How much data are you giving up just to access financial services, get paid, or simply buy liquor?
Recently, this writer did some work for a large company that onboarded suppliers and processed payments through a third party service bureau. Part of the process involved proving that I was qualified to work in Canada. For that information, they wanted an electronic scan of my passport. They would keep that data in perpetuity, outside my control, on systems into which I had no visibility.
I was uncomfortable with this and asked several other writers about it. Some were horrified and told me to stand my ground. Others saw danger signs, but said that it is a regular occurrence and not worth fighting over. A few were sanguine. “I send pictures of my passport over Gmail to people all the time when arranging foreign trips with companies,” said one. “I’ve never had a problem.”
My response: How would he know that there hasn’t already been a problem and that someone isn’t using his identity as he speaks? You cannot prove a negative. Even if he were able to prove the provable, how can he be sure that there won’t be a problem tomorrow?
If history is anything to go by, allowing third parties to store copies of highly personal data outside your control is a recipe for disaster. Consider the Office of Personnel Management (OPM), which in 2015 allowed hackers to walk away with highly sensitive information on 10% of the US population that had applied for federal government jobs.
One day, we’ll look back at a world that requires us to hand over our most valuable secrets to complete strangers that put us at risk as a dark age. We will remember the sting of a thousand data breaches in which intruders pilfered vast stores of personal information poorly protected by insecure systems, and wonder how a society powered by information survived it.
David Shrier wants to change the way that we share our information by putting people back in control of their data. He is a lecturer and futurist at both MIT and Oxford universities, and the CEO of Distilled Analytics, a spin-out company from MIT. Shrier gave a keynote at SecTor 2017 and we caught up with him for a short interview, below:
Users must be able to share answers, not data, Shrier suggests. Rather than sharing an image of your passport for someone else to inadvertently make available to hackers, we should be able to simply share the answer to a question “Do you have Canadian citizenship or residency?” The answer should be based on verified, immutable and encrypted records that need not themselves be revealed.
Rather than having your personal data stored in dozens of places by others, their applications and processes should have to query your data on your terms, and with your consent, he adds. There should be an immutable record of who approached the data’s owner, and what they asked.
Shrier thinks that he has the answer. His keynote pitched MIT’s open source Trust::Data framework, which he hope will create a new standard for the decentralized sharing of information along these lines. The blockchain-based MIT-led will create a resilient audit trail for the creation, storage and provision of data, he says.
The technology will shard data into thousands of small pieces, making it difficult for intruders to aggregate into a single, exploitable file. It will also encrypt those shards of data, and Shrier makes a bold claim. The data will be “homophorphic-like”, he says, meaning that the blockchain will be able to use zero-knowledge proofs perform some calculations on it without decrypting it.
“There are better ways of identifying you that don’t rely on government-issued documents,” he says. “That identity model should be in the user’s control.” He adds that users in control of their data could also create personae, representing different aspects of themselves to different stakeholders.
Although Shrier says that the project is being built on the Ethereum blockchain, the technology will be blockchain-agnostic and could be implemented on other infrastructures. It will be released in pieces over the next 5-7 years, he adds. That’s an eternity in the blockchain space, though, and this sounds a lot like the kind of blockchain-based identity infrastructure that several other parties are working on, and which we have discussed before on the SecTor blog.
What could this project mean for the future? He envisages a world in which people in control of their data could make money from it by granting who has access to it and how, rather than simply handing over their sensitive information for others to capitalize on while exposing themselves to unnecessary risk.
He imagines distributed hardware interacting with blockchain-based technologies to give least-privilege access control to users. Perhaps most ambitiously of all, he imagines a world in which the average person on the street is data-literate, able to understand the risks of over-sharing and to adeptly use solutions that protect them. That may be the tallest order of all, but it’s world worth hoping for, and a welcome alternative to the breach-ridden one we have now.
See Shrier’s keynote at the SecTor 2017 conference here.