Novel Identity and Data Management Methods that Could Help Protect Privacy

Decentralized and federated web development communities are aligning their efforts with user data protection needs...

Data Management

It is said that privacy on the Internet is short of impossible. We could use tools such as VPNs and be careful which services we use and what we share, but at the end of the day — savvy companies could still find us.

Nevertheless, we advise everyone to use some of these tools (especially VPN) to make it harder for advertisers to track us down and, consequently, serve us even more ads.

Luckily for us, new Web3 technologies are emerging that have the potential to let us regain our collective privacy. In this article, we’ll explain how you could use these technologies, though you will have to know a thing or two about using them. Unfortunately, these tools are still not ready for prime time, and chances are, most users can’t easily rely on them to hide their web whereabouts.

This innovative way comes from decentralized and federated web development communities, who are aligning their efforts with user data protection needs. Here are a few thoughts on what seems most promising when it comes to these methods:

1. Use on-device matching, decentralized IDs and credential verification messaging instead of sharing ID numbers. It doesn’t make much sense to “protect” the most sensitive data by duplicating it over and over again. Instead, it is advisable to have the necessary confirmatory details verified by a verified third party — such as a government agency that issues passports — with the help of decentralized identifiers (DIDs), hashed authentication and authorization messaging, as well as a shared decentralized ledger.

Down the road, it wouldn’t make sense to share mobile phone numbers or email addresses, as those represent correlatable ID numbers. Decentralized identity makes protecting personal identifiers themselves possible.

2. Store data in your own secured SOLID repositories, and share access to certain data rather than allowing it to be copied or moved. Instead of a centralized repository, someone else controls and manages (i.e. Google Drive, OneDrive, Dropbox, etc.), SOLID pods can serve as a federation of repositories in a supply chain — with each supplier controlling and managing access to its own data. As a result, we may get apps that are designed to use data from owner-controlled pods rather than centralized storage.

3. Explore decentralized apps (dapps) built to use SOLID or peer-to-peer data networks such as the InterPlanetary File System (IPFS). Content addressable networks such as the mentioned IPFS allow each user to manage their own serverless graph while supporting fine-grained access controls and decentralized identifiers for users and data objects built in. Meanwhile, SOLID-oriented federated web development communities are emerging with their own flavor of less centralized apps.

As I noted above, at this stage, this all sounds like tech mumbo-jumbo and that is because we lack proper user interfaces that would make accessing decentralized services easier for everyday users. When we do get that, and such services to enter the mainstream, we will finally be able to assert data ownership and control, particularly when it comes to our most sensitive personally identifiable data. This applies to both individuals and organizations, both of which benefit from a decentralized approach that actually guarantees privacy and to extent security, of their data.

In the meantime, we can all learn how to embrace these novel technologies, hoping that one day – they will actually help us retake the Internet and our privacy from big corporations. Until that day comes — and as you learn about these novel approaches — make sure your VPN is always enabled. You can never be too safe.