This article was written with assistance from ETHNews staff writer Lucinda Knapp.
"Cogito ergo sum." This was the famous phrase used by René Descartes when proposing that thoughts themselves were evidence of a person's existence. "I think therefore I am" not only implies that you must exist in order to think; it seems to propose that we, as people who cannot rely on our senses for truth, might be fundamentally, deeply, at our most core selves, nothing more than our actual thoughts.
When people suffer from amnesia, and are not in possession of their own memories, who are they? Biologically they're the same person, but are they still the same in their personality and temperaments? This debate gets very broad very quickly, but it seems tied to one main issue – personal data.
Whether it's the data of our thoughts or the data of our memories, our personal data is profoundly important to who we are as individuals. Add to the mix data that represents our personal actions, and the cumulative insights that come from analyzing all that metadata about a person begins to border on predictive behavior analytics.
With virtual reality peripherals like headsets becoming more able to track a user's involuntary (and voluntary) eye movements and reactions (such as pupil dilation and contraction, a known indicator of positive and negative feelings), how much sovereignty over one's own identity is retained by a person, and how far could an artificial intelligence (AI) go in acting on behalf of a user online? How easy would it be to capitalize on that individual's most private and unique personality fingerprint?
For the first time since Ethereum's inception, there is a significant amount of public outrage against corporate abuse of personal data. Facebook's entanglement with the Cambridge Analytica scandal has suddenly gripped the nation, resulting in Facebook CEO Mark Zuckerberg's congressional testimony in Washington.
The backlash against Facebook seems to be sudden because for years, collective outcry against Facebook – and more broadly the "free service at the cost of your data" Silicon Valley business model – hasn't been raised above a whisper. People using the platform have apparently either turned a blind eye to gross personal data abuse or have been incentivized by the platform's functionality not to care enough to protest. The consensus seemed to be, until recently, that it was "a fair trade-off for the utility we get out of it."
The amazing connectivity we gained by joining "free" social media platforms incentivized us into apathetic regard for our personal data, shading ground level implications behind lengthy and complex terms and conditions of use.
What will happen to the anxiety, animosity, and outrage felt by many against Facebook? How long will people care enough about this issue to keep it centered in national debate? The debate surrounding personal data privacy – and, by extension, digital identity – is about to hit light speed and fundamentally change how people use technology, as well as how technology influences people.
Although concerns surrounding the Facebook/Cambridge Analytica scandal carry extremely serious implications, chief of which is the shadowy management of American democratic processes, the current calamity is perhaps the biggest opportunity in years for social outcry to change the norms of corporate accountability with respect to personal data.
The implications of the entire debate surrounding personal data privacy in the United States have coincided with groundbreaking legislation in Europe that strongly juxtaposes the regulatory inadequacies governing personal data protections in the US.
Known as the General Data Protection Regulation (GDPR), the new European Union (EU) laws dramatically affect how any organization handles EU citizen data. The entire initiative, made law in 2018, grew out of general sentiment by EU citizens against personal data violations going back as far as 1995.
If history is any guide, perhaps the Facebook/Cambridge Analytica scandal will eventually come to represent more than just the scapegoating of Mr. Zuckerberg. While his legacy is truly in doubt, now there is a glimmer of hope that national outrage will eventually culminate in US citizens – similar to those of the EU – demanding better protections for themselves.
While there is no denying that Facebook has profited from the collection and sale of its users' (and non-users') data, we have incentivized social networks into becoming the information-gobbling monsters they are today through our widespread adoption of the technology. Moreover, in Facebook's defense, the social media platform provides users with functionality that allows individuals to toggle their privacy settings – something most people were either unaware of or did not care enough to do. There are, of course, even those people who actually enjoy Facebook's insight into their lives via their personal data. Some people enjoy a Big Brother's oversight, super-serving them a family-size platter of earthly delights and low-hanging fruit.
Thankfully, the cryptocurrency boom of 2017 has been good for more than just historic financial gains. Noted often, but employed tactically in far too few scenarios, distributed ledger technologies like the Ethereum blockchain have become a semi-household name in recent years and represent much of the promise for aligning personal data regulations with the very people represented by that data.
Ethereum can provide a solution in the form of sovereign ID. Instead of signing in to a website using Facebook's social login, automatically handing all your personal identity data over to the vendor or company, your own sovereign ID is housed on a blockchain, where it is cryptographically secure and anonymous until accessed. Users can select which attributes to share with a particular vendor, and the vendor cannot store them; permission to view identity information can be revoked after use. A number of tools are already in the works to provide data architecture of this sort.
Yes, it requires increased vigilance for users. But surely we can manage that while the much-bewailed robots take over the more laborious elements of our daily tasks.
Increasingly, individuals identify "selfhood" with their social graph and actions, as recorded by social media sites. This sense-of-self-as-diffuse-network – comprised of personal interactions, images, memes, likes, reactions, and memories – poses a challenge that blockchain systems could address: as long as my aggregate of data on all these matters (which amounts to my digital "self") is currently housed in, say, Facebook, LinkedIn, and Instagram's private servers, my precious memories and records of years of messages and interactions are vulnerable to manipulation or deletion. If a company can delete my history from a week in the past, then to a degree, I've lost that week in my life, because I have come to rely on social applications to house my memory. Sure, I can remember my deleted week, but how well? Will I remember it in a few months? Will my all-too-human memory discard it, or remember it incorrectly? And when I tell a new friend about myself, will the memories of that week, poorly recalled, fail to inform who I believe I am today? In this way, it seems conceivable that the vulnerability of digitally stored "selfhood" could mean that, essentially, who I am can now be digitally manipulated by companies, governments, or hackers. What if someone fumbled with fat fingers and accidentally erased my whole online self, along with identifying data? I could be deleted.
But what if I alone controlled that data? Sovereign human IDs on a blockchain would be much less vulnerable to damaging actions.
Obviously, no technology can soothe the existential dread of our own impermanence. As they say, "you can't take it with you." That includes your digital identity. It could be argued that the attrition of human memory and time's depreciation of our possessions, our selves, and our sentimental stashes play an important role in our life experiences, time's way of editing out the unnecessary. But if I were to own this data – housed via a blockchain-enabled data store such as Ethereum's still-in-development Swarm, IPFS's decentralized storage layer, or another storage solution – my social graph, activity history, eye movements, heart rate, and even aspects of my personality such as likes and dislikes would belong to me alone, unchanging as the day they were recorded. That's an encouraging promise in an increasingly evanescent virtual world. One might even wonder, if a collection of this personal data stored on the blockchain could be deployed by AI, could an aspect of my own mind outlive my physical death?
With recent incidences of marriage certificates and other intensely personal information encoded to blockchain, one could easily imagine the enormity of human data the system would swell to encompass – likely outstripping that of the world wide web's information warehousing.
But perhaps we should start with those toggles on our privacy settings.