The more reliant we become, the easier it is for vulnerabilities to be exploited by bad actors.

Tolerance for State-Sponsored Tech Violence

In the past two years, we’ve witnessed AI-powered tools being used in devastating ways. Search engines that could connect families to vital resources instead helped authoritarian regimes target and silence dissenters. Autonomous surveillance drones, initially marketed as tools for safety, became instruments of state violence in conflict zones.

Ask yourself: how much tolerance do you have for tech that can make life easier while simultaneously enabling oppression?

What if the next tragic story isn’t a headline but someone you know?

It’s time to demand accountability. Report intrusive tech to regulatory bodies. Share stories on social media to raise awareness.

This is bad security in action: technology meant to protect or assist is weaponized to harm people, violating the basic tenets of ethical security by putting lives at risk. We must be vocal—silence only serves those who misuse these tools.

Tolerance for Overcollection

Consider the apps that track your every move, collecting data far beyond what is needed for their functionality. Last year, a fitness app was revealed to have shared sensitive location data with third parties, sparking outrage, sound familiar? This is now practically the case with every app we install.

The line between convenience and surveillance has blurred, and most people don’t even realize how much data they’re giving away.

Resist the trend of overcollection by practicing digital minimalism.

Limit the data you share and question why it’s being requested. When companies cross the line, file complaints with data protection authorities. Remember: they rely on your inaction. Don’t let them get away with it.

The overcollection of data exemplifies bad security by creating unnecessary vulnerabilities. Every piece of data shared is another potential exploit for hackers or misuse by corporations.

The Branding Trap

Brands wield enormous power to shape public perception. Take the cybersecurity breaches of recent years. Companies promised “state-of-the-art” protections, only to suffer catastrophic failures. Yet, with carefully crafted PR campaigns, they managed to downplay the damage and regain consumer trust. Stop taking brands at their word. Before signing up for a service, research its history of compliance and security incidents. Expose failures when you find them. Write detailed reviews, share your findings on social media, and encourage others to hold companies accountable. Why not start by looking up the appropriate reporting agency right here

This reliance on branding instead of transparency is bad security. When companies prioritize optics over real protections, they leave consumers exposed to preventable threats.

Privacy Violations: Spot, Report, Repeat

Think about the privacy violations you’ve noticed recently. Did you see a school deploying unvetted tech tools on kids? Or a social media platform quietly expanding the scope of its “limited consent” agreement? These incidents happen all the time, yet most of us do nothing about them. Make 2025 the year you take action. Report privacy violations when you see them. It’s as simple as filing a complaint online or contacting the appropriate regulatory body. If you want to go further, advocate for those who might not have the ability to act, like children or seniors. The ripple effect of even one person speaking up can be profound.

Privacy violations are symptomatic of bad security because they exploit weak consent frameworks to undermine individual rights. By normalizing these practices, we erode trust in digital ecosystems.

The Right to Say “Nah”

When asked for data you’re not comfortable sharing, exercise your right to refuse. Say, “Nah, I don’t have anything to hide, but you can’t have it anyway.” This small act of defiance can inspire others to reconsider how much they’re giving away. It’s not about paranoia; it’s about preserving your autonomy in an age of overreach.

Bad security thrives on compliance and apathy. By asserting your right to refuse, you challenge the exploitative systems that rely on unchecked data collection.

Technofeudalism is Here—But Not Unbeatable

Technofeudalism—the exploitation of users through subscriptions, predatory business models, and invasive practices—has become the norm. We’ve seen it dominate industries, from software to healthcare. But it’s not invincible. Consumers have power when they act collectively. Boycott technologies and companies that exploit users. Support smaller, ethical businesses. Be vocal about unethical practices and encourage others to join you. Change begins when we refuse to tolerate exploitation.

Technofeudalism is the pinnacle of bad security. As Yanis Varoufakis and Cory Doctorow never tire of reminding us, t strips consumers of autonomy, traps companies in exploitative cycles, and prioritizes profit over protection. Combating it is a matter of reclaiming control and demanding better systems. Change starts with intolerance. Intolerance for unethical data practices. Intolerance for unchecked corporate power. Intolerance for complicity. The only thing worse than technology’s failures is our willingness to let them slide.