Unless you live under a rock, you’ve heard of the phrase “data privacy” over and over again in the past few years: how GAFAM is coming under fire over privacy; how it’s getting more costly and complex to deal with consumer data under new regulations; and so on.
With technology ingrained in the operations of today’s world, our privacy is at stake. But what does it really mean? What are the possible consequences of data breaches? Can web3 be the light at the end of this dark tunnel? Let's dive in.
THE WORLD TODAY IS ONLINE
In 2011, American investor and engineer Marc Andreessen wrote an op-ed titled "Why software is eating the world”. In this piece, the co-founder of venture capital firm Andreessen-Horowitz made several predictions of how traditional industries would be changed forever by software as tech companies became increasingly relevant.
Since then, we’ve seen lines of code permeating every corner of our lives. From entertainment, retail, education, health care, finance to sectors with heavy real-world components like oil and gas exploitation have undergone fundamental software-based transformations. Even the success or failure of our national defense today hinges on the ability of software to operate correctly. The most glaring instances included a programming error in which a single missing hyphen caused a spaceship to deviate from its intended path, costing NASA $150 million.
If you take a look at indices like Vanguard S&P 500, the information technology category is leading the chart, making up 28% of its composition. A deeper look shows that companies like Apple, Microsoft, Alphabet, Amazon, Tesla, NVidia, and Meta are part of its 10 largest holdings. The dominance of tech platforms in today's world can’t be overstated from a financial or operational perspective.
This is not without consequences.
REAL WORLD CONSEQUENCES
“Move fast and break things”
Popularized by Facebook and enthusiastically adopted by startups, the “move fast and break thing" motto’s spirit means that making mistakes is a natural consequence of innovation in a highly competitive environment.
With companies racing to put their products into consumers’ hands as fast as possible, it is hard not to be worried. Oftentimes, companies focus more on features than data security and user privacy, which has spelled disaster in the past. Vulnerability holes are being exploited by companies, hackers, and governments alike to hone their cyberweapons.
"Zero-day" is a term that describes a security vulnerability that is only known to hackers, meaning developers are unaware of its existence and lack a patch to address it. They got their name because when a zero-day attack is detected, there are "zero days" to fix it since the flaw has already been exploited.
The United States gained notoriety for having some of the most sophisticated hacking skills and for employing them more aggressively. In 2013, the Snowden leak laid bare a secret that had long been whispered about: the National Security Agency (NSA) was indeed spying!
At the most basic level, the government was willing to pay lucrative amounts to hackers to turn over zero-days in products. But over the years, there were growing reports that the NSA would even plant backdoors in US-made hardware and software to allow their hackers to get inside the devices. In some cases, the NSA went as far as back-channeling with the international agencies that set the cryptographic standards for security companies to advocate for flawed formulas. In the name of national security, the government doesn’t hesitate to throw their citizens under the bus. And the US is certainly not alone in this cyber-weapons arms race.
Zero-days are the most valuable thing a spy or hacker can possess for two reasons. First, it allows these bad actors to remotely break into devices undetected. As a cybercriminal, the more invisible you are, the more power you will have. Second, until a fix is developed, made available to users worldwide, and users run their software updates, everyone using the compromised system is at risk, similar to an F0 patient in a pandemic. (Therefore, never again neglect to update your device!)
What happens when our data fall into the wrong hands?
Cybercrimes have become increasingly prevalent over the past years, affecting everything from big corporations to individual users. Ransomware attacks are causing more than $75 billion in losses.
Businesses that experience a cyberattack also incur higher costs due to operational disruption and modified business procedures. But the largest loss is tarnished brand equity.
On an individual level, zero-days can allow hackers to capture a user's every keystroke, text, password, email, and anything they did on their phone, thus accessing every minutiae of our lives.
In a campaign slogan for its surveillance program, the UK government declares: "If you've got nothing to hide, you've got nothing to fear”, to which whistleblower Edward Snowden famously argues: "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say."
The GAFAM empires and centralization
As if cyber threats were not enough, there has also been an increasing number of privacy concerns. Many people underestimate the value of their data because they have no idea what can be done with their GPS locations, online conversations, or search history. For example, information about how many times you visit the hospital or read online articles about specific medical issues can put you at risk of discrimination. Data issues are also manifesting themselves in other problems like polarization, misinformation, and confirmation bias.
