Since 2005, hundreds of millions of digital records have been stolen in approximately 2500 reported data breaches.(1) If this is the Information Age, is our information sufficiently secure from theft and illicit use? Lax Internet security and legal legislation has left the human race in a position of vulnerability. This vulnerability has expanded due to recent hacking events where critical systems were accessed and or disrupted. Key intellectual property was stolen from one of the world’s largest Internet security companies; classified information was also stolen from the US Government’s preeminent information technology provider, and the US Department of Defense (Pentagon). Facebook, Google, PayPal, and Sony as well as many other private and public entities have been subject to compromise by cyber attacks. I have concluded that information is not sufficiently secure and a new method of Internet security is necessary to offensively and immediately inoculate technology systems from future threats. So long as our online safety is in question, the global economy and legislators will fail to operate effectively. This includes emerging market countries where rule of law and economies are still maturing despite these technologies becoming widely available.
The nature of the Internet has evolved from user anonymity to highly personalized user experience, thanks to user profiling technologies deployed to aid Internet searches and buying habits. The device types that connect to the Internet have changed and the multitude of operating systems has expanded to the point where in the near future everyone will have a miniature computer in their pocket with access to high speed Internet. The services offered through the Internet have fundamentally changed too. In the late 90’s technology became available to deploy multi-tenant multi-domain based systems, also known as Software-as-a-Service (SaaS). While originally adopted in the enterprise software industry for business automation, SaaS enabled new services such as Social Media, Internet gaming, electronic commerce, etc.
Technology innovations have more often than not outpaced the ability to legislate against unintended consequences. There have been recent calls to develop a Data Privacy Bill of Rights, however the question ensues: how explicit can technology laws be and how will they be enforced? Vague legal writ is bad, vague law that is not enforceable is arguably worse. In Part 3 of this research blog, I will argue that information in the Information Age is not secure, current technologies do not suffice, and that in order for explicit and enforceable rule of law to be written, a specific technology needs to be widely adopted. While there are a number of associated problems, the single biggest problem is to stop cyber crimes from occurring. I will argue that Intelligent Multi-Factor Internet Authentication Technology grounded in artificial intelligence concepts will solve the aforementioned problem.
Until we can know our digital selves, progress economically and socially for human kind will be fraught with unknown and severe consequences. It is our collective responsibility to Know and Protect Thy Digital Self!
- The nature of internet utilization has changed:
- Mobile and Cloud computing provide ubiquitous access to the internet and applications. (Access everywhere 24/7)
- Social Media has changed the concept of self-expression. (Digital Self)
- Internet “personalization” has provided a significant amount of personal identifiable information (PII) that is widely available. (Everything we do is tracked)
- New offensive security technology needs to be adopted by government and civilian institutions to protect their data and the data of their users:
- There has been zero innovation in Internet security in over 10 years, while threats have increased in frequency and sophistication. (Antiquated systems)
- Username and Password as a security method will continue indefinitely. (Human behavior won’t change)
- Low barriers to adoption need to exist for any new technology to be effective. (Easy to adopt for all stakeholders)
- New technology enabled legislation is needed to protect our digital lives:
- Explicit Digital Civil Liberties law based on the US Constitution’s Fourth Amendment. (Vague law is poor law)
- New enforcement procedures enabled by technology need to be realized. (Law without enforcement is poor governance)
- The power to protect needs to be placed in the hands of the user. (Users should be responsible for knowing and protecting their digital self)