Creator of The World Wide Web Tim Berners-Lee has proposed “The Contract for The Web” – a new framework to protect online privacy and personal data featuring nine guiding principles.
GDPR awakened the U.S. and states are now beginning to develop regulations and laws addressing online privacy and the collection of personal data. However, just as the EU learned that a single regulation would work to greatly simplify compliance for all EU member states, the U.S. would most likely stand to benefit from one national law vs. 50 similar, but nevertheless separate state regulations. A single source of understanding for what businesses need to achieve is much simpler, and thus, more likely to work. If we don’t want businesses to treat compliance as a checkbox exercise, then we need to make it as simple as possible. Why repeat past mistakes when this is precisely the reason GDPR came into existence?
I harkened this Contract for the Web to “The Hacker Manifesto” from 1986. We all want to be free to explore but I don’t know if it will work.
I can write this a different way if that is more appropriate.
As “The Mentor” said in his infamous writing “The Conscience of a Hacker
\”This is it… this is where I belong…
And then Governments and Companies realized that many of us would figure out that the world of computers and the Internet meant we could find where we belonged and they followed us there. They figured out how to watch us, how to observe us and they eventually began listening to us, without our permission. Now, we don’t know when we are being watched. We don’t know what information anyone has on us and we don’t know what they intend to do with this knowledge.
I love the idea that we should have free (uncensored) access to information. I know that there are plenty of Governments and Companies that will disagree with that. A little bit of freedom tends to equate to lack of control for any constituency. I doubt that China will be removing the Great Firewall anytime soon. I don’t think that Facebook is going to let me delete the meta-file they have on me that includes my personal likes and dislikes, just because I disagree that they can have the information in trade for use of their platform. Freedom means I get to un-trust you because you don’t have my best interest in mind.
I don’t think publishing a manifesto on how people should operate yields alignment, or even partial alignment, immediately. Though they have built in a few incentives for Governments and Companies to act more in line with how we all want the Internet to work, the incentives to keep the privacy standards lax are too great. Where is the oversite? Who polices this? Who is the public entity with no incentives that will ensure we are all safe? Shouldn’t we be addressing security and safety online?
Just like “The Mentor” published “The Hacker Manifesto”, in order to illuminate Governments and Companies to the presence of the curious, those that test systems and ensure security are often persecuted by Governments and Companies that would be shown in a bad light. Those that wish to have Privacy and Security online will always want to ensure freedom.
“We explore… and you call us criminals. We seek
after knowledge… and you call us criminals. We exist without skin color,
without nationality, without religious bias… and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to us
and try to make us believe it\’s for our own good, yet we\’re the criminals.\”
“ ~ The Mentor 8 January 1986.
Like the highways we drive on, there are rules and regulations. However, the information superhighway that we all call the internet does not have a similar set of rules or regulations. Using the internet like any tool has to be used correctly or it ruins people, corporations or governments.
The internet has been growing over the past 40+ years and in the recent years, has become a tool to help people find each other, deliver education, and increase productivity. However, its use is unmanaged and only regulated by company policies or a few countries with their own privacy requirements. Other organizations are making similar statements to work together and implement guidance on how the internet should be used.
One area of concern that should be addressed is cybersecurity awareness for people, the internet\’s consumers. Making the call for stricter rules on privacy is an utmost concern, however, the need for more cybersecurity is also relevant and should be added as a basic principal. It is believed that cybersecurity is a byproduct of privacy, but it misses the opportunity to use information security principles to identity and classify the data that needs to be protected. In today’s society, data is becoming the commodity that is making money for organizations and should be protected securely and privately.
If governments, organizations and people can work together to create regulations to protect the internet, it will benefit everyone by assuring that data is secured and protected from unauthorized access and used for the purpose for which it was created.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics