Personal data in the hands of a few players
It is now common knowledge that GAFAM knows everything about us. By having accounts on social networks, by using classic search engines, or by using applications on our smartphones, the actions we perform (what we listen to, what we watch, what we write) are processed and analyzed and allow to build a precise profile. After 230 likes, a Facebook algorithm knows you better than your spouse, according to Michal Kosinski, researcher at Stanford University.
By accessing the services offered by these players for free, we offer our personal data that will be sold to advertisers for their advertising targeting. This information on our habits and behavior is very lucrative. Indeed, it represents the vast majority of the revenues of Facebook and Google – which together hold more than 75% of the online advertising market.
In addition to generating huge advertising revenues, this information (our personal data, our identity attributes) allows these big digital players to improve their services, and to create new ones, of which we will be consumers. But we have no control over the use of this valuable information, and no compensation for the benefits it generates – except for ‘free’ access to the service, which we cannot pay for even if we want to.
These personal data, attributes of our identity, belong to us, and each individual should be the only one to have control over them. But this is not the case: by sharing this data, it becomes accessible to third parties, and therefore vulnerable. And for good reason: these traces that we leave behind on the Net have become an eldorado for hackers, and cases concerning the leakage or exchange of personal data regularly make the headlines. According to IDC, the market for citizens’ data in the Europe of the Twenty-Eight has reached 80 billion euros by 2020.
Repeated cases involving the misuse of personal data have caused debate. The Cambridge Analytica scandal, around the theft, illegal use of personal data of some 87 million Facebook users for electoral purposes, in the United States and the United Kingdom, broke out shortly before the implementation of the GDPR. The EU regulation sets out six data protection principles that companies must follow when collecting, processing and storing individuals’ personal data. For example, the GDPR requires that a website only collect users’ personal data after they have given their explicit consent for the specific purpose of using it – those famous cookies we are constantly being bludgeoned with. Google has announced the removal of third-party cookies from its browser by the end of 2021. However, not all the planned changes are going in the right direction.
It is becoming urgent to raise awareness about the value of our identity attributes, our personal data and to consider a system where we are the only owners of the data that concerns us.
Decentralized identity gives back control and usufruct to consumers
Moving from a centralized identity model, in which individuals have to share their data with entities over which they have no control, and whose security is not guaranteed, to a model in which they have the right to use their data.The shift from a centralized identity model, where individuals have to share their data with entities over which they have no control, and whose security is sometimes unstable and unreliable, to a decentralized digital identity standard is therefore necessary.
If decentralized identity allows each individual to regain control of their data and own it, each could choose to monetize it. We could consider our photos, texts, etc. as goods that we own. Everyone could decide to resell their digital assets/attributes or to keep them and pay for the service, or to destroy them.
Thus, in the near future, online advertisements could be targeted according to the identity attributes defined in the digital portfolio of users, who could in return be paid to be encouraged to watch them.
That’s what blockchain makes possible: Thanks to this technology, which securely stores an individual’s digital identity attributes, it is no longer neThis is what blockchain makes possible: thanks to this technology, which securely stores an individual’s digital identity attributes, it is no longer necessary to enter personal data on the various sites visited, which minimizes the risk of this data being lost or hacked. Decentralized identity is then defined as a set of characteristics specific to each individual, and which remains under the control of each individual, in the blockchain.
With identity wallets on blockchain, everyone can choose to communicate all or part of their personal data, decide with whom to share them and when to prohibit their access. Blockchain technology will allow to automate certain processes of entering into a relationship, such as obtaining a credit, remote medical admission or voting – all in full confidentiality.