I’ve said it before, there’s really only one way to make user data safe. Nations that want their citizens’ data to be safe need to pass laws that make exposing that user data extremely (cripplingly) bad for companies.
The penalties need to be so harsh that the fines could put them out of business. Companies should not want to hold user data, they need to think of user data like toxic waste, more of a liability than a valuable resource. When companies need user information to operate they can utilize “data handler” companies, firms that specialize in secure storage and and cryptographic systems. Companies that would actually be willing to risk holding user information. These companies can provide APIs for other organizations to access the user data when needed. But to be clear, most companies will not want to store that data locally, because the risk of exposure could be ruinous to the company.
There’s an extra benefit of this plan too. Most organizations don’t hold user data, they pay someone better at it to hold it for them. Because they need to pay for API access, they’ll use the data sparingly, not frivolously throwing user data everything, tracking users on the web, or sharing data with advertisers. Having to pay for access will make companies use our data less.
This is a good idea. I think one risk, though is that the specialist companies that hold all the personal data then become massive targets and a single breach would be catastrophic.
Still better than the way things currently are, though.
That is definitely a concern! But as the company’s entire future depends on their digital security policies and practices, I expect them to take it pretty seriously. There couldwill certainly be shitty companies, but hopefully they won’t last long and the reliable companies will survive.
I’ve said it before, there’s really only one way to make user data safe. Nations that want their citizens’ data to be safe need to pass laws that make exposing that user data extremely (cripplingly) bad for companies.
The penalties need to be so harsh that the fines could put them out of business. Companies should not want to hold user data, they need to think of user data like toxic waste, more of a liability than a valuable resource. When companies need user information to operate they can utilize “data handler” companies, firms that specialize in secure storage and and cryptographic systems. Companies that would actually be willing to risk holding user information. These companies can provide APIs for other organizations to access the user data when needed. But to be clear, most companies will not want to store that data locally, because the risk of exposure could be ruinous to the company.
There’s an extra benefit of this plan too. Most organizations don’t hold user data, they pay someone better at it to hold it for them. Because they need to pay for API access, they’ll use the data sparingly, not frivolously throwing user data everything, tracking users on the web, or sharing data with advertisers. Having to pay for access will make companies use our data less.
This is a good idea. I think one risk, though is that the specialist companies that hold all the personal data then become massive targets and a single breach would be catastrophic.
Still better than the way things currently are, though.
That is definitely a concern! But as the company’s entire future depends on their digital security policies and practices, I expect them to take it pretty seriously. There
couldwill certainly be shitty companies, but hopefully they won’t last long and the reliable companies will survive.