In the past 20 years, instead of building open and interoperable components, the internet has centered itself around proprietary, tightly controlled platforms. The huge empires created by companies like Apple, Google, Meta, Amazon, and many others, have resulted in some of the biggest privacy scandals of our time such as that of Cambridge Analytica.
These platforms have hoarded a dominant network position that keeps users trapped behind their walled gardens. On today’s social media platforms, the social graph and identity are proprietary instead of interoperable pieces. “Identity” on platforms is “account”, which means the right to access to the platform.
Our privacy is out there for the take of the powerful, that’s the truth.
A WAY FORWARD FOR DATA OWNERSHIP
From web 1.0 to web 2.0, the latter builds on the limitations of the former. In the same way, web3 is now addressing the data privacy issues that plague today's internet. Here are three angles web3 is going to tackle.
Giving ownership of data back to users
Web3 will return control and ownership of data to users.
What this means is there will be no longer any centralized servers that host content for organizations or individuals. Data is instead spread out across tens of thousands of computers around the world, with each user functioning as their own server. Instead of building privately owned platforms, we are building open-source protocols. Without centralization, it will be very challenging for hackers to completely take over the organization.
GAFAs built their empires and cashed in billions in profits for simply being the middleman. With web3, smart contracts in decentralized applications (dApps) will be the only “middleman" automating process, letting users interact directly with other users or with their favorite brands.
True data ownership means web3 users can also take their social graph with them wherever they go. When you switch to another dApp, you don't have to start over because the past data is always yours. Think about being able to use your preferred game skin in any game, occasion, or setting. You don't need to conceive that because it is currently occurring in web3. Arianee Enriched NFTs are interoperable between different dApps.
Separating physical and digital identity via pseudonymity
Today we have to give a lot of personally identifiable information such as phone number, date of birth, and legal name in order to use certain apps. This is a privacy invasion. In addition, by logging in to a website via Google or Facebook, we divulge our online foot traces and real identity while contributing to the monopoly of Big Brothers.
So how do we minimize the data we give online? The principle is simple: the collecting of personal data must be restricted to an absolute minimum, no matter what service we are using.
To this end, web3 is the promised land. When opening a crypto wallet (the gateway to web3) or joining a dApp, you don't need to share any personal information. People’s online identities are obscured by NFT profile pictures and pseudo handles.
Pseudonymity enables people to exchange ideas and participate in social interactions without doxxing themselves. Under aliases, people can still build credentials, foster trust and respect. They do so, however, on their own terms.
So you’ve got your digital identity separated from your real-world identity, that’s good. Now how do you prove to the blockchain you are really who you claimed to be? The answer is by signing cryptographic transactions.
As Ethereum addresses are replacing emails/usernames, signatures are replacing passwords. A cryptographic signature proves the user indeed controls the private key to the public address, serving as a secure method of authentication without relying on an intermediary.
To log into different dApps, you only need to connect your wallet. All a dApp or a brand needs to do is trust the token and the digital credentials the owner has built. They don't need to look at the data itself.
Powered by Big Tech, web 2.0 has certainly benefited us in many ways. But ownership and privacy should be by default, not “asked for”. We are now at a critical tipping point in which we must decide if we want to change things for the better.
Web3 will replace today’s data hegemony with a decentralized data structure where customers and brands regain control over their data. No more centralized data storage. No more intermediaries. No more third party data. Customers can preserve their anonymity in the digital environment. And finally, it’s not cookies, but the tokens you own and what you do with them will indicate your real interest.
At Arianee, we accompany brands in their web3 transformation. With our open-source protocol and end-to-end web3 solutions, Arianee enables brands to tokenize, distribute and leverage NFTs to transform their relationships with their communities. We create a direct, perpetual link between brand-customers which fully respects personal data.
$ARIA20 is key to the Arianee open source protocol, allowing our brands, users and partners to take part in the collaborative governance of our protocol. $ARIA20 is used to pay for the creation of NFTs, send messages to an NFT the brand created, and create events to enrich an NFT. You can buy $ARIA20 here or on any number of exchanges.