The New Age of Human-Centric Internet
What it feels like while online? We might feel anything, apart from privacy or inner tranquility. Exposure on the internet is considered inevitable and we are made to agree with total insecurity as the price we all have to pay for using it. It goes without saying, that vulnerability is internet’s core feature. Let’s sort out what is standing behind this trait.
A programmatic supply chain study carried out by PWC for ISBA found out that the average distinct supply chain for delivering ad impression from top British advertiser to top British publisher is nearly 300. The same, clear outcome was presented in the UK’s Information Commissioner’s Office report.
"One visit to a website, prompting one auction among advertisers, can result in a person’s personal data being seen by hundreds of organisations" – Information Commissioner’s Office about adtech and realtime bidding.
The glue for internet users’ uncontrolled identification within the desktop is the third-party cookies. Safari and Mozilla browsers have stopped supporting them already. Google, as well as Amazon, have been fined for third-party cookies by European authorities, however the size of the fines can’t be compared with Google’s income from the ad empire cash machine. So, Google Chrome, as the most popular web browser, keeps supporting third-party cookies though having promised to stop it by the end of 2021. Unfortunately, the timeline has been changed and postponed to 2023. Google’s put off feels like an oppressive power struggle at the dawn of dictatorship.
Multiple third-party SDKs are part of a monetisation model for app developers which enable In-App ads placement but as a side effect they are leaking significant user’s data. Third-party tracking inside the mobile ecosystem paper written by the University of Oxford found out that 90% of apps in the Google Play market contain at least one third-party tracker leading to complete insecurity and the absence of instruments to control users’ privacy. Therefore, anyone can buy the data about an individual with details comparable with security agencies' knowledge. Nevertheless, the positive changes have started with Apple disabling the user’s IDFA unwanted sharing by app developers. As we see, that has a direct impact on Facebook’s ads empire. Facebook’s reaction to it seemed to be an admission of guilt. By losing the ability to identify users via IDFA in the mobile they simply lose applicability for the huge amount of personal data to advertisement within apps in iOS.
“If they’re making money mainly by collecting gobs of personal data, I think you have a right to be worried”, - Tim Cook about the Facebook reaction on privacy changes in iOS14.
The Sign-In button to people’s favourite digital services via Facebook or Google complements their data-harvesting empires. In return for internet users’ convenience to have a seamless experience without time-consuming Sign-up forms, people pay with another violation of privacy. Cambridge Analytica can be the case how it was being used. This vulnerability feeds the tycoons’ appetite with a significant scope of data from internet user’s life. On the other hand, such Sign-In techniques spray the user’s email via the internet. Finally, email addresses are used as another identificator to scoop up the knowledge about people behind their backs.
AI growing power
Companies are becoming more data driven nowadays. Margrethe Vestager, the Executive VP of the European Commission already named the triopoly (Google, Facebook, and Amazon) as the digital gatekeepers and declared the clear objective to prevent their domination. Meanwhile, for businesses’ survival they need the path to required information about customers. Despite the decreased availability of personal data in the post-GDPR world, there are multiple grey areas with various techniques to get ‘analytical’ data about people’s behaviour. Some of these methods are based on matching fragmented databases relying on AI/ML algorithms and available identifiers. It’s uneasy to control which source of data has been used to feed those machine algorithms. Therefore, computing power is used against people’s privacy. Moreover, there are reputable global brands that have additional income from indirect selling of people’s data while painting a pretty picture of selling sheer ‘analytics’ based on consumers’ data.
The history of the relationship between people and brands started from businesses’ intention to create a product that meets customers’ expectations. The competition was the source of progress and customer satisfaction. Unfortunately, humanity came to the point where corporations having access to the significant amount of personal data combined with growing AI computing power turned people into the passive role of ‘fuel’ for corporations’ growth. The wide control of what we see online on the one hand and detailed knowledge about us with ML prediction of our reactions on the other hand, lead to a situation in human history when people can’t make their independent decisions anymore. ‘Our free’ choices are based on corporate goals and instilled to us with the assistance of new technologies. Historian Yuval Noah Harari named such technological disruption as one of the top three existential threats to human civilisation. The other two are nuclear war and ecological collapse.
Personal data has already become an area of national security. The ability to manipulate citizens' opinions by a few companies from Silicon Valley had conveyed the political establishment’s move with legislative changes to the personal data area. The laws similar to GDPR are spreading worldwide bringing a positive perspective for people’s privacy. Most techniques in the personal data market are not legal anymore and it’s clear that the end of the third-party cookie is just a question of time. The corporations have started being much more cautious with personal data regarding significant fining risks. Due to GDPR and authorities’ firm intention to prevent tech monopolies domination we can conduct the coming end of the Internet’s ‘Wild Wild West’ Era.
The main question is what is going to substitute the outdated personal data market landscape. Executing our mission to put the individual in the center of digital processes we aim to enable GDPR's basic principle that the individual is the only owner of his/her data. Relying on an innovative technological stack our approach is based on 6 basic elements.
Being free from third-party cookies and IDFA our user identification technology is fully secured and 100% deterministic. myGaru ID is session-based where a user has a unique ID for every internet session. The onion-like cryptographic structure that requires a sequence of parties to decrypt ID in chosen order means that every authorised company decrypts its own unique user’s ID leaving no chance for unauthorised usage. Such an approach is cutting away unwanted intermediaries preventing people’s trace-back risks. The sophisticated cryptographic protocol, supporting network service and a chain of cross-signed logs ensure that user identifiers will pass through a pre-defined sequence of nodes. Enforcing a chosen trajectory of intermediaries between publisher and advertiser we speed up the web-page upload avoiding delays needed for the pass of IDs within hundreds of adtech intermediaries. Our solution creates technological ground for an anonymous+precise experience as the most controversial people’s demand.
2. PEOPLE`S CONTROL
An Internet user via the myGaru app receives control on their own personal data. People can adjust their digital identity profile seen by digital services and advertisers. Adding the control over ads categories seen online and the way favourite digital services communicate safely with a user we deliver a game-changing user experience perspective. On the other hand, we implement pay-per-use philosophy to personal data instead of uncontrolled infinite reselling and cross-matching via static IDs. myGaru’s system records all sensitive data-related activities and then provides evidence and proofs of honesty to third parties — Audit Log system. So, people receive cryptographically verifiable signed timestamps for every touch to their data. The driving seat position for data-related actions opens to people the way for their data monetisation.
3. ISOLATED COMPUTING POWER
Growing capabilities of AI/ML have captured the brain’s role in the digital world. We intentionally avoid the in-house aggregation of AI/ML resources. That’s what makes myGaru free from risks inherent to current monopolies. We create the eco-system where the independent data-scientists are isolated from end-users' data while being able to use the treasure of blurred non-identifiable data combined with unique performance measurement instruments. Decentralised models’ development is based on the Differential Privacy as a mathematically provable GDPR compliant approach. It is the math that makes sure all personal data is highly protected from re-identification attacks. Such an approach leads to the AI/ML market liberalization while leaving control on identifiers (data model’s applicability) for people.
4. SECURED DATA STORAGE
myGaru’s architecture positions telecommunication operators in a pivotal data-storage role. Telcos have a long history of a trusted relationship with subscribers. Their approach to data security is an excellent benchmark in most cases and results in outstanding trust from people. Our vision is based on hosting people’s data within the telecommunication operator they use. Thus, we establish a unified standard for secured first party data storage corresponding to cross-regional compliance requirements. Such an approach places telcos in an additional reputable role in the internet landscape and provides a path for organisations to deal with data market in more technologically efficient, non-monopolized and scalable way. While playing the leading role in the internet transformation telcos enhance the trusted relationship with subscribers.
5. LEGAL PROTECTION
Our final goal is to prevent any uncontrolled usage of myGaru users’ data. The current market has various adtech techniques to gain users’ consent. Received through pressure and opacity they use it to justify the actions with users’ data. Dealing on behalf of users we can withdraw previously given consents and require ‘stop processing’ from the hundreds of hidden adtech companies and data brokers. Moreover, relying on partnered leading law firms we aim to provide legal support to our users in cases where companies are abusing myGaru users’ data privacy rights. Leveraging authorities with private legal practice we aim to enforce the newest privacy law implementation. On the other hand, we open the way for businesses to reach a reconciliation with myGaru’s users regarding the previous misuse of personal data while establishing ‘Day Zero’ in trusted data relationships.
The European authorities are clear about the risk of creating another dragon while killing the existing one. That’s why the requirement for neutrality for a data-intermediary is crucial and openly declared by the European Commission. It is the reason why myGaru is built from get-go based on GDPR principles for trustworthy exchange of data. myGaru is free from venture capital and none of the voting shareholders have conflict of interest dealing with data based businesses. Moreover, an independent Public Board is integrated within the myGaru’s corporate structure and constituted from public figures with proven track records in human rights and the data privacy domain.
The main myGaru goal is to deliver the trust to the internet as the most demanded aspect of common wealth’s growth. Our solution is based on innovative technological stack integrating cybersecurity, network engineering, adtech, cryptography, big data and legal expertise. The internet experience explicitly controlled by the individual is the core element in the digital services evolution. Thus, people’s confidence in privacy within the internet and disrupting monopolies’ barriers leads to the new human-centric Era of the internet.