Fixing Data Privacy with Web3 Tools
How blockchain can restore autonomy to users
2018 was a watershed in the history of data privacy. In March of that year, The New York Times and other publications uncovered what’s become known as the Facebook-Cambridge Analytica data scandal. Through a series of investigations, journalists discovered that Facebook had surreptitiously harvested users’ data throughout the 2010s and sold it to Cambridge Analytica, a U.K.-based political consulting firm. Facebook had gathered user data by collecting information stored in profiles, activity, and even private messages, actions that breached basic privacy and data protection rights.
Both Facebook and Cambridge Analytica were hit with a slew of contentious lawsuits, and the scandal caused uproar not only among the tech and media industries but also within the general public. Facebook going so far as to explore private messages and sell that data to consulting firms and advertisers constituted an unforgivable breach of trust for everyday people, and many still feel that violation today. “If Facebook was going through my private messages, what else can they do?” Many wondered.
In 2019, Twitter also found itself wrapped up in scandal when it came to light that the social media company granted advertisers access to users’ personal data, including email addresses and telephone numbers. The advertisers then used the data of over 140 million users to better reach preferred target audiences and drive engagement revenue. In 2022, the FTC hit Twitter with a penalty of $150 million, one of the largest fines in data privacy to date.
Whether we like it or not, data sits at the heart of daily life. From the targeted ads populating every corner of the Internet to the consumer rewards accumulated through basic check out processes, data is, as Clive Humby put it in 2006, “the new oil.” Between 2017 and 2019 alone, there were over 4,395 data breaches that resulted in over 832,000,000 records being exposed. Recent scandals have proven that it’s time to begin creating new solutions and revisiting the ethics of data at large.
Now, as we gradually move more into the world of cryptocurrencies and Web3, we must begin applying these new technologies to the data privacy problem. How can blockchain help fix our deeply troubled world of digital security? Below, we’ve compiled a list of how Web3 can make the future more secure and just.
Block validation offers stronger protection than Web2 services.
Traditional Web2 IT security services mostly work in responsive ways — they address vulnerabilities after the fact. When security systems detect vulnerabilities such as data breaches or the appearances of new bugs, they engage in what’s called patch management to resolve the issue. This protective process involves deploying patches — more commonly known as updates — to the software to strengthen safety and correct errors. So, if data stored on a server is attacked or corrupted by ransomware, it can be corrected with a patch that will roll the data back to a clean slate. Patch management is commonplace among application developers, OS frameworks, and network software. Patches help ensure the safety of digital environments and the assets held within them. But they mostly do so retroactively.
In Web3, however, data is inherently protected as a result of blockchain’s distributed ledger technology (DLT). DLT offers a whole new model of security that takes more preventive measures rather than using responsive tools to enable security. Within a typical blockchain ledger, blocks — data structures where transactions are permanently recorded — are all connected to the preceding blocks in a cryptographic chain, allowing for a tamper-proof defense. When users make transactions on a blockchain network, their authenticity is verified by validators based on consensus rules, which are rules that are agreed upon by the respective blockchain community. Unlike in Web2, there is no centralized entity that can mishandle or alter the transaction; a single user cannot corrupt the DLT.
Decentralization can strengthen data privacy by removing single points of authority.
Perhaps the biggest problem currently plaguing data privacy in Web2 is centralization. The corporate entities governing digital transactions and interactions do not always take the most ethical routes when conducting business, much to the chagrin of the general public and in-the-know techies alike. A 2021 poll showed that 80% of Americans are concerned about how companies are using their data, and recent scandals like Facebook-Cambridge Analytica have further proven that centralized authorities can rarely be relied upon.
If we’re to truly improve data privacy, then we must turn toward Web3 tools as a means to create new models of commerce and new digital landscapes that do not require centralized authorities to facilitate transactions. The decentralized organization of blockchain does just this. Decentralization offers an organizational structure where the decisions are made collectively by the community without central authorities and middlemen, giving the control back to users.
Blockchain systems work on more personalized access models that enhance data security.
In Web2, access to certain networks, servers, documents, and more is governed by centralized authorities. Users are subject to their discretion when it comes to access. For example, consider Google’s recent data collection lawsuit. In 2020, the French data protection agency CNIL fined Google more than $50 million for violating the EU’s newly-established General Data Protection Regulation (GDPR). CNIL alleged that Google failed to properly acknowledge how they obtain and use user data, noting in particular how the tech company did not secure consent for the data processing involved in personalizing ads. The lawsuit also attacked Google’s strategic ambiguity surrounding its methods of communication to users, citing the lack of specificity of its terms and conditions. Users within the Google network forfeited any permission rights simply by using their software.
Blockchain systems, on the other hand, work with more sophisticated permissions mechanisms that can be adjusted for various networks and offer more personalized security for users. In what’s called permissioned blockchains — blockchain networks that mix public and private access in customizable ways — security gateways facilitate access by way of advanced identity verification processes and rules within each network are tailored to communities. Ripple, for example, is a blockchain that supports permission-based roles for users within their network. Individuals come to their network with individualized talents and individualized desires, so Ripple grants users more personalized access to their tools. To gain access to certain tools and features in Ripple, users verify identities through wallet security processes.
Permissioned blockchains also offer the possibilities for businesses to use Blockchain-as-a-Service (BaaS), or blockchain repurposed for wide-scale use by companies. Businesses could use BaaS to streamline accounting services, clarify insurance transactions, trace supply chains more efficiently, and more.
To put it candidly, data privacy today is a mess. From headline-grabbing scandals to the daily burden of feeling traced by Big Tech, our digital lives have become subject to surveillance and nonconsensual commodification. Blockchain technology can lead us to a better, more just future. We just have to start building.
This article is about data privacy and blockchain. Read more about the future of technology below.
How Blockchain Technology Can Combat Digital Piracy
Can Web3 Save the Entertainment Industry?
Web3 and the Future of the Music Industry
