![\"\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2021\/01\/12082447\/128_brittany_kaiser_image.jpg\")
Secure Futures<\/p>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t
For unique thinkers<\/span><\/h3>\n\t\t\t\t\t\t\t\t\t\t\t<\/header>\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tNew visions of tech, leadership and the future.<\/p>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t
\n\t\t\t\t\tSubscribe<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/article>\n\t\t<\/div>\n\t\nHow can we change the status quo of organizations, rather than people, owning our data?<\/strong><\/p>\nThe framework I like to work with is data ownership<\/a>. Property is the most potent form of law. If someone damages your property, you\u2019ll win compensation, even with fractional ownership. If I own 20 percent of Facebook\u2019s data about me, I should get 20 percent of the revenue from it.<\/p>\nData ownership as a business model could look a lot like Airbnb. If data is my property like my house, if you want to use it, I say how you can use it, for how long, and we agree a price before I hand over the keys. It should be transparent. Perhaps I give a license for six months or a year. Then I get compensated, either upfront or as a dividend based on use.<\/p>\n
This solves the world\u2019s most significant human rights problem: Extreme poverty. Many supply chains are damaged after the pandemic \u2013 the United Nations says 270 million are at risk of starvation<\/a>. If everyone owns their data, some could earn enough to feed themselves.<\/p>\nZuckerberg (Mark Zuckerberg, Facebook CEO) says everyone\u2019s data is only worth 17 US dollars a quarter. I think it\u2019s worth far more and that\u2019s just Facebook data, but let\u2019s work with this figure. Two billion people live on less than 2 US dollars a day, so 17 dollars every three months would make a huge difference. Data could solve poverty.<\/p>\n
It\u2019s a bold and far-reaching idea that personal data could be turned into personal value. How can we improve privacy standards at the same time?<\/strong><\/p>\nRight now, data protection and privacy legislation is an ideal. It\u2019s new, and we\u2019re in a pandemic where some countries have given exemptions, so laws haven\u2019t been fully ratified. We\u2019re heading in the right direction to provide more transparency and rights. The goal should be, once people are educated, we have the legislation in place and technologies to secure our data. After that, no one should access it until we give consent.<\/p>\n
And we consent because we\u2019re incentivized. Now we have no incentive, so people shout about privacy. There\u2019s no benefit except to open ourselves up to abuse. Business and government have exposed us to this. What if we flip the incentive structure? I could share my data with a diabetes research company, earn money and help cure diabetes. People would opt-in.<\/p>\n
How would a personal data market work in practice? <\/strong><\/p>\nPersonal data is the world\u2019s most valuable industry, but we can\u2019t see or participate in it, even though our data is in these markets. We should control and decide which data markets to take part in and what to consent to. Like sharing your data with the government so they can help prevent a terrorist attack. Or a pharma researcher, so medicines work better on women and minorities, rather than the 18-year-old white guys that sign up to medical trials for beer money. You could consent to smart cities and IoT<\/a> (internet of things), so there are fewer traffic accidents.<\/p>\nYou could use your time to do surveys or watch targeted content for a universal earned income<\/a>. Most policymakers propose a universal basic income as a handout from the government. The income from your data you\u2019ve earned from its value \u2013 it\u2019s not a handout. It could pay for a few groceries, or in some economies, for your apartment. A \u2018data wallet\u2019 could show the data you\u2019re producing and opportunities to join different marketplaces or research. You decide which opportunities to participate in.<\/p>\nThousands of companies are building solutions to solve parts of this problem \u2013 digital identity management, smart contracts<\/a> and automated monetization like token rewards or digital money. Soon, we\u2019ll see enterprise-level solutions that we can use reliably.<\/p>\nAfter your experience with the Cambridge Analytica scandal, you\u2019ve talked about data being used as a weapon in democracy. What does this mean?<\/strong><\/p>\nData weaponization means using data to target people for purposes they didn\u2019t consent to. It could be considered violent. Data has been used to target people who break social norms, to incite racial hatred and violence, and by political organizations to suppress voters.<\/p>\n
