As we increasingly evolve our online lives, so does the digital trail that we leave behind. Each digital footprint pieces together a contextual puzzle of who we are, where we are, how we live, and what our propensities are. We are becoming far more “known,” and whether we choose to or not, this is becoming a driver of many business models; as such, it is becoming more commonplace. And this is spilling over into the massive surveillance of virtually everyone, which is becoming far more prevalent, and at an accelerated pace. To be known equates to (so the argument goes) a “valid” or true person with valid or true behaviours — and it is our digital crumbs, which we scatter with every web transaction, that are essential to being “known.” It is said that being known protects society overall; as a result, anonymity is starting to be viewed as a threat.
The argument is that, although anonymity protects the privacy of an individual’s identity, if we cannot confirm the identity of an individual, how can we possibly carry out non-fraudulent commercial transactions? Accordingly, in order to prevent fraud, society has moved to more extreme measures – much farther than existing offline methods in instituting identity authentication and verification when conducting web transactions. While this may help to mitigate corporate risk, it also relinquishes individual rights to preserving any privacy whatsoever.
All of this is just another way of saying that we can have either privacy or security, privacy or data utility, but not both — another instance of the flawed zero-sum paradigm, which remains ever-so prevalent in society today.
However, in the security domain, relative to the population as a whole, a very small percentage of people violate our personal and property rights in the digital sphere. And in the business domain, as we will demonstrate, the view that if companies did not have access to personal data they could not create wealth in the digital economy, is simply a false counter-factual.
Our personal information is largely housed in central databases of organizations where security consists of knowing one’s digital credentials, rather than securing personal data via encryption.
FACT: Unencrypted data comprised 96% of the recent hacks of personal information. But current methods using digital credentials are turning out to be poor surrogates for security. In 2016, there were over 3 billion credentials reported stolen, which were then used for credential-stuffing attacks, resulting in the theft of billions of dollars worldwide, based upon the value of the accounts taken over.
Despite these scenarios of hacked personal information, which are clearly detrimental to an individual’s privacy, large corporations continue to earn billions of dollars from processing personal information and selling it to third parties, including governments.
And, arguably, while individuals may be willing to surrender their personal information in order to receive the benefits from “free” search and “free” social networking, ultimately they have relinquished personal control of their data and, without intention, have been made vulnerable to increased micro-targeting, surveillance and the resulting societal consequences.
There are three primary issues involved:
The personal information of many data-subjects contained in large, centralized databases serves as a honeypot for hackers. Each successful hack can gain access to millions of pieces of information, which can then be used for fraudulent purposes.
The security of these databases, and for that matter, all digital security, including that of current digital identity, is premised on keeping a “secret,” which is itself becoming problematic.
No Data Control
Data-subjects are not truly in control of their personal information, despite recent regulations and pronouncements of corporations.
My2Tec is creating a system that brings back personal control of one's data to each individual, within a system of trust
My2Tec’s mission is to challenge two false counterfactuals:
If businesses do not gain visible access to personally identifiable data they could not provide beneficial utility;
If technology provides data-subjects with anonymity and complete control over their privacy then secure business transactions will suffer, a hold over from the dated zero-sum paradigm of privacy vs. security.
With innovative technological solutions, all of this will change. We can create a system that allows for anonymity AND secure business transactions, as well as data analytics on non-visible personal data – all based on an intelligent personal agent that provides digital services without leaving any digital breadcrumbs behind.
MyPI (My Personal Intelligence) with MyIdentityBank (“MIB”) is an end-to-end mobile-to-cloud encryption system which effectively tackles each of these issues:
MyPI minimizes the risk of successful hack attacks by decentralizing all data and placing it in the hands of each data-subject, while at the same time providing them with the administrative tools, through an intelligent personal agent to seamlessly control uses of their personal data. Users, since they are ultimately in control, do not have to change their data behaviours; they can share as widely as they wish, or they can selectively limit their data to no-one, or to their Circle of Trust (more details below).
MyPI’s unique method of using existing encryption methods does not require “secrets’ in the traditional sense of secret credentials. As a result, this negates the need for passwords … or the requirement for users to store/remember them.
Our premise is that true personal control in today’s digital economy requires decentralization of one’s personal data, that is, placing it in the hands of the data-subject (where it belongs).
But how would organizations effectively carry out data analytics, if they no longer housed massive amounts of personal data? MyPI’s solution is a system that provides data-subjects with the infrastructure incorporating an encrypted database, both graph and relational, to own and control their data within their personal encrypted cloud — in other words, self-sovereignty over one’s own personal data. However, it also enables data-subjects to permission the use of their data for analytics within MIB’s Federated Learning environment, with the option to receive monetary compensation for its limited use, and be assured no personal data will be viewed nor retained by any organization. This will result in positive outcomes.
Small, entrepreneurial organizations, which do not have a massive trove of personal data, will now be able to perform analytics using personal data in a privacy-preserving manner, at a fraction of the cost, compared to amassing the data themselves and needing to secure it in accordance with the General Data Protection Regulation (“GDPR”). This will increase competition, innovation and prosperity for everyone, including strengthening privacy and data protection.
