Published in


GDF: Privacy Should Not Be Sacrificed in Exchange for Service

Research conducted by the Good Data Foundation (GDF) has shown that more and more people now realize the value of data and are growing concerned that their data are copied, monitored, collected and used to fuel commercial machines without their explicit understanding nor consent. Nevertheless, most users still have to choose between giving up their privacy, or giving up basic services including search, email and shopping.

Take mobile applications for example, when you try to access an app, you are asked to read the privacy policy, which impacts personal information, real name authentication, payment information, terminal information, system privileges, logs and behavioral data. You have to “authorize” the app to access those information. Otherwise, you cannot access the service. Most of the time, we choose to “give in”. As a result, personal data naturally flows from the app layer to the server. On one hand you get to enjoy the services such as social networking, e-commerce, music and more. On the other hand, the safety of your personal data entirely depends on whether the privacy policy is properly enforced and whether the app is secure. News flash, unfortunately app developers and tech startups notoriously under-prioritize and under-spends on security.

GDF believes that users should not access services at the expense of privacy. However, under the current outdated technical conditions and operation mode, users’ “ownership”, “rights to control” and “rights to privacy” to data are not fully guaranteed. Abuse and mis-management of data security may enable malicious entities to use data as a tool to harass and even scam users.

In the life cycle of data, multiple parties are involved in data acquisition, transmission, storage, computing and application. Each scenario has different needs and challenges. That said, fundamentally data protection must achieve: secured storage, secured transfer of value and secured collaborative computing.

Achieving full data security protection requires integrating a diverse set of innovative technologies. After in-depth study and solutioning, GDF members agreed the rapidly developing blockchain technology is the foundation needed to build a complete environment and toolkit for data protection. This new technology, which combines secure features of blockchain with newly realized data security solutions, will enable users and developers alike to achieve data security without sacrificing access to service and convenience.

When speaking about secured storage, integrity and correctness of data is a paramount. This means the data must be able to be backed up and restored, without “loss, error, leak or tampering”. Of the different solutions explored by GDP, we found that cryptocurrencies serve as the best economic incentives for network maintenance, thereby maintaining integrity and correctness.

In regards to secured transfer and exchange of value and valued data, we must face risks and challenges of participant identity legitimacy, data compliance and integrity, and network communication robustness. A reliable and trusted blockchain network will be able to put the relevant information and authorization involved on chain. By virtue of one-way and verifiable digital fingerprint algorithms such as Hash and tamper-proof digital signatures, participants are able to verify the transmitted information from all dimensions to ensure its authenticity, integrity and confirm that it has not been tampered with.

Obviously, more data and wider datasets leads to higher value and better predictions. Thus secured collaborative computing is a basic requirement to power a healthy data system. This kind of secured computation is built upon well established technologies such as secure multi-party computation, commonwealth of learning (COL) and homomorphic encryption. Blockchain is used then as a trusted platform for identity authentication, traceability, and incentive and punishment.

In summary, the current model and process for collection and usage of data are flawed and difficult to safeguard against security risks. Through combining well established security methodologies with emerging technologies such as innovative security protocols and blockchain, we can fully realize a secured and distributed data system that allows for collaborative processes to be conducted “on chain”. In this system, through ensured security and compliance, the effect of “data available but invisible” is achieved, thereby enabling users to enjoy both access to service and privacy protection.

Talk to us on telegram or twitter!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store