July 5, 2018

The Deep State of Data – Part 3: A way out

The Deep State of Data – Part 3: A way out

Nearly 30 years ago, Tim Berners-Lee created the World Wide Web to help scientists easily locate information. Since then, the internet has evolved from a decentralized medium for knowledge, communication and commerce, to a tool—some say a weapon—wielded by powerful governments and corporations against the public it was meant to serve. “It controls what people see, creates mechanisms for how people interact,” Berners-Lee told The New York Times in 2016, as he sought to reinvent it. Unfortunately through either directed decision or laissez faire regulation, the web has turned into an oligarch’s paradise where the serfs serve up endless currency in the form of digital exhaust and the billionaires use these gains for private planes, ranches in New Zealand and, of course, spaceships. (Are they trying to tell to us something?)

Fortunately, a tectonic shift back toward decentralization is already underway. There’s a reason industry experts and engineers tout blockchain technology as the most important computing invention in a generation. It’s because, for the first time in human history, we will have access to a transparent, incorruptible digital medium for peer-to-peer value exchange. By allowing information to be distributed and transparent, but not altered, the blockchain is fundamentally changing how we transact, not just financially, but with virtually anything of value—including our identity.

As the “online” and “offline” worlds of today morph into the digitally-enhanced world of tomorrow, our digital identities are increasingly used in ways that require more data fromand aboutus, linking our usernames and passwords, online searches, purchase histories, and social media activity to our legal identity—our given name, birth date, and social security number. This is done to authenticate and authorize access to various platforms and services, but it’s also used against us, to feed our basest needs and desires, fuel tribalism, widen the schism, and render thoughtful discussion, compromise or progress onsociety’s most pressing problems a near impossibility. Advertising and propaganda have always served as forms ofmind control. The difference now is that advertisers, governments, and the FANG have even more of our data, the capacity to store it forever, and the ability to optimize their use of it, all so they can more effectively peddle everything from shoes to political ideologies.

It doesn’t have to be like this. The way out doesn’t involve changing passwords or opting out. The only viable solution allows users—people—to opt inby creating their own Terms of Service, to own their identities, regardless of context, without jeopardizing the trust needed to transact in the digital age.

Imagine your personal identity represented by a business card. Think of it as a passport for the digital world, consisting of a name, an email, phone number, physical address or even the name of the company for which you work. These identifiers are used by other humans, machines, and systems to differentiate you from everyone else.

Now, imagine that instead of handing out just one business card for the rest of your life, you were able to create and use multiple cards, all containing a unique phone number and email address, dictated by you, for any number of uses. You might give a disposable card to a car salesperson and destroy it once the deal is done. A more permanent card might go to your child’s school, and another might be used when transacting on Craigslist. The point is that you own and manage these cards and their relevant details, distributing them on your terms, all while keeping a layer of protection between the recipient and yourpermanentpersonally identifiable information (PII).

Now you might ask, how would that person buying your sofa on Craigslist be assured you’re trustworthy? Or how would that app you’re downloading know you’re not a bot? How could an e-commerce site have confidence that your order wouldn’t result in a fraudulent chargeback? How do we offer the same trust to these third parties while giving individuals all of the freedom and security they enjoy in the “analogue” world?

The answer takes us back to blockchain technology. Imagine a public “book” of business cards (which I’ll refer to as “personal identities” moving forward) and all their relevant transactions, recorded and confirmed anonymously, shared between many parties, secure and immutable. In this “Book of Trust” (BoT) the pages are numbered so we know they’ve been unaltered, the method of assessing that trust is documented in the table of contents, and every personal identity entered is completely verifiable.

In this model, Trust is retained with the user and not adjudicated by the system. But to ensure that trust is reputable, that it accurately measures the kinds of considerations third parties make with regard to trust (e.g. Is this a real user? Is this charge fraudulent or not? Is this person safe to do business with?), that which establishes trust must be recorded, viewable, and above reproach.

If we opt into the Book of Trust, could we record the activity that legitimizes various personal identities without disclosing the permanent legal identity to which they’re tied? Could we protect and anonymize our PII while still being held accountable to a personal identity?

Yes, because even though our personally identifiable information would be hidden, our reputation would be accessible upon request, verifiable by relevant service providers and other third parties.

Is Steve a decent guy? (He has a 4.94 on Uber.) Okay, I’ll pick him up. Uber doesn’t have to have my long-lived mobile number, personal credit card, and location to determine this. I could use a separate personal identity—a specific-use credit card, mobile number, and even a pseudonym—for my Uber profile, and they’d still know that I pay my bill and refrain from vomiting in the car or berating my driver. When they’re dealing with Sudo Steve, my reputation precedes me and protects my legal identity.

Through the BoT, I opt into my identity. I allow the system to apply one or many forms of analysis (i.e. algorithms) to ascertain the trustworthiness of that identity so third parties can make decisions to engage based on their models for risk. Some might be highly sensitized to fraud while others just want to make sure they’re not being hacked by bots. I’m okay with this because it gives me access to services without compromising my personal privacy, and they’re okay with it because it protects the integrity of their offerings (and means they don’t have to worry about insuring against costly data breaches).

Sure, they might not know it’s really “Steve” but as long as they know “Sudo Steve” loves the NFL, they can still sell that data to advertisers. And Sudo Steve is happy because he simultaneously gets interesting ads while not worrying about having that interest bleed over into his more professional life.

The blockchain is the way out. And trusted identities on the blockchain is the new way to ‘opt in.’ It’s the way individuals will take back control. No more fake news, fake people, or fake goods. No longer will we have to rely on institutions telling us whom to trust. The answer will be right there—transparent and immutable, writ large—for us to read and assess for ourselves. The power will be with the people.

This is the moment we take control of our privacy and safety online, the moment when we start living in the digital world the way we always have in the analogue one—in control, on ourterms.

Additional Notes