Information Security / Facebook scandal: it’s time to save our data
Facebook scandal: it’s time to save our data
9 October 2018 |
Is this Facebook’s annus horribilis? The Cambridge Analytica scandal, Russian fake news, and the failure to remove child pornography are just a few of the problems that have plagued Facebook founder and tech’s golden boy, Mark Zuckerburg, in recent months.
Last week’s news that the social media platform suffered a breach which affected nearly 50 million users, one of the largest in the company's 14-year history, has not lessened the blow. The Irish Data Protection Commission has since opened a formal investigation which could result in a fine of up to $1.63bn.
Whilst Facebook has stated that the security weakness has now been patched, this does bring to light the wider questions surrounding data safety.
“I’m glad we found this and fixed the vulnerability,” Zuckerberg said on a conference call with reporters last Friday morning. “But it definitely is an issue that this happened in the first place. I think this underscores the attacks that our community and our services face.”
In an earlier public apology regarding the Cambridge Analytica breach , the Facebook founder stated, “We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you.”
But is this enough?
Right now, if you’re a Facebook user, your data can be retained, mined for value and be used to influence your behaviour. That’s all your photos, likes, posts, and messages. And, what’s more, it’s all in the terms of service.
But how about a world where companies like Facebook would need to ask for permission to view your data?
Co-founder of blockchain start-up Pillar, Michele Messele, told TEISS, the leading cyber security news site, that this hack and other prominent hacks clearly show the vulnerabilities of the status quo.
“Information about us, directly gleaned from us and derived from our behaviour (metadata), are owned and stored by central parties,” says Messele. “This means that when one account on the system is compromised, the rest of the system is very much at risk. This is why we, at Pillar, advocate and work very hard to give control of data back to the individual,” he explains.
The goal of the Pillar Project is to return control over personal data back to its rightful owner - the individuals whose personal data it is. Starting with an open-source wallet to store, transact, and track cryptocurrencies and tokens, the Pillar Wallet will evolve into a decentralised, personal data-management platform.
The idea developed from Pillar founder and pioneer David Siegel’s prophetic fourth book, Pull. Written in 2010, David not only foresaw the massive problems which would come with data collection, but describes a future with no apps and the formation of the Personal Data Locker at the centre of people’s lives. “This personal data — digital data created by and about people — is generating a new wave of opportunity for economic and societal value creation,” David writes. The start-up has gained fast momentum, raising $ 21 Million in Ethereum during their ICO in July 2017.
Pillar leverages the decentralized architecture of the blockchain; this means that access to personal data can be completely controlled by the individual whose data it is.
“This means that in order to compromise the accounts of 5 million people, a hacker will have to compromise 5 million passwords individually. No more admin level accounts! This is a paradigm shift in the existing relationship that individuals have with companies in regards to personal data,” Michele Messele adds.
Isn’t it time we changed the system before it’s too late?
Latest posts by Anna Delaney (see all)
- The role of the threat hunter: what is it and why it matters - 8th February 2019
- Are we investing too much in cyber security? - 1st February 2019
- Do CISOs need an image makeover? - 27th January 2019
- “Human beings have an exaggerated view of their ability to manage risk” – Craig Rice, CSO at BACS and Faster Payments - 22nd January 2019
- How is the Met tackling international cybercrime? - 18th January 2019