The fundamental truth about data is that it is empowering for those who have access to it. However, that often means the government and the corporations are the ones deriving the most power from the mass collection of data. Any solutions that are going to come about, and must come about, will have to address the issue of access to data and the need to breach the great power divide that has been created by technology and data collection.  

That was the message from Bruce Schneier, a New York Times bestselling author, along with Yochai Benkler, Joe Nye, Sara Watson and Melissa Hathaway, in a discussion hosted by Harvard's Berkman Center for Internet and Society. The talk looked at data security, privacy and what possible solutions and data models should exist.

In addition to solutions addressing the power divide, panelists suggested the work must occur universally because the technology being used by everyone is either the same, or similar enough, to warrant uniform security measures. Yet, a privacy and security regime that works in the U.S. may not work in countries like China, for example, due to different views and attitudes toward privacy and security. 

An example of the complications that exist: U.S. law enforcement’s desire for backdoors to data.

The FBI, which has been running into technological barriers preventing it from achieving federal wiretap warrants, has advocated for the technological backdoor in order to hunt and capture terrorists, drug dealers, money launderers, child pornographers and kidnappers. Yet to uniformly install these tech backdoors would put at risk ordinary citizens with no criminal background, whose civil liberties could be potentially violated all due to fear generated by hypotheticals. Having a backdoor to, say, the data on citizens’ mobile devices, would also lead to people being vulnerable to attack by foreign governments or hackers, which could put individuals at risk not only for their data but possibly even for their personal safety, the panelists said.

The panel focused frequently on the tension between fear and greed.

How should society go about navigating the fear tactics often generated by governments in order to access their citizens’ data and the greed of corporations who use the access they have to large amounts of personal data to turn a profit. In order to even begin addressing these issues, the panel agreed there first needs to be a frank discussion at higher levels  of government on what data is being collected and how is it actually being used. Only by fully knowing what is happening to our data, how it’s being harvested and for what purpose it is being used can a true and honest discussion about creating real solutions actually begin. Without that knowledge, any solution thought of or implemented will only be tackling part of the issue.

Discussion turned to the Internet of Things and the rapidly proliferating technology’s lack of sophistication. That means already-existent data vulnerabilities and a lack of available security upgrades or network security patches. Panelists expressed concern that many people will purchase these new technologies, which are convenient but cheaply made, and not realize the security risks.

Several speakers supported policy-makers creating regulations in some form, such as mandated security software standards. Different market models, such as the pharmaceutical or financial industries, were suggested because it would mean specificity. But that assertion was heartily disagreed with by several of the panelists who cited risks to innovation.

But how privacy professionals, and society at large, will connect the hypothetical issues and breaches to the very real harms, hypothetical and existent, is an ongoing debate. 

To watch the webcast of the talk, click here.