By now, most people have resigned themselves to the idea that privacy may soon be a luxury of the past. While exact estimates are all over the map, even the most conservative estimates count on there being upwards of 20 billion connected devices online by 2020. Many of those connected devices will be capable of collecting an enormous amount of extremely personal data which was once safeguarded by strict laws governing communities that were previously the only ones privy to this type of data such as healthcare and finance.
Some people may not fully understand the need for data privacy or just how much sensitive data smart devices may be able to collect. The problem is not so much the type of information that can be collected from one device, but what happens when manufacturers and retailers start sharing that information.
Why Is Data Privacy So Important?
Imagine a smart thermometer used to determine ovulatory cycles sending information, not to your healthcare provider that is bound by strict confidentiality laws, but rather to the manufacturer of the device that is bound by no such laws. Online shopping has become one of the fastest, most convenient ways to shop, with many online merchants even offering same-day delivery service. What that also means, however, is that those same online merchants also know exactly what kind of products you are purchasing - or what products you stop purchasing - but are not bound by the same laws as banks in regards to what they can do with that information. This means they have access to data on your personal contraceptive practices or when a household stops purchasing feminine hygiene products but are not governed by any laws about what they can do with that information.
Smart devices and online shopping are quickly placing massive amounts of highly personal data in the hands of retailers and manufacturers that are not bound by any kind of privilege or confidentiality laws. This is why data privacy is so important.
What Can Be Done About Data Privacy?
At the moment, there is not a great deal that can be done about data privacy except to be wary of the types of smart devices you purchase or what you buy online. While the US lags far behind, the EU has made significant strides to protect data privacy and has recently enacted a number of strict regulations regarding how businesses can collect information and what they can do with it. While these laws don't technically apply in the US, they have also gone a long way towards protecting US citizens, since they apply to all businesses that operate in the EU in any way. Since almost all online businesses are more or less international businesses, the regulations cover the majority of online businesses. While the EU regulations have gone a long way, they are a mere drop in the bucket in relation to the power of blockchain to protect data privacy.
How Can Blockchain Technology Protect Data Privacy?
Imagine that you had a credit card that was divided into eight pieces. The credit card could not be used until all eight pieces were present. Now, imagine you kept one piece and gave the other seven pieces to seven other people that just kept handing them off to other people. At any point in time, even you would not know where the other seven pieces were. Now imagine that when you needed to use your credit card, you could enter a code in your phone that brought all seven people currently holding a piece of your credit card together in one place in a matter of seconds. This is the essence of blockchain. The blockchain divides and disseminates all of your personal information, scattering it to the winds, until a key is entered which allows it to be assembled into one file.
While even the EU is aware of the power of blockchain, there are certain clauses in the recent legislation that prevent blockchain from being a solution to data privacy while still adhering to the EU regulations. One such clause has to do with businesses being required to delete personal information on request. Once information is recorded on the blockchain ledger, it is permanent, there is no way to delete it. Another clause requires organizations to install a data controller to complete these types of requests. Again, since there is no controlling data entered on the blockchain, a data controller would have no ability to complete such requests. While blockchain technology certainly has the power to protect privacy, it remains to be seen if regulatory agencies will put control of one's personal information back in the hands of individuals.
Ready for the next step?
Ensure that every solution you use is safe, secure and compliant with ever-changing GDPR, PSD2 and other personal data standards and regulations. Our authentication solutions take care of that for you.