What is free is not actually free. Why don’t people pay for the radio? Advertisers subsidize the cost of radio programming to get the chance to reach consumers. Even public broadcasting stations must beseech listeners and corporations to lend support. Many public-facing platforms are poised to offer a good or service to consumers and charge nothing in return, or so it would seem. Are they really charging nothing? In many cases these companies receive payment from advertisers that purchase mountains of data mined from consumers participating in those purportedly free services.
Monetized personal data indexes are the new norm. Data-driven mega-corporations like Facebook and Google have business models that capitalize on the torrents of data mined from platform users. Anyone who has entered a search term on Google or who has frequented the advertising banners of other websites can attest to the fact that so-called “free accounts” do more than simply provide access to a service. Since this valuable information can be used to generate enormous profits or maliciously plied to harm consumers, the landscape of personal data ownership has given rise to a corporate versus consumer dichotomy where the best interests of consumers are not always in line with profit models.
In at least one case, Amazon appeared to side with a customer who found himself in the sights of law enforcement. After the body of a deceased man turned up in James Bates’ hot tub, Prosecuting Attorney Nathan Smith thought searching Bates’ voice-activated assistant could offer clues as to what took place. When Arkansas police pressed Amazon to supply data from Bates’ Echo device, the digital marketplace resisted. In this case, Amazon chose to protect the consumer by requiring law enforcement to follow proper procedure, but it begs the question: should that choice be in the hands of a corporate entity or in the hands of consumers themselves?
It can be assumed that no one who buys appliances is looking forward to an Orwellian future where a brave little toaster spies on its owner for Big Brother. The implications of an interconnected network of devices that both gathers and shares meta-data about everyday happenings, only serve to complicate issues further. In the near future, a web of interoperable internet of things (IoT) devices promises to deliver heaps of information to both consumers and corporations alike. How that data should be used and who has a right to use it is a bit of a murky gray area. Since a swarm of IoT devices will someday surround consumers, and those devices are going to be gathering data, a blockchain-based system could act as an encrypted mesh to prevent malicious access to the honeypots of information gathered by IoT devices. What must be taken into account is a need for privacy alongside transparency to create safe and efficient outcomes for both businesses and consumers. If it is possible to lock down private data into systems wherein permissions can be directly given by consumers, it might pave the way forward to more reasonable exchanges with corporate entities; today, privacy is outright abandoned in many modern models.
Some platforms that are being built with the Ethereum blockchain, such as the Brave browser, have consumer protection at the core; the Brave browser prevents data mining. It is an example of what will likely be an emerging consumer market based on a demand for privacy. The paradigm shift towards platforms that advocate the encrypting of private data will put that information back into the hands of consumers. To this day, many market participants have become unknowingly complicit with the for-profit data-mining models that businesses have engaged in simply because it has become a status quo. People can choose to stop participating in services that monetize their information, but only when alternatives that deliver privacy crop up in the marketplace. Consumers can be empowered to take ownership of their information if their personal data is encrypted and managed through executable distributed code contracts (EDCCs) that govern who and what entities are allowed access.
EDCC’s can also benefit companies turning to blockchain-based systems of governance that wish to avoid falling from grace with regulators. EDCCs have the capability to follow regulatory compliance to a tee because those regulations can literally be coded into the contracts. To that end, there are specific advantages to blockchain systems that can be applied to the gathering and ownership of personal information in ways that adhere to regulations.
Regulators care about what companies are going to do with customer data. Facebook was recently fined to the tune of $1.44 million by the Spanish data protection agency (AEPD) for failing to disclose exactly how it would use data it gathered from user “likes” and failing to delete data after it had become useless relative to why it was collected. While Facebook may attempt to wriggle out of this fine with a respectful argument as to the definition of “likes” as personal information, the AEPD has not backed down.
It is in the best interest of companies to fall in line with regulators, should continued business be an operational goal. On the other hand, another group of individuals has no such inclination to follow the line of the law. Hackers who desire to cash in on troves of private information see technology which has delivered the ability to gather such data as a boon.
In an interview John McAfee tweeted, he spoke directly to the frailty of mobile devices and described how most of our devices, particularly smartphones, are built to spy on owners. For instance, watching illicit content can initiate a click-through agreement that is able to put rooting software onto a smartphone. “After it’s rooted, [hackers] download a keylogger, and all this happens in a matter of seconds. And from that point on, somebody is watching every single one of your keystrokes. Now, people pay these pornography sites for the ability to put their keylogging software on your phones. Why?” He goes on to describe how people who have cryptocurrency wallets or bank accounts managed through hacked mobile devices are susceptible to those wallets and accounts being emptied out. He said it hasn’t happened yet on a minimal scale because hackers are less likely to show the backdoors they’ve used to so-called “white hat” hackers who will, in turn, shut them. Rather, McAfee points to a near future where millions upon millions of accounts are simultaneously emptied.
McAfee’s example isn’t too wild to consider when looking at the recent issues that major credit reporting entity Equifax has had to deal with in the wake of a widely reported hacking scandal. 143 million US customers were affected and Equifax apparently had months to fix the problem, but failed to do so after the issue was disclosed. It’s not the first time consumer information has fallen into the hands of hackers. It’s easy to find examples of other companies that have been hacked and asked their consumer base to change account passwords because corporations don’t have a great track record of keeping data safe from hackers. In 2011, Sony customers bemoaned a hack that endangered over 70 million PlayStation Network and Qriocity accounts; 20,000 credit card and bank accounts; and leaked personal data of some 24.6 million users. Target saw 40 million accounts worth of debit and credit card data stolen in a hacking scandal that took place in 2013, a figure that pales in comparison to Yahoo hacks in both 2013 and 2016 which involved a whopping 1.5 billion private accounts.
A few things could happen to help the process along. Legislators and regulators who are interested in consumer rights might craft policies that make it illegal for companies to gather data. People developing new identity systems may integrate protocols that better safeguard personal data. People may decide to stop opting into services that sell their personal information to corporations.
Whatever the future holds, the present model is clearly fractured and puts consumers at risk while playing into the hands of the companies that gather data. Blockchain technology may perhaps lead consumers to a world that puts control of personal data back into their hands.
