Have you read the news?
Tim Berners-Lee, the inventor of the World Wide Web, is trying to figure out how to keep your private information from advertisers’ prying eyes. He teamed up with a group of experts, including folks from MIT, and started Inrupt, a start-up whose open-source project, Solid, should achieve that lofty goal.
Solid accumulates all your data into what its creators call a “Solid POD,” a repository of all the personal information you want to share with advertisers or apps, with a clear and understandable permission system. You can decide which app gets your data and which do not. Furthermore, when using apps that support Solid (say, your fitness app), you won’t need to enter any data — just allow or disallow access to the Solid POD, and the app will do the rest on its own.
While this is helpful, and it’s really cool that it simplifies personal-data management, the truth is that another, much more potent solution already exists. Every day this solution gains traction in the developer community, and many of its features are already being embedded in financial and other institutions worldwide. It’s called distributed ledger technology (DLT).
DLT is a consensus of replicated, shared and synchronized digital data, geographically spread across multiple sites, countries or institutions. It’s basically a decentralized database (a database that is not located, stored and maintained in a single location), which is hosted on multiple computers (nodes) that “talk” to each other and ensure that each copy of the database remains authentic and immutable. This provides an unprecedented level of security, something that centralized databases (like Solid POD) cannot achieve. Before I get into that, let me explain why DLT-based apps (also called “dApps”) are superior to Solid:
1. dApp data is spread across hundreds, if not thousands, of different nodes (users, servers, etc.). To tamper with personal information stored on those, a hacker would need to modify data on each of those locations in the same way. This would be extremely time consuming and is therefore borderline impossible.
To hack a Solid POD, all a hacker needs to do is gain access to wherever it’s stored — a company server or a personal computer. Once there, he can modify the data, change sharing permissions or simply take everything stored there. In fact, Solid POD makes hackers’ lives much easier. Instead of hacking into multiple accounts and installing keyloggers, one can simply gain access to a single database and get all the data he wants. Get in. Get out. Easy.
2. dApps enable users not only to decide with whom to share data, but also to earn value by doing that, thanks to a special utility token system that rewards users with tokens for specific actions. Those can later be used for various purposes, from gaining access to advertisers’ special offers and app features, to even exchanging them for other utility tokens. One can also sell them on the crypto exchange and earn real money.
Solid POD doesn’t mention or support any such feature yet. It may be implemented later, but only in a limited form, which could be very similar to what other apps offer in form of loyalty points, etc., so don’t expect the level of flexibility utility token provides.
3. Since your data on DLT is encrypted, you can share segments of it with advertisers and service providers, while still remaining anonymous if you so choose. This is called “zero-knowledge proof.” With it, you can withhold sensitive info such as location, name, time, etc. This enables new business models where users and app creators can earn currency by sharing some of the data without disclosing anything that is personally identifiable.
Solid POD-compatible apps may share various data transfer parameters that can be used to extrapolate sensitive info users don’t necessarily want distributed, like location, timestamp, etc.
I may sound like I’m bashing Berners-Lee’s brainchild, but it’s quite the opposite. It’s a great idea that is necessary in a world where data breaches happen every day — the recent Facebook FB, -0.59% fiasco where 50 million users lost their personal data to hackers (again!) is just the latest example.
Individuals certainly need to reclaim ownership of their data from mega corporations that not only abuse their data, but also easily fall prey to hacker attacks. And Solid POD could be one of the answers. My biggest complaint remains its centralization. DLT circumvents that by providing a robust, nearly unhackable system, where personal data can truly remain hidden and untouched by those without necessary permissions — be they hackers or greedy advertisers.
However, both DLT and Solid face many hurdles, adoption being one of them. DLT has challenges of its own, such as the lack of good dApps, a high learning curve (for average users) and a fragmented community that often bickers over irrelevant issues. All this hurts adoption in a big way. If you asked me which of these alternatives to root for, I’d say I want both of them to succeed. In fact, I propose a Solid POD based on DLT. That way, it would definitely be decentralized. That way it would have all the capabilities decentralized ledger technology has to offer, and the potential to upgrade the internet to 2.0.
Tim, let’s see that happen.
