Thursday, June 26, 2014

I Control the Keys to my Castle of Data

So much of our data is spread across systems all over the world. Whether it be Google, Microsoft, Apple, Yahoo, NSA, CIA, IRS, and so on. Your personal data is everywhere.

What private companies do with this data is normaly for purposes of profit. So whatever data they can sell to third parties or provide better marketing in your search results. This data is VERY valuable. Typically your private data is protected but any systems can be hacked.

When it comes to government agencies the story is different. They are collecting data, sometimes with your permission and sometimes without, for purposes of control. This could be "good" or "bad". Ranging from your DMV records to emails captured that could be opposition to a government.

The bottom line is that we have no control over this data at all. It's a permanent record that could possibly have long term consequences in our lives.

Here is what I suggest. That as individuals we have two sets of keys kinda like a safety deposit box at a bank. You have one key and the bank has the other. Both keys are needed to open your box.

So now all your private information can be stored on all of these systems and some pieces of the data can be accessed without both keys. But the very private and uniquely identifying data cannot be accessed without your half of the key. Plus I suggest that you can expire data as well or change your key every so often to make that old data inaccessible forever.

Let's put this to practice... Let's say you go to school and the school tracks your progress and even tracks all of your learning disabilities, medical records, home address, phone numbers, information on your parents/guardians, etc. This information is mostly necessary to the school administrators to ensure your safety and improve your experience in the learning process. Problem is that this data should only be accessed by certain people and not all the data needs to be accessed by each administrator.

You could limit this access by providing your half of the key when needed. This way if your teacher needs to access your home number to call your parents they need your permission. You would delegate just that access for that one time by approving a request for access. This approval process could be through your smartphone, an email, or even a pin number on the teachers computer.

The point is that you have control of your data. Who accesses it, how much data they can see, and where. Same would go for medical records, financial records, your emails, phone calls, as well as all your private information online.

To implement this will take time and cooperation. Systems will need to be in place to encrypt this data and then allow you to approve access. Gateways will need to be setup to allow systems to make these requests. Very much like a payment processing gateway for credit cards.

The mindset of who owns our data needs to change too. We own our data. Those collecting and holding it do NOT. They need our permission to use it and identify to us what it will be used for.

In the end WE have control of our data! So when the next system gets hacked and all of your personal data is in there. The hackers have worthless bits and bytes without each individuals keys to their castle if data.

Monday, June 2, 2014

Net Neutrality With Layers

There is a lot of discussion about Net Neutrality flying around with basically two sides to it. Side one is the belief that the Internet should be completely open, uncensored, and this includes bandwidth speed not just content. Side two is where companies can pay for a "fast lane" or basically premium bandwidth through the ISPs (Internet Service Providers) networks.

For example Netflix that uses up almost half of the bandwidth on some providers network has recently negotiated with Comcast and other major ISPs to have a "fast lane" or priority for their traffic. This is so that the end users will have a better experience streaming their Netflix videos. The complaint is that it's not fair to give priority to any traffic as it hurts the small companies possibly trying to compete against Netflix.

Here is where the argument begins. And the FCC is in discussions on this as well to decide if this practice is to be allowed or not. Now you have to remember that bandwidth is not free, someone has to pay for it. If not the Netflix, Amazon, and YouTube's of the world then the consumer is going to have to make up for the extra costs. To compound the issue the companies typically providing bandwidth to most peoples homes are also making money on providing phone and TV. Consumers are stepping away from these other services more and more every day. Trading home phone service for cell phones and TV for streaming services. What is left for these cable, satellite, fiber, and last mile providers is Internet with massive demand for high quality bandwidth. Whats more is everyone wants it cheap and unlimited.

I say let the free market decide what to do and let the ISPs compete for our business by providing us with the best service at the best price. If you don't like what one ISP provides then go somewhere else.

BUT you say I don't have a choice, or not much of a choice!

So then there is the discussion of treating ISPs like a utility. This would add regulations (a lot I am sure) to an industry that would more than likely have to dramatically raise prices to deal with these regulations.

Well then that is where I get into the "Layers" discussion. I have not heard anyone bring this one up but having a background in networking it makes perfect sense.

For anyone that knows what the OSI layers are the first two are Physical and Data Link. Yes there are 7 layers but for this topic I am only referring to the first two. The physical layer is the infrastructure that you can touch. Copper and fiber as well as all the equipment in between. OK before you technical people tell me that "routers and switches work on layers 1 through 4 and sometimes through 7". I understand that and I am simply referring to the "Physical Layer" as what the data passes through.

Soooooo... lets treat the physical layer as a utility. Now you can regulate the delivery of a product that uses tangible infrastructure. Imagine if there were 6 different power companies all with their own wires. Or 3 water companies with their own pipes. It would be a nightmare to build and maintain all that infrastructure. Right now the only companies that can afford to build infrastructures are very large companies with lots of money. They then allow data over their networks from all over the world and charge their customers for the connectivity to their networks.

Then lets treat the data layer as a free market that is open to whatever businesses want/need to do. With enough competition the consumer will be the winner almost every time. The companies that own the physical networks will charge a fee to get on to their network and ultimately to the consumer. This is basically how it works now except that the billing is not done directly to the data initiator but rather indirectly to a data center for example that has links to many providers.

I am a true believer in the free market place. Ultimately companies are going to do what they want and if any government agency tells them what to do they will find ways around it and/or just charge more money. ISPs will not lose money and will only pass it on to consumers.