Privacy has been a growing topic of debate over the past year. Already a cause of concern due to years of worsening data breaches as well as corporate and government surveillance, the subject has taken on even greater urgency in 2020. With the global COVID-19 pandemic forcing a massive shift to remote work and schooling around the world, digital privacy is more important than ever.
But what many of the current conversations around privacy miss is a major evolution of the nature of data itself. While most of us think of data as being generated online – for instance, our social media activity or web-browsing history – the pandemic has accelerated the use of data from physical smart devices. This includes computers and phones, but a growing number of tools made necessary by the pandemic, like digital assistants, webcams, smart TVs, even VR headsets. The huge amounts of data these devices generate is expected to reach 80 zettabytes by 2025, meaning privacy is no longer a simple story of internet searches and online purchases.
It now touches many of the key, everyday processes we use to navigate through this new reality.
Traditionally, corporations – not consumers – have owned and custodied information, which is stored in centralized servers and shared with numerous third parties. If we maintain these older models of data management, the risk of hacks and security breaches will only become more severe. This year saw an increase in high-profile hacks of devices such as Ring home doorbell cameras. Such breaches demonstrate the ways in which smart devices can put people’s privacy and safety in danger like never before.
The world is ready for another option: self-sovereign identity and self-ownership of data. Regulation, culture and technical innovation are all converging around a bottoms-up concept of verifiable, user-generated and user-owned information. The idea of “your keys, your funds” is expanding beyond cryptocurrency to the smart devices that are increasingly central to our lives: “your keys, your data.”
People have been talking about this concept, invoking ideas such as decentralized identity, for years with little material result. Now it’s different. In 2020 we saw continued momentum for privacy-protecting regulations like GDPR and CCP, including the passage in November of California’s Proposition 24. These are beginning to turn the traditional model of data ownership on its head.
The past year also saw, for the first time, the emergence of “privacy-by-design” smart devices that give everyday people exclusive ownership of their data. Where data has historically been viewed as a corporate asset, the emergence of self-sovereign products and stringent data privacy regulations is now turning data ownership for corporations into a liability.
The implications of this are enormous. With data ownership in the hands of people, not corporations, much of what is broken about the way digital information is handled can begin to be fixed.
When law and code are premised on the notion that the trails of data we create belong to us in the same way a written letter or physical receipt do, business models based on data mining can be right-sized. More importantly, individuals will finally have real control over who has access to their data, when, why and for how long. Smart, self-sovereign devices like Ucam are already demonstrating how user-owned data can protect privacy in a world of connected devices.
None of this is to say that every problem related to information security will be solved when data is self-sovereign. Just as it’s possible to lose a receipt, or unwisely give your phone number to a stranger, there will still be risks and pitfalls. But the power, and the choice, will be in the hands of the individual. Corporations will not have carte blanche to collect, analyze and sell reams of data on their users’ activities without their permission. This won’t be because of any change of heart, but because the data won’t be theirs in the first place. Ownership of data will finally be where it belongs: in the hands of those who create it.
See also: Raullen Chai – Look to Design, Not Laws, to Protect Privacy in the Surveillance Age
The world in 2020 finally reached an inflection point around data privacy – and the path forward will be one of self sovereignty. As smart devices become increasingly embedded in the way we live, work and learn, this model will ensure our devices, the information they capture, and the value they generate will belong to us and us alone.
Control and freedom will finally be back in the hands of the people, enabling previously unimaginable business models that empower everyday people, not “too big to fail” institutions.