Building Community that Cares
MyPI, in conjunction with MyIdentityBank (“MIB”), will actually form a community of users. These users may consist of elderly parents and their caregivers, or parents and their children, or even a community of artists, small green grocers, journalists or researchers — any group that may have similar needs for information and are willing to share their knowledge with others. Users may form a Circle of Trust of selected individuals who will be a caring circle with MyPI features that allow them to be more in tune with each other’s needs so they can be much more responsive if they desire. This will all be based on positive consent.
MyPI, an acronym for “My Personal Intelligence,” serves as your personal digital assistant, to do your bidding. MyPI also creates a community infrastructure which serves the needs of the individual by responding to queries and commands.
It first searches one’s personal data, using voice or text (0-degrees of separation), and then, if needed to improve responses, will go out to n-degrees of separation within the community (with the positive consent of the individuals). MyPI users will have the option to flag subsets of their data as confidential, however, even the personal data required for community search will never be exposed to anyone other than the data-subject. In addition, database searching, be it on the web or within MIB, continues to be challenged in effectively surfacing correct results within a given context. However, we humans are experts in understanding context.
Therefore, MyPI will also have the capability to “push-query” other MyPI users within the community, e.g., “One of your MyPI colleagues is looking for ….. Do you have any ideas?” Responses from the community will be buffered in MIB and analyzed for relevant responses. Query buffering can be an order of magnitude faster than database search, and since the “human” responses will minimize contextual gaps, overall MyPI will be more contextually correct in its responses. Furthermore, since queries and responses will be stored as nodes in a graph database, (encryption requirements for each query will be determined), future searches will become relatively fast.
Any member of the MyPI community will have their security and privacy protected. In effect, MyPI will prevent digital crumbs of personal information from being spread over the web. A user may still use gmail, for example, but if they are communicating with a member of the community, all emails will be encrypted — Google will only be able to archive the encrypted communication. In addition, messages can be sent between community members, which will absolutely preclude the message from being decrypted by anyone other than the recipient. In other words, there is no “encryption key” or telephone number to be stolen or viewed. Further, even though users may still want to use Google for search, they will search via MIB (My Identity Bank) where all searches will be conducted using only a few IP addresses. Therefore, the user will effectively perform anonymous searches since MIB’s IP address will not be connected to his/her digital persona.
But how would MyPI users prevent their digital crumbs from being circulated without their consent on social networks? Users may encrypt their posts, photos and videos, and only allow “friends” who are also members of their community to view the decrypted posts. The structure of MIB will allow for this in a very straightforward manner.
Identifying truth from alternative facts
There is another critical privacy concern which is rapidly becoming a reality: Deep Fake images and videos of individuals. It is, in turn, a privacy concern because privacy, by definition, involves one’s consent and personal control of how one’s personal information is to be used. There is nothing more personal than how one’s sensitive personal information, consisting of your body and speech, is revealed in a video, especially if the data subject has not consented to its use. The question then becomes how can we technologically identify the uses that have actually been consented to by the data-subject, thus making it apparent which ones are in fact the “Fakes.” Steganographic techniques would be used to “watermark” all videos consented to by data-subjects within the MIB community, with their anonymous digital tokens.
My2Tec’s strategy is to provide community members with a system that is built upon a strong foundation of privacy and security.
We will also provide a personal intelligent agent with which the user can communicate by voice. Borrowing from snips.ai tagline: “We use voice to make technology disappear.” Accordingly, the additional features we will target are ease-of-use, speed, and accuracy. MyPI and MIB’s curation of community are intended to instill a sense of belonging, knowledge-sharing, mentorship and return to self-sovereignty relating to the control of one’s personal information.
But initially, as a start-up, we need to focus on both a distinct technology and a marketing strategy. Technologically, we will focus on the demographics of the aging population (Boomer generation 55+), but we will market to their closest influences ie. the caregivers who will most likely be the children and relatives of aging parents. This accomplishes two goals: the technology will need to be easy to use, and provide new benefits for caregivers, who are sandwiched between caring for their children and for their parents, but it will also provide My2Tec with a “Blue Ocean” of demand. This will be version 1 of MyPI, an Apple iOS app that partners with its own cloud, MIB, to provide superior benefits.
Facebook and Google have amassed a honey-pot of personal information...
by offering a service of social connection and search for “free,” when in effect, users’ are paying anywhere between $500 to $1000 per year for these services, in terms of lost potential revenue. The question is, how can My2Tec convince users that by protecting their privacy, they will reap the benefits of even more useful services and potential revenues from the use of their data in a permissioned and privacy-protective way? Ultimately, any search performed online, any discussion within text, chat or email, will leave digital breadcrumbs and provide more fodder for these technologies to contextualize and profit from every individual’s data. How much are users willing to pay to accomplish their tasks, obtain the information they want on a day-to-day basis, and have the freedom to communicate as they normally do – all without leaving behind a single digital breadcrumb? How much are users willing to pay for this peace of mind?According to Global Web Index,
..more than 70% of US consumers say they are both more aware of, and more concerned about how companies use their information than they were 12 months ago, while less than half feel they are in control of their personal data online.