Cybersecurity

Who should we trust to manage our data?

Alex Pentland
Toshiba Professor of Media, Arts and Sciences, Massachusetts Institute of Technology (MIT)
Share:
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
The Big Picture
Explore and monitor how Data Science is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:

Data Science

Everywhere in the world, and for thousands of years, our societies have been run by bureaucracies that implement a set of rules. Of course the bureaucracies’ execution of the rules is often imperfect or perverted by the “viruses” of corruption, and the rules are often unwritten.

As a consequence, we cannot trust bureaucracies to manage our data. They generally either believe they are acting in our best interests, or simply don’t care, and it is easy to think of instances like the killing fields of Cambodia or the genocide of Rwanda where they ran amok. So what are we to do?

Today there is, for the first time, a real choice. Bureaucracies are analogous to computers, and the rules are analogous to computer programs. In 2008 it was shown that we can build rule systems that live everywhere and nowhere, protecting and processing the data of millions of people, and executing on millions of internet computers. This rule system cannot be broken by bad actors, or even by large groups of bad actors conspiring together, and by 2011 such a system was successfully operating across the entire world to enable secure financial transactions. It is called the blockchain, and it was first used as the ledger for Bitcoin. It is not the only system of its kind, but it is the largest and most successful so far.

This sort of technology can be used to create a governance system where citizens retain control of their data, and cannot be deprived of this control except by physical-world intimidation. The most well-known example of this sort of system is Etherium, a UK-based effort to build an entire governance system using these distributed, secure methodologies. Another example is our Enigma project, which is creating an internet layer where data privacy, permissions, and auditing are absolutely enforced.

One can think of these distributed computer systems as bureaucracies that can be configured to be fully transparent, fully accountable, and absolute in their protection of our data and rights. However, they are not perfect solutions to data privacy and abuses, because in the end they must act through humans and the physical world. For example the Enigma system could be used to make sure only people over 18 years of age can buy alcohol. This would reveal only if you are over or under 18 years of age, an improvement over the common practice of proving your age by sharing your driver’s license and unintentionally revealing all of the data printed on it. However, a human standing nearby could still compile a list of who was over 18 and who was not, so there is data leakage at the edge. This sort of data leaking seems inevitable in any human system.

It has become technologically possible to set a standard for data stewardship that does not allow even the powerful to subvert data rights except by threat of physical force. The benefit of storing and processing data within such a secure, trusted “operating system” is that we can enable the positive uses of data while minimizing exposure to abuses by corrupt actors.

It is time for legislators and judiciary to stop relying on traditional bureaucracies to enforce data rules and rights, and use this new technology to ensure that data stewardship meets the high standard of always following the rules and rights specified by our laws. The essential factor that led toward democratisation was broad ownership of the resource, which made it difficult to exert autocratic control. The same seems true for data: to avoid autocratic control, citizens must have effective, direct control of data about themselves.

The Summit on the Global Agenda 2015 takes place in Abu Dhabi from 25-27 October

Author: Alex Pentland is Professor of Media, Arts and Sciences at the Massachusetts Institute of Technology. Member of the World Economic Forum Global Agenda Council on Data-Driven Development

Image: Text on the face of a woman in Berlin, June 12, 2013. REUTERS/Pawel Kopczynski 

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Share:
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Spotlight on cybersecurity: 10 things you need to know in 2024

Kate Whiting

October 1, 2024

1:35

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum