Tag: data

By Jamie McKane for MyBroadband

A Vodacom customer contacted MyBroadband this week stating that their mobile data bundles were being depleted on a “Last In First Out” (LIFO) basis, which is in contravention of ICASA’s regulations which came into effect on 1 March 2019.

Among other requirements, these regulations require networks to deplete data on a “First In First Out” (FIFO) basis.

This means that your older data bundles should be used up before your newer bundles in order to optimise the amount of data eligible for rollover.

Depleting newer data bundles first means that the average expiry date of a customer’s rolled-over data balance becomes earlier.

The customer who contacted MyBroadband received a 20GB data bundle on 1 March 2019 and was left with 4.27GB of this bundle on 31 March 2019. On 1 April 2019, the customer then received a new 20GB data bundle.

According to the FIFO system, the bundle with a balance of 4.27GB should have been depleted first when usage occurred – but the new 20GB bundle which expired on 30 April began depleting instead.

MyBroadband contacted Vodacom for feedback on this case to determine whether this was an isolated incident or a possible failure to switch to the new rules.

Vodacom responds
Vodacom told MyBroadband that applying new systems in line with the regulations to its large customer base was a technical challenge.

“To meet the requirements of the regulations, Vodacom had to apply an order of consumption rule change to a base of over 40 million subscribers in addition to a number of other changes brought about by ICASA’s charter,” Vodacom stated.

“As one might expect with a complex and technical implementation of this magnitude – arguably one of the largest in Vodacom’s history – there will be some glitches.”

Vodacom said its technical team has worked tirelessly to resolve these when they arise and is currently investigating the case mentioned above.

“[The affected customer]’s case is an isolated incident that our technical team is currently investigating as all customers should have their data depleting according to the FIFO order of consumption rules,” Vodacom stated.

Vodacom added that its new data depletion system has already been implemented which automatically prevents out-of-bundle use.

Customers can also purchase Vodacom’s Data Refill product or set an out-of-bundle limit if they wish to retain connectivity after depleting their data bundle.

By Chantall Presence for IOL 

Vodacom on Wednesday announced it would rollover data for free following outrage from its customers and South Africa’s telecommunications regulator.

The mobile operator had initially indicated it would charge customers R49 to rollover unused data or transfer to data to friends and family.

In a statement, Vodacom detailed its new tariffs ahead of new data rules taking effect this week.

“From 1 March, remaining data on bundle purchases by all customers will be rolled over at no additional charge once a customer purchases the same bundle as the original one,” the statement said.

Transferring unused data will, however, come at a cost.

“Customers will be able to transfer data that is about to expire to friends and family on the Vodacom network for fees ranging from free for 50MB up to a maximum of R20 for 1GB.”

In a bid to lower the high cost of data in South Africa, the End-User and Subscriber Service Charter regulations were amended and come into effect on Thursday.

The new rules on data include consumers being notified of how much data they are consuming, people being given the option to roll over or transfer data before it expires, and mobile operators not being able to charge consumers out of bundle rates without their prior consent.

Rain and Huawei roll out high-speed 5G in SA

By Siseko Njobeni for Business Live

SA’s data-only network operator Rain, which is partly owned by businessmen Patrice Motsepe, Paul Harris and Michael Jordaan, has partnered with Chinese telecoms giant Huawei to roll out the high-speed 5G network by the middle of 2019.

The roll-out will make SA one of the first countries to launch 5G, which promises faster download speeds, reliable network connectivity and the ability to connect more devices at once.

“The network will provide fibre-like speeds without installation complexities, time delays and cost of laying fibre in underserviced areas,” Rain CEO Willem Roos said on Tuesday.

Rain and Huawei made the announcement at the 2019 Mobile World Congress in Barcelona, Spain, where 5G took centre stage.

“5G is here. If there is any doubt, you only have to walk around [the conference],” said Harris, who is also Rain chair.

He said that the development of 5G products later in the year would hit the industry like a tsunami.

Roos said Rain would take advantage of its existing 4G network and allocated spectrum.

Huawei said its products would enable Rain to use the existing network, saying leveraging existing infrastructure would accelerate the roll-out of the 5G network. Rain had about 3,000 4G sites in SA, Roos said.

“It is well-known that as broadband penetration increases in a country, you get better economic growth. With better economic growth, you can see improvement in employment. We are big supporters of [President Cyril Ramaphosa’s plan] to re-energise investment in SA.

“We made a promise to invest a significant amount of money in 5G,” Roos said.

“We hope to have rolled out a significant number of towers in [Cape Town, Johannesburg and Durban] by mid-2019 to offer commercial services to clients.”

Rain planned to roll out the network rapidly, aiming for “significant” coverage in metropolitan areas initially, he said. The company said it wanted to deploy 1,000 5G sites in major cities in the next two years.

Responding to a question during the announcement, Roos said Rain had no immediate plans to expand to the rest of Africa. “Obviously, there is complexity around spectrum, licences and those kinds of issues. Certainly, SA can play a crucial role as the gateway to Africa. We will see if commercial opportunities that make sense arise.”