That\u2019s where it gets scary \u2013 data can be used for a cyberwar. Not with physical weapons, but undermining the way democracy functions and how we integrate peacefully. If you\u2019re disturbing the peace with a data program, that\u2019s a form of war.<\/p>\n<\/blockquote>\n
We need to solve this problem in a more systemic way. Put pressure on big tech companies who are doing too little, too late.<\/p>\n
We need to pass regulation that demands they invest. With the money they make, they could invest more in solving this problem. Zuckerberg says he\u2019s got thousands of people working on it. Why don\u2019t you have hundreds of thousands of people solving it? It\u2019s nothing compared to efforts made towards shareholder profits.<\/p>\n
What role can regulation and cyber standards play in safeguarding our data?<\/strong><\/p>\nI\u2019m doing legal work about the custodian responsibilities and standards expected of those holding our data. If they prioritize fiduciary responsibilities<\/a> before obligations to shareholders, there will be more ethical practices. Right now, the greatest responsibility is consumer protection, but organizations have little incentive to protect your data.<\/p>\nFacebook has already been fined over 5 billion US dollars for failing to protect its customers<\/a>. But it isn\u2019t enough. We need stricter legal protocols. In 2019, Senator Elizabeth Warren put the Corporate Executive Accountability Act<\/a> bill to the US government. It\u2019s proposed that if a company allows a data breach or hack through negligence, its executives are criminally liable. It\u2019s a vital step. If Zuckerberg or Sheryl Sandberg (Facebook COO) thought they were going to jail or lose their job, they\u2019d have more incentive to protect people.
\n![\"\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2021\/01\/12083829\/128_brittany_kaiser_interview-inline-1024x768.jpg\")
In both the Cambridge Analytica<\/a> and Equifax scandals<\/a>, it\u2019s gross negligence. It\u2019s nothing to do with cybersecurity protocols. For Equifax, 3,000 security certificates weren\u2019t updated, then they got hacked. And their business is holding and sharing personal data. I was an expert witness in the case against them. A lawyer said not installing the update was like leaving the house with the doors open and lights on, then being surprised to get robbed.<\/p>\nWe need to enforce higher cybersecurity standards if you want to hold personal data. If you\u2019ve shown good practice and have upheld standards, then no, you shouldn\u2019t be held criminally liable as you\u2019ve done everything you reasonably can. Some hackers are really good, and some vulnerabilities too hard to predict.<\/p>\n
What can governments and regulators do to help businesses comply? <\/strong><\/p>\nI believe most businesses want to do the right thing. We need to make it easy and affordable for them. That\u2019s one of the most important things about California\u2019s Proposition 24<\/a>. They\u2019ve established the first data protection commission. 50 staff will use their expertise to help companies comply, so it\u2019s not a burden. We need more of this worldwide, particularly as many businesses and economies have taken a hit with the pandemic.<\/p>\nWhat advice would you give an employee if they see a potential data breach in their company? <\/strong><\/p>\nAlways raise the red flag internally first. Your company may not know they\u2019re doing something wrong, or it\u2019s a decision by one rogue employee. They could fix it. But if you continually raise flags and suddenly you\u2019re being cut out of meetings, getting cold-shouldered, or you get fired, it\u2019s time to go public. A whistleblowing lawyer is one path, or you could directly approach a data regulator. Hold the company to account to make sure they comply and can\u2019t misuse their power.<\/p>\n
What\u2019s the philosophy of your Own Your Data Foundation? <\/strong><\/p>\nI co-founded the Own Your Data Foundation<\/a> in 2019 when I realized it would take time to get the right data protection legislation, and the enterprise-level tech isn\u2019t yet available.<\/p>\nThe sustainable way is to empower people to protect themselves. We give digital literacy training for the Digital Intelligence (DQ) curriculum<\/a>, which this year became an Institute of Electrical and Electronics Engineers (IEEE) global standard<\/a>. Leading technology universities, government ministries, think tanks and Microsoft developed it. It\u2019s supported by UNICEF, the World Economic Forum and OECD.<\/p>\nIt begins by assessing your digital intelligence and giving you a DQ score \u2013 like IQ or EQ \u2013 to improve upon. Training topics include your data rights, cybersecurity protocols and media literacy. Tests include spotting fake news and phishing, how to show emotional intelligence online and protecting yourself and others from cyberbullying. We also explore mental and physical health and stop device addiction.<\/p>\n
New visions of tech, leadership and the future.<\/p>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t
How can we change the status quo of organizations, rather than people, owning our data?<\/strong><\/p>\n The framework I like to work with is data ownership<\/a>. Property is the most potent form of law. If someone damages your property, you\u2019ll win compensation, even with fractional ownership. If I own 20 percent of Facebook\u2019s data about me, I should get 20 percent of the revenue from it.<\/p>\n Data ownership as a business model could look a lot like Airbnb. If data is my property like my house, if you want to use it, I say how you can use it, for how long, and we agree a price before I hand over the keys. It should be transparent. Perhaps I give a license for six months or a year. Then I get compensated, either upfront or as a dividend based on use.<\/p>\n This solves the world\u2019s most significant human rights problem: Extreme poverty. Many supply chains are damaged after the pandemic \u2013 the United Nations says 270 million are at risk of starvation<\/a>. If everyone owns their data, some could earn enough to feed themselves.<\/p>\n Zuckerberg (Mark Zuckerberg, Facebook CEO) says everyone\u2019s data is only worth 17 US dollars a quarter. I think it\u2019s worth far more and that\u2019s just Facebook data, but let\u2019s work with this figure. Two billion people live on less than 2 US dollars a day, so 17 dollars every three months would make a huge difference. Data could solve poverty.<\/p>\n It\u2019s a bold and far-reaching idea that personal data could be turned into personal value. How can we improve privacy standards at the same time?<\/strong><\/p>\n Right now, data protection and privacy legislation is an ideal. It\u2019s new, and we\u2019re in a pandemic where some countries have given exemptions, so laws haven\u2019t been fully ratified. We\u2019re heading in the right direction to provide more transparency and rights. The goal should be, once people are educated, we have the legislation in place and technologies to secure our data. After that, no one should access it until we give consent.<\/p>\n And we consent because we\u2019re incentivized. Now we have no incentive, so people shout about privacy. There\u2019s no benefit except to open ourselves up to abuse. Business and government have exposed us to this. What if we flip the incentive structure? I could share my data with a diabetes research company, earn money and help cure diabetes. People would opt-in.<\/p>\n How would a personal data market work in practice? <\/strong><\/p>\n Personal data is the world\u2019s most valuable industry, but we can\u2019t see or participate in it, even though our data is in these markets. We should control and decide which data markets to take part in and what to consent to. Like sharing your data with the government so they can help prevent a terrorist attack. Or a pharma researcher, so medicines work better on women and minorities, rather than the 18-year-old white guys that sign up to medical trials for beer money. You could consent to smart cities and IoT<\/a> (internet of things), so there are fewer traffic accidents.<\/p>\n You could use your time to do surveys or watch targeted content for a universal earned income<\/a>. Most policymakers propose a universal basic income as a handout from the government. The income from your data you\u2019ve earned from its value \u2013 it\u2019s not a handout. It could pay for a few groceries, or in some economies, for your apartment. A \u2018data wallet\u2019 could show the data you\u2019re producing and opportunities to join different marketplaces or research. You decide which opportunities to participate in.<\/p>\n Thousands of companies are building solutions to solve parts of this problem \u2013 digital identity management, smart contracts<\/a> and automated monetization like token rewards or digital money. Soon, we\u2019ll see enterprise-level solutions that we can use reliably.<\/p>\n After your experience with the Cambridge Analytica scandal, you\u2019ve talked about data being used as a weapon in democracy. What does this mean?<\/strong><\/p>\n Data weaponization means using data to target people for purposes they didn\u2019t consent to. It could be considered violent. Data has been used to target people who break social norms, to incite racial hatred and violence, and by political organizations to suppress voters.<\/p>\n That\u2019s where it gets scary \u2013 data can be used for a cyberwar. Not with physical weapons, but undermining the way democracy functions and how we integrate peacefully. If you\u2019re disturbing the peace with a data program, that\u2019s a form of war.<\/p>\n<\/blockquote>\n We need to solve this problem in a more systemic way. Put pressure on big tech companies who are doing too little, too late.<\/p>\n We need to pass regulation that demands they invest. With the money they make, they could invest more in solving this problem. Zuckerberg says he\u2019s got thousands of people working on it. Why don\u2019t you have hundreds of thousands of people solving it? It\u2019s nothing compared to efforts made towards shareholder profits.<\/p>\n What role can regulation and cyber standards play in safeguarding our data?<\/strong><\/p>\n I\u2019m doing legal work about the custodian responsibilities and standards expected of those holding our data. If they prioritize fiduciary responsibilities<\/a> before obligations to shareholders, there will be more ethical practices. Right now, the greatest responsibility is consumer protection, but organizations have little incentive to protect your data.<\/p>\n Facebook has already been fined over 5 billion US dollars for failing to protect its customers<\/a>. But it isn\u2019t enough. We need stricter legal protocols. In 2019, Senator Elizabeth Warren put the Corporate Executive Accountability Act<\/a> bill to the US government. It\u2019s proposed that if a company allows a data breach or hack through negligence, its executives are criminally liable. It\u2019s a vital step. If Zuckerberg or Sheryl Sandberg (Facebook COO) thought they were going to jail or lose their job, they\u2019d have more incentive to protect people. We need to enforce higher cybersecurity standards if you want to hold personal data. If you\u2019ve shown good practice and have upheld standards, then no, you shouldn\u2019t be held criminally liable as you\u2019ve done everything you reasonably can. Some hackers are really good, and some vulnerabilities too hard to predict.<\/p>\n What can governments and regulators do to help businesses comply? <\/strong><\/p>\n I believe most businesses want to do the right thing. We need to make it easy and affordable for them. That\u2019s one of the most important things about California\u2019s Proposition 24<\/a>. They\u2019ve established the first data protection commission. 50 staff will use their expertise to help companies comply, so it\u2019s not a burden. We need more of this worldwide, particularly as many businesses and economies have taken a hit with the pandemic.<\/p>\n What advice would you give an employee if they see a potential data breach in their company? <\/strong><\/p>\n Always raise the red flag internally first. Your company may not know they\u2019re doing something wrong, or it\u2019s a decision by one rogue employee. They could fix it. But if you continually raise flags and suddenly you\u2019re being cut out of meetings, getting cold-shouldered, or you get fired, it\u2019s time to go public. A whistleblowing lawyer is one path, or you could directly approach a data regulator. Hold the company to account to make sure they comply and can\u2019t misuse their power.<\/p>\n What\u2019s the philosophy of your Own Your Data Foundation? <\/strong><\/p>\n I co-founded the Own Your Data Foundation<\/a> in 2019 when I realized it would take time to get the right data protection legislation, and the enterprise-level tech isn\u2019t yet available.<\/p>\n The sustainable way is to empower people to protect themselves. We give digital literacy training for the Digital Intelligence (DQ) curriculum<\/a>, which this year became an Institute of Electrical and Electronics Engineers (IEEE) global standard<\/a>. Leading technology universities, government ministries, think tanks and Microsoft developed it. It\u2019s supported by UNICEF, the World Economic Forum and OECD.<\/p>\n It begins by assessing your digital intelligence and giving you a DQ score \u2013 like IQ or EQ \u2013 to improve upon. Training topics include your data rights, cybersecurity protocols and media literacy. Tests include spotting fake news and phishing, how to show emotional intelligence online and protecting yourself and others from cyberbullying. We also explore mental and physical health and stop device addiction.<\/p>\n
\nIn both the Cambridge Analytica<\/a> and Equifax scandals<\/a>, it\u2019s gross negligence. It\u2019s nothing to do with cybersecurity protocols. For Equifax, 3,000 security certificates weren\u2019t updated, then they got hacked. And their business is holding and sharing personal data. I was an expert witness in the case against them. A lawyer said not installing the update was like leaving the house with the doors open and lights on, then being surprised to get robbed.<\/p>\n