Over the past few months the news has been littered with reports of large corporations being hacked. We’ve learned about cyber attacks affecting Anthem Health Insurance, JPMorgan Chase, Home Depot, Dropbox, Yahoo, Target and others, which collectively have resulted in the compromised information of hundreds of millions.
Many have raised alarms about how difficult it is for companies to safeguard data and protect themselves from cyber attacks, and even Jamie Dimon, the CEO of JP Morgan, stated that the overall situation has become so bad that the government needs to step in to provide assistance to protect businesses from continuous threats.
Sounds scary right?
Most of us would agree that the recent events highlight the need for heightened overall security. But beyond that, it appears they also highlight the relative powerlessness that we as consumers have over the protection of our data and our identities on the Internet. A recent survey of millennials indicated that the general sentiment among them is that data compromise is inevitable and there is little in our power that can be done to prevent it, so it's pointless to try.
It seems absurd to comprehend the idea of the information of one hundred million people being compromised in one fell swoop, but this is the new world that we live in. While our physical property is contained within our homes, and we alone are responsible for keeping it safe, our digital property today is largely entrusted with a few massive corporations. These corporations are given the privilege, the responsibility and the burden of safeguarding our data. And since all of our data is consolidated with them, on their servers, they open the door for massive breaches and represent a systemic risk to our privacy and our security.
When we consign our digital selves over to other parties, we don’t just open the door for our information to be compromised and leaked by hackers. We also open the door to intrusive tracking and targeting by advertisers, to mass surveillance by governments, and to a general loss of control over how we represent who we are on the web.
To avoid all of this, we need to start weaning ourselves off of the services that represent systemic risks. This means gradually reducing our reliance on services that feed on and broker large amounts of our information to advertisers, ones that pull our data into the cloud and are able to access it unencrypted, and ones that don’t give us the control to move our data wherever we wish.
The answer lies with services that put the user in control and at the center of the experience. These "user-centric" applications make an effort to store as little user data as possible, allow their users to store their private data on their own devices, and provide a convenient way for users to transfer their data out.
We can opt to use SpiderOak over Dropbox, DuckDuckGo over Google, and Bitcoin over Chase. Many of these alternatives aren't as popular as their counterparts because of the UX gap, but we're seeing this gap get smaller every year.
At Onename, we're working to provide developers and their users with an amazing identity, authentication, and private data system. One that has all the conveniences of Facebook connect and all the data privacy benefits of username and password, all while putting users at the center and keeping them in control. One that lets users give limited access to their data, and lets companies like Anthem have access to personally identifiable information (PII) without having to store it on their servers.
To accomplish this, we've been leading the open source development of an open naming and identity protocol called Blockstack.
We believe that the world is better when users are in control of their digital selves. We want to empower people to take back control, and that’s why we're working on Blockstack.
An earlier version of this post used the term Openname. This post has been edited to reflect that Openname was later merged into Blockstack.