GSMA director-general Mats Granryd said: “The arrival of 5G forms a major part of the world’s move towards an era of intelligent connectivity, which alongside developments in the Internet of Things, big data and artificial intelligence, is poised to be a key driver of economic growth over the coming years.”

GSMA is a global mobile industry body.

It said in a report that 5G would account for 15% of global mobile connections by 2025.

What it costs to send a WhatsApp message in SA

By Jamie McKane for MyBroadband

WhatsApp has become the most popular messaging app for smartphones in South Africa, thanks to its cheap messaging costs compared to standard SMS rates offered by mobile operators.

The app offers South Africans a way to call, text, and share media with each other at rates far lower than anything offered by mobile networks, even when using a mobile data bundle.

Our previous tests have shown that using WhatsApp to call over a mobile data connection is far cheaper than making a cellular call to another user.

However, other forms of communication offered by the app use different amounts of mobile data.

We therefore tested how much data was used by different types of WhatsApp messaging and calling options.

Data usage
The WhatsApp data usage was measured using WhatsApp’s built-in network usage tools, which provide a refined data usage measurement for smaller options such as text messages.

Data on video and voice calling over WhatsApp was sourced from MyBroadband’s previous tests.

We used two Android smartphones for this test, sending one message at a time between the devices and monitoring the data usage reflected within the application.

The data usage for text messages, standard-resolution photos, one-minute voice calls, 30-second voice notes, 10-second videos, and one-minute voice calls was collected and compared to provide an overview of the data usage requirements for WhatsApp on a modern smartphone.

From the data we collected, it is apparent that certain functions such as voice notes and standard text messages use very little data and can be quite optimal for communicating over mobile data.

To determine how much each message would cost, we compared the amount of data used for each message type with the price of a 1GB data bundle on each mobile network in South Africa.

Standard 1GB mobile data bundle pricing was used to provide parity with Rain, which charges a flat R50-per-GB rate on its data-only network.

We used these prices to calculate a price-per-MB, which was then used to calculate how much each WhatsApp message type would cost on the mobile networks.

The results are posted below:

By Emily Glazer, Deepa Seetharaman and AnnaMaria Andriotis for Wall Street Journal 

The social-media giant has asked large U.S. banks to share detailed financial information about their customers, including card transactions and checking-account balances, as part of an effort to offer new services to users.

Facebook increasingly wants to be a platform where people buy and sell goods and services, besides connecting with friends. The company over the past year asked JPMorgan Chase JPM 0.37% & Co., Wells Fargo & Co., Citigroup Inc. C 0.01% and U.S. Bancorp USB 0.70% to discuss potential offerings it could host for bank customers on Facebook Messenger, people familiar with the matter said.

Facebook has talked about a feature that would show its users their checking-account balances, the people said. It has also pitched fraud alerts, some of the people said.

Data privacy is a sticking point in the banks’ conversations with Facebook, said people familiar with the matter. The talks are taking place as Facebook faces several investigations over its ties to political analytics firm Cambridge Analytica, which accessed data on as many 87 million Facebook users without their consent.

One large U.S. bank pulled away from the talks due to privacy concerns, some of the people said.

Facebook has told banks that the additional customer information could be used to offer services that might entice users to spend more time on Messenger, a person familiar with the discussions said. The company is trying to deepen user engagement: Investors shaved more than $120 billion from its market value in one day last month after it said its growth is starting to slow.

Facebook said it wouldn’t use the bank data for ad-targeting purposes or share it with third parties.

“We don’t use purchase data from banks or credit-card companies for ads,” spokeswoman Elisabeth Diana said. “We also don’t have special relationships, partnerships or contracts with banks or credit-card companies to use their customers’ purchase data for ads.”

Facebook shares climbed sharply Monday on the news, rising 4.45%, marking the biggest one-day gain since last month’s historic drop.

Banks face pressure to build relationships with big online platforms, which reach billions of users and drive a growing share of commerce. They also are trying to reach more users digitally. Many struggle to gain traction in mobile payments.

Yet banks are hesitant to hand too much control to third-party platforms such as Facebook. They prefer to keep customers on their own websites and apps.

As part of the proposed deals, Facebook asked banks for information about where their users are shopping with their debit and credit cards outside of purchases they make using Facebook Messenger, the people said. Messenger has some 1.3 billion monthly active users, Chief Operating Officer Sheryl Sandberg said on the company’s second-quarter earnings call last month.

Alphabet Inc.’s Google and Amazon.com Inc. also have asked banks to share data if they join with them, in order to provide basic banking services on applications such as Google Assistant and Alexa, according to people familiar with the conversations.

Facebook has taken a harder public line on privacy since the Cambridge Analytica uproar. A product privacy team has announced new features such as “clear history,” which would allow users to prevent the service from collecting their off-Facebook browsing details. It also is making efforts to alert users to its privacy settings.

That hasn’t assuaged concerns over Facebook’s privacy practices. Bank executives are worried about the breadth of information being sought, even if it means their bank might not being available on certain platforms their customers