loading...

How do we architect technology to solve the privacy problem of the internet?

joshualjohnson profile image Joshua Johnson ・1 min read

I've long thought about how one might use internet services but still maintain my data. I've imagined a system where an application connects to a database you own. Is it that simple or am I missing something?

Discussion

pic
Editor guide
 

Re: "if each person had control of who has access"

Believe it or not, this type of application is one of the great hopes for Blockchain. The important concept here is that "each person" has control, not a central authority. This is particularly relavent in Healthcare. There's even a peer-reviewed journal on the subject: Blockchain in Healthcare Today.

Forget about Bitcoin mining and ICOs. Permissioned distributed systems allow partipating members to grant secure access to assets, and it doesn't require massive computing power. One emerging standard for managing these types of business transactions is Hyperledger.

Hope that makes sense and helps.

 

Thanks for your response. I spent some time looking at Blockchain as a solution but fail to see how it solves the problem of data ownership/portability. By definition, Blockchain is a distributed technology in which each instance of the software maintains a copy of all records. When a new record is added, Blockchain processes (mines) the record and validate its place in history. No where does it provide a solution for ownership.

At the root of it, Blockchain is software on a database. So if I stick my healthcare document on a database that is distributed, not only do I lose ownership of that document, but it is copied several times over to other databases.

And I understand that there are some forms of Blockchain that are considered private and are designed to handle these types of situations. But data can be decrypted.

 

I should have been clearer. I am not saying that the Blockchain ledger would replace existing databases. Blockchain for access control would allow an application to determine if a participant has access (authentication, e.g. via encrypted credentials or a certificate) and could also include authorization information (what information can be seen).

 

You're missing something: read access is the same thing as copy access. This is why pirates won the war on media piracy, because if you can watch a movie or listen to an album you can record and redistribute it no matter what kind of DRM hoops you had to jump through beforehand.

Technology problems don't always have technological solutions and this is one of them. In the present context the easy + effective solution is regulation.

 

What if every person owned their server and their data ended up behind a oauth wall? And what if each person had control of who has access to that oauth wall? And finally what if apps were designed with this in mind.

Ever hear of a thin client approach to software solutioning?

 

I think the issue with privacy is that its inconvenient to retain. For example, you could do end to end encryption to prevent the service from taking a look at your data. The issue then is that if you forget your encryption password the web service cannot reset your access.

 

Your question is ambiguous: do you want to A) protect privacy B) prevent privacy?

 

Protect privacy