Is it possible to use the Internet and maintain the same level of privacy that people used to take for granted? When you provide your mobile phone number, your email address, your date of birth, where does this information get stored and who is protecting it? Who’s making sure that when it’s no longer required it is securely disposed of? And why do I even need to give away all that personal data?
The EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) are really good steps in the right direction, but that’s not the whole picture. The way some new applications are being created and delivered are introducing a significant risk to data. Consider this example: a new app on Facebook from a US company, developed and delivered on 3rd party cloud platforms, with “cost effective” coding skills from India. The governance over your data is now the responsibility of at least 4 different, independent entities: Facebook, US Company, Cloud Platform vendors (AWS, Azure, Google, IBM Cloud), India coding services. Think of all the ways your data could be exposed!
As our interactions on the Internet evolve, we must innovate to ensure new models are designed and delivered with user privacy as a key mandate. We are starting to see some inroads in this space with initiatives such as the Self Sovereign Identity (SSI) model, where individuals or organizations maintain ownership of their personal data, and control how any specific pieces of data are shared. These claims can be shared without having to go through an intermediary using blockchain technology.
While the long-term potential of SSI is very large, at this point in time the definitions and rules around its use are still being defined. So in the mean-time, what can you to do minimize your risk of personal data loss?
This is most certainly not an exhaustive list, but here are some things to think about:
- Consider the applications you use or install very carefully, particularly if they are asking you to sign-up and give away personal data. Don’t unnecessarily give away any of your personal information.
- Always utilize two factor authentication (SMS/Biometrics etc.), wherever available.
- Never use the same password twice, and switch to a Passphrase if possible. The longer the password, the better.
- Use a Password Manager.
- Make sure your devices (laptops, tablets, mobile phones) are backed-up, and the password lock screen is enabled.
- Ensure you apply any software updates as soon as possible.