Under the "Online Safety Amendment (Protecting Australian Children from Online Harm) Bill 2023, we really will all face overwhelming risks of personal and commercial data breaches. Protection of peoples’ privacy will be impossible in the face of the huge motivations for corporations, governments, and other entities to undermine data protection regulations. We discuss why these risks are so dire, below. We also look at problems with any tech-solutions to these risks.
Irresistible Incentives to Undermine Data Protection
The power and wealth that can be achieved through getting control of personal information is irresistible to those who seek it, and politicians are infamous for this. Corporations do and will prioritize profit over privacy whenever they can, seeing user data as a valuable asset for targeted advertising, market research, or even selling to third parties. Governments inevitably justify breaching privacy regulations, whilst claiming they are doing it for public safety and for law-enforcement purposes. In fact, this very 'Online Safety Amendment' illustrates this principle.
Inexorable Regulatory Erosion
Given the incentives to acquire personal and commercial information, powerful corporations will lobby and influence policymakers, leading to weakened regulations or exemptions that compromise data protection.
In government, there is always a tendency for regulatory agencies to become aligned with the interests of the industries they are meant to regulate, and this will result in lax enforcement of data protection laws. And, as we know, politicians in retirement frequently seek employment in industries they formerly regulated.
Irreversibility of Data Breaches
Stolen data often circulates in underground markets indefinitely. Once data is compromised, it can be incredibly difficult to control or remove from the internet. Identity theft, financial loss, and personal and commercial privacy violations have long-term consequences and may never fully resolve.
Even with regulations in place, making corporations and governments comply can be difficult to impossible. Profits to be made through private data collection tend to overwhelm the resources to enforce compliance.
Jurisdictional issues also arise, because data protection laws vary between regions, at state and international level, and it may be impossible to enforce regulations against entities operating across borders.
Public Trust and Accountability
Awareness that they cannot trust their governments or corporations with personal and commercial information will add to the growing distrust in technology and government. Although perception of loss of privacy and safety may lead to public pressure for greater accountability and stricter enforcement, the sustained effort and vigilance required for this will tend to overwhelm most civilians, and Australians are less capable of organising sustained protest than most, due to structural societal problems.
Technological Solutions and Future Directions
Decentralized Technologies, such as blockchain could provide more secure ways to manage and protect personal data, reducing reliance on centralized storage that is vulnerable to breaches. However, using them and maintaining their security currently requires significant technological expertise and commitment on the part of the user. Whoever designs the blockchain can set the rules and these rules can enable a hierarchy of influence for various processes, including the process of validating and adding new transactions to a blockchain.
Regulatory compliance is fraught by the global nature of blockchain networks but it is possible to use blockchain technology or structure within non-global parameters, including national boundaries or other attributes. This can be beneficial in certain contexts, but could not apply in the situation we are looking at, which involves digital identities of Australians in a global context.[1]
The anonymizing of services and the use of secure communication methods, can reduce privacy risks even if regulations are weakened, but neither they nor blockchain are inherently immune to smart contracts, network attacks, or flaws in the underlying protocol. The assumption that all blockchain implementations are secure can be misleading. Users may still be susceptible to social engineering attacks, phishing, or scams, which can compromise their security regardless of the underlying technology.
NOTES
The use of blockchain technology has been used to safeguard national information and processes in some instances, although that would not be something that could apply in the instance examined above, i.e. digital identity on global platforms. Below are some interesting examples I found on AI:
1. Russia
- Digital Ruble: The Central Bank of Russia has been exploring the concept of a digital ruble, which would be a central bank digital currency (CBDC) utilizing blockchain technology. This initiative aims to modernize the payment system and improve the efficiency of transactions within the country.
- Blockchain in Government Services: Russia has also experimented with blockchain for various government services, including land registries and voting systems. For example, the city of Moscow has implemented a blockchain-based platform for managing public services and voting.
2. China
- Blockchain-Based Service Network (BSN): China has developed the BSN as a nationwide framework to support blockchain applications across various sectors, including finance, supply chain, and government services. The BSN aims to facilitate the development and deployment of blockchain technologies within China.
- Digital Yuan: China is actively piloting its digital currency, the yuan, which is designed to be a state-controlled digital currency leveraging blockchain technology for secure and efficient transactions.
3. Estonia
- e-Residency and Blockchain Services: Estonia is known for its advanced digital society and has implemented blockchain technology in various government services, including digital identity, e-residency, and secure data exchange between government agencies.
4. United Arab Emirates (UAE)
- Dubai Blockchain Strategy: The UAE has launched initiatives to make Dubai the first city fully powered by blockchain by 2020. This includes using blockchain for government services, real estate transactions, and supply chain management.
5. Singapore
- Government-Backed Initiatives: Singapore has been proactive in exploring blockchain technology through initiatives like the Monetary Authority of Singapore’s Project Ubin, which aims to explore the use of blockchain for interbank payments and settlement.
Add comment