137 total views, 1 views today
As technological innovation evolves, society evolves with it. The problem is, with each new innovation also comes risk. Whether it opens us up to new security issues or debates over our personal privacy, we’re moving fast towards a future with a lot of unknowns.
During TNW Conference 2019 top government officials, business and technology leaders and everyday technology users like you and me came together at The Assembly to discuss the growing privacy paradox.
The talks centered around the biggest challenges society is facing today including: protecting data privacy; paving the way for the next billion internet users; the need for better collaboration in combating cybersecurity attacks; and trusting decentralization.
Here are some highlights from each of the sessions:
The data dilemma
Today, data = gold. For companies, the vast amount of data they can now collect from users allows them to innovate, optimize and streamline their products and services, helping them compete in an increasingly crowded market.
While this competition may fuel greater innovation, many are concerned that this comes at a heavy price. The Cambridge Analytica scandal exposed the vulnerability that comes with trusting companies with our user data.
Last year GDPR, the most comprehensive data protection regulations to date, came into force. But some say this doesn’t go far enough.
Participants agreed that we need to introduce better regulations and inform citizens about the implications of their data transactions, enabling them to make informed decisions or find/create alternatives.
The extent to which data is shared/exploited should be dependent on the benefit that can be offered to the citizen/consumer. Not the other way around.
Citizens should easily be able to see, monetize and manage their own data. One table suggested that we need self-regulatory principles and a uniform platform that gives power to the people and clarity around the data value exchange.
The next billion
The barriers to technology are lowering, we’re now at a stage when technology is becoming cheaper and more accessible to everyone. The next billion users are ready to connect and leverage the benefits that technology can bring. But this will bring both new opportunities and challenges.
Many saw this as an opportunity for a clean slate. With the hard lessons we’ve learned already being shared and integrated into this new ecosystem, the next billion users can avoid some of our past mistakes.
At the same time, exploitation was a major concern.
We must improve transparency and usability for the next billion to stimulate equality of opportunities and avoid mass markets taking over from local providers. Instead of rolling out new tech fast for quick corporate benefits, we need to ensure sufficient feedback loops are incorporated to avoid unintended consequences.
This is a moment that should be shaped by the next billion users themselves. Instead of dictating, we need to provide them with the support and partnerships they need to become tech creators and use technology to take ownership of their own destiny.
In our interconnected world, cybersecurity threats can’t be combated alone. Hits like the WannaCry ransomware cyber attack which threatened the NHS, Telefónica, Renault and Deutsche Bahn, exposed the dire need for better security collaboration.
We must ensure everyone has a common understanding of cyber terrorism in order to create urgency and be prepared with fast coordinated responses.
All companies, especially big tech, need to understand their influencing power and drive awareness of the risks vs. benefits to increase user responsibility and minimize the abuse of data systems.
We need to support cybersecurity with investment and better tech policies. We need measured and proportional solutions to cyber threats from nation states including:
- Education → 2. Regulation → 3. Sanction → 4. Rules of counter strike.
At the moment, we rely on centralized institutions like banks, governments and tech giants such as Google and Facebook to keep data accurate, accessible and safe. But this hasn’t always boded well for us.
The massive collapse of both Lehman Brothers and Enron was hidden by internal accounting gimmicks until there was no choice but to file for bankruptcy, resulting in the loss of trillions of dollars in market capitalization.
In a centralized system, internet shutdowns and censorship can be used by governments to cut access to opposition voices. Just this year the government of Venezuela was able to shut down people’s access to CNN, the BBC, social media, YouTube and Google services because the country’s system runs on centralized ISPs.
Amid the major data security issues Facebook is already facing, the tech giant recently confirmed reports that it was storing hundreds of millions of account passwords in plain text. This means that some 2,000 Facebook engineers and developers could have easily accessed users’ personal information.
New technologies like blockchain are bringing promises of a more decentralized future. This means that, instead of having to put our trust in large institutions, we could be moving towards a future in which our transactions are transparent and monitored by a p2p network.
But will our data actually be safer on a decentralized network?
The keynote speaker on this topic, Jon Matonis, Founding Director of the Bitcoin Foundation, thinks so.
Trust in a trustless system
Decentralization is bringing us into a new virtual wild west. It’s based on the emergence of systems with short-lived histories and very little regulation. Everyone from individuals to governments to large institutions is questioning whether they should actually trust decentralized systems like Bitcoin to keep their assets safe.
“Blockchain is based on probabilistic security, it relates to something called Byzantine Fault Tolerance – it’s what the system depends on in a decentralized future. Nuclear power plants, modern jet systems, and blockchain are all fault tolerant. This means that when a cyber attack happens, you’re going to want to use the blockchain.” Matonis explained.
Byzantine Fault Tolerance is a problem in which several generals want to invade a neighboring enemy but need to coordinate their attack in order to be successful. This requires them to reach a consensus via messenger. The problem is, one general could be a traitor and pass on the wrong information to the next general.
Blockchain solves this problem by introducing an algorithm called ‘Proof-of-work’. Each time a general (or in the case of cryptocurrencies, miner) wants to submit a new block they have to demonstrate proof-of-work and gain a consensus from the other miners. As long as ⅔ of the miners are honest, a consensus can be reached.
The irony is that, instead of building more trust, blockchain essentially creates a trustless system in which consensus and trust in code replaces the need to place trust in a single entity.
According to Matonis, “It’s not so much that it has to be the correct answer, it’s just that everyone has to agree on the same answer and it has to be the answer with the highest probability of being correct.”
Public decentralized blockchains make the handling of our data more transparent, democratic and secure than ever, but is it completely safe?
Blockchain is more difficult but not impossible to hack
Hacking a blockchain system isn’t impossible, but it’s complicated enough to make it not even worth the time, money and computational power needed to overturn the system. For example, the mining power needed to hack Bitcoin would cost over $260,000 per hour.
Still, this doesn’t mean it hasn’t been done. Blockchains can be compromised if hackers gain 51% control of the network’s computing power. Recently, the well-known Ethereum Classic suffered a $1 million hack.
But most hacks have been done through cryptocurrency exchanges and online wallets. There is however one method which has been used to return lost coins. After losing $40 million worth of ether in 2016, a DAO fund created by Slock.it hard forked in order to return lost tokens to their owners. But the decision to hard fork can only be made based on consensus.
This brings us to yet another complex trade-off between centralization and decentralization.
Resilience vs reliability
While there are new security risks involved, Matonis explained, “A network is only good if it’s resilient.”
Unlike centralized systems, blockchain cannot be shut down or changed at the will of third parties. In a centralized system, it’s governments and internal stakeholders who take the decision to shut down, bail out or place new legislation on our data and assets.
As we saw in the case of the DAO fund hack, in a decentralized system, changes can only be made through consensus.
“For a while, we’ve had p2p file sharing – such as Pirate Bay – you can shut down directories, you can put teenagers in jail for downloading Hollywood films, but nobody can stop p2p file sharing because it’s a decentralized movement, it has resiliency. And believe me, if governments could have shut down p2p file sharing they would have already, but you would have to shut down the entire internet,” Matonis explained.
Not a perfect system but a new option
Decentralization is still not a perfect solution. At the moment blockchain systems can only process 3-7 transactions per second, meanwhile, traditional banks can handle around 2,000. It also requires a large amount of computing power to run.
At the same time, the trade-offs involved and the new innovations happening every day are making it a more attractive solution for certain aspects of our data protection.
Major banks such as Credit Suisse, JP Morgan, and Goldman Sachs, are exploring the opportunities decentralized technology can bring to financial services. Large companies are using it to work more transparently with suppliers and reduce food waste. Meanwhile, aid organizations are using the technology to create digital IDs, enabling refugees and victims of war to access basic needs.
According to Matonis, “We’re coming to a crossroads between a centralized and decentralized future and it’s going to evolve over a period of time.”