FINAL WORD
time. In South Africa, more than 30 million
identity numbers and other associated
financial information was leaked online
only last year. Regulators have been swift
in their response. Personal data protection
regulations, such as the European GDPR
or South African POPI Act, carry severe
penalties to companies who act recklessly or
even negligently with personal data.
Stunning revelations surrounding Facebook’s
sharing of up to 87 million members’ data
to a third party in the service of the last US
presidential election has caused shockwaves
across the world, wiping US$100 billion off
its market capitalisation and leading some
analysts to speculate around fines that could
amount to US$2 trillion, 100 times larger
than the biggest corporate fine in history.
Dr Adriana Marais, Head of Innovation at
SAP Africa. Photo: Daniel Craig Johnson
in any transactional environment, including
a decentralised personal data management
system that ensures users own and control
their data.
Ups and downs: The risks of
exponential data
As of this year, the digital world’s data
content is estimated at billions of terabytes,
or zettabytes, 90% of which has been
created since 2016. Information is an
increasingly valuable commodity and its
acquisition, analysis and trade plays an
important role across industries. And with
one quarter of the world’s population using
Facebook every month in 2017, a lot of this
data is personal.
On the one hand, the rise of social media
has led to new conceptualisations and
discussions around identity, as we build
representations of ourselves online. On the
other hand, information about ourselves
that we did not intend to be shared or
distributed is also contributing to our digital
profiles. Any organisation with stores of
personal data can be hacked, be negligent
or even sell this data to external parties
for profit, resulting in outcomes that range
from spam to identity theft.
In 2013 and 2014, three billion Yahoo
accounts were hacked in what was the
highest-profile digital identity breach at the
96
INTELLIGENTCIO
One definition of personal data is an
economic asset generated by the identities
and behaviours of individuals and the
monetisation potential of its (mis)use is
astounding. Services like messaging, search
and navigation may appear free to use, but
they come at a cost. Your personal data, or
perhaps more aptly called your consumer
data. Because as has been said, if you’re
not paying, you’re not the customer; you’re
the product. The question of how to verify,
secure and manage identity and personal
data online is more pertinent today than
ever before.
The strongest link in the (block)chain
identification provides a foundation for
human rights. An estimated 1.1 billion
people worldwide cannot officially prove
their identity and we simply don’t know how
many of the world’s 200 million migrants,
21.3 million refugees, or 10 million stateless
persons have some form of identification.
The World Bank estimates that 78% of
these unidentified people are from sub-
Saharan Africa and Asia.
The recent Blockchain Africa Conference in
Johannesburg brought together like-minded
innovators. Global Consent, based in Cape
Town, is one such local player doing exciting
things in the identity space. Consent is
developing a blockchain-based trust protocol
to independently authenticate identity and
selectively exchange personal information.
Consent is also the first Sovrin steward in
Africa. Sovrin is the world’s first publicly
available distributed ledger dedicated to
digital identity. The code base of Sovrin is
part of the open source Hyperledger project,
which is governed by the Linux Foundation
and backed by corporates including SAP,
IBM, NTT and Intel. The infrastructure
for ensuring consensus, security and trust
around identity transactions on the Sovrin
network is provided by globally distributed
stewards like Consent, who independently
own and operate nodes on the network.
Blockchain has impressive applications in a
transactional environment, in this context
enabling individuals to own and control their
identities online in a decentralised personal
data management system where records are
verified and stored across a network making
the ledger resistant to modification. Like
any network, the strength of a blockchain-
enabled personal data management system
depends in part on its size. And given the
size of the problem of personal identification
in Africa, both online and off, we can look
forward to ongoing discussion and adoption
of technologies like blockchain to meet this
challenge going forward.
Developments in computing, connectivity
and cryptography have resulted in
blockchain, the technological confluence
of the three, with exciting applications in
identification and securing personal data
online. However, we live in the physical world
and biometric data will need to support
the initial registration of an individual on
such a system. A candidate for advanced
biometric identity verification is a naturally
occurring structure, which could also be the
future of data storage, with a remarkable
700 terabyte capacity per gram, the ultimate
unique identifier.
This structure is the DNA molecule and
despite significant achievements like
determining its structure and sequence,
science continues to grapple with the
computational complexity of understanding
life. The role of large portions of determined
sequences remain a complete mystery.
Life and humanity is arguably the most
mysterious phenomenon we have ever
encountered and we have a long way to go
in terms of fully understanding ourselves.
One thing we have arrived at, is a solution
to taking back ownership of our identities in
the digital world we are creating, through the
compelling application of blockchain in the
digital identity space. n
www.intelligentcio.com