As the number of companies falling victim to data breaches continues to grow, Dashlane CEO Emmanuel Schalit puts forward the case for consumers to reclaim their digital independence
From Facebook and Google to Spotify and Tinder, the everyday consumer has never had so many online accounts – but perhaps it’s time they looked to reclaim their “digital independence”.
That’s the view of data firm boss Emmanuel Schalit, who points to the growing number of cyber-attacks on major companies as evidence that the internet is now “turning against us”.
He wants people to be more vigilant in protecting their data and take back their own digital identities, rather than passively allowing it to fall into the wrong hands.
Here, the CEO of password manager app Dashlane puts forward the case for us all to fight back against cyber crime and pursue a new era of digital independence – plus some steps to take along the way.
Why is there a need for digital independence?
At first the internet promised so much – the democratisation of information, breaking down barriers, opening doors and building more human connections from New York to Singapore and beyond.
In short, it was a positive force for good and a sign of advancement.
But today, the internet is turning against us and we’re all paying the price. We’re not using technology – technology is using us.
There is a vast shadow industry of data brokers, worth billions of dollars each year.
Personal data is hoovered up in alarming quantities and then sold on.
This industry is out of reach of regulators, and many of the companies involved, aside from the obvious ones like Google and Facebook, are almost completely unknown.
Then there’s the almighty issue of data breaches. The Ponemon Institute estimates that organisations spend an average of $3.86m dollars each time they suffer a data breach.
Furthermore, security breaches have become so commonplace that an estimated one in three people avoid a social network because it doesn’t provide enough control over how their personal data was used.
As the Internet of Things revolution gathers pace, we’ll have devices in our home that send information directly to manufacturers – not to mention how easily many of these connected smart things can be hacked.
What this adds up to is the constant collection of data in all its forms by large organisations.
This is going to continue, and there doesn’t seem to be any slowdown.
Mass disconnection of people from the internet could be coming
There is a clear danger in all of this. In the future, we face a real risk that people disconnect from the internet because it has become too intrusive, too dangerous and stamps all over privacy rights.
In fact, we could see a mass exodus of people, large organisations and governments from the internet because they are faced with a multitude of threats – ranging from the siphoning of data to concerns about hacks on critical national infrastructure and the theft of sensitive information.
Today, this mass disconnection might seem unlikely, but given current trends, it is more than viable.
That said, there are answers too. The solution is to reclaim our digital identities.
We need to treat our data like the valuable asset it is and control who and when people can access it.
By doing so, we create a more transparent internet in which our data belongs to us and can’t be used by others without consent.
At the same time, breaches, hacks, and identity theft are significantly reduced or even eliminated because our digital identities are locked down.
And all the companies that store our data – with or without our consent – need to realise that this data is as much a liability to them. GDPR is making this clearer every day.
Who does my digital identity belong to?
This idea is gathering pace in corners of the technology industry.
For instance, new social platforms are emerging based on blockchain technologies that treat users’ data and their digital IDs as sacrosanct.
Data belongs to the person who generated it, and it can’t be hacked because of unique decentralised user IDs.
What these emerging platforms illustrate is that increasing numbers of people are concerned about who has access to their digital identities and their data.
So what can we, as individuals, do to reclaim our digital identities?
The first step is to recognise that today’s centralised digital identity models are inherently flawed.
For instance, single sign-on solutions like Facebook Connect, “sign in with Google” and Twitter’s single sign-in have significant vulnerabilities.
Who pays for data breaches?
The recent Facebook breach didn’t just leave almost 50 million user accounts exposed – it also potentially compromised hundreds of other websites and apps.
This exposure was the result of a single sign-on breach, which could have been used to access Spotify, Airbnb, Tinder and hundreds of other websites including Uber and Just Eat.
If you were one of the people who had your single sign-on compromised, hackers could have been wining, dining, renting and driving all at your expense.
And you wouldn’t know anything about it until they had scarpered into the digital dust, leaving you forlornly clutching a very large bill.
On one level, single sign-on systems are practical – accounts for websites can be created quickly and there’s less of a need for users to remember multiple different log-ins.
But as illustrated, they also pose massive security risks.
How to reclaim your digital independence
To reclaim your digital independence, you need to take control of your digital identity.
There are some simple but effective steps you can take.
The obvious first step is to eschew single sign-on and use a decentralised password manager to create unique, super tough encrypted passwords for each website or service you use.
It automatically enters account credentials on every site and on every device you use, so you don’t have to try and remember each and every password.
Your accounts are locked down, they can’t all be compromised in breach and your personal data is safe.
To ensure wider data privacy, you can build on this strong foundation by using a plethora of other tools that mask your IP address, warn you if you are being tracked on a website and encrypt your communications so they can’t be snooped on or hacked as you move towards digital independence.