The 2014 release of celebrity nude photos, also known as Celebgate, involved several waves of personal data release onto the Internet. Many well-known female, and a few male, celebrities had images they had saved on cloud services, such as iCloud, on social media outlets such as Reddit. The after-effects of this release led to technological changes being made to improve security of personal information, but the reputational damage had already been done. A criminological explanation of Celebgate could be done with several theories, but Routine Activity Theory provides one of the best frameworks.
Routine Activity Theory was developed by Marcus Felson and Lawrence Cohen in 1979 as an attempt to understand crime at a macro level. It was theorized that three aspects must converge in order for crime to occur. They are:
- A Suitable Target– This person possesses certain characteristics, such as owning high value items or if they are female, that put them at a greater risk for becoming victimized.
- A Likely Offender– someone who has a need to commit crime for some level of personal gain.
- The Absence of a Capable Guardian– wherein a person either cannot defend themselves as or there is some lack of protection against victimization.
Cohen expanded on his theory a couple of years later, by elaborating on these three tenets of the theory. A suitable target has some level of ‘target attractiveness,’ in which they may have some level of symbolic desirability or possess something of great value. The idea of exposure was also added; some people are more visible either physically, or in this case, on the Internet, to other people.
A Routine Activity explanation of the Celebgate incident is quite effective in helping us understand why such an event occurred. Those that obtained the pictures through hacking/social engineering, our ‘motivated offenders,’ were driven by potential monetary gain, the desire to seek revenge on their targets, and sought the fame that came with the release of these images. The relative anonymity of the offenders played a role as well, as repercussions could potentially be avoided.
The celebrities affected by this incident, our ‘suitable targets,’ constantly have the media’s attention, tended to be female, and had substantial amounts of information online. This made the celebrities relatively easy and desirable targets for exploitation.
The ‘lack of capable guardianship’ parameter also existed. There was an exploit within Apple’s software that allowed perpetrators access to the celebrity’s information. The “forgot my password” feature had issues, including allowing unlimited password retries. The celebrities themselves were mostly unaware of how vulnerable they and their information really were, leading to behaviors that put them at risk, such as automatically uploading pictures to iCloud.
Other theoretical explanations of Celebgate can be developed as well, but Routine Activity Theory serves as one of the best to understand what transgressed during the multiple data and image dumps that comprise the Celebgate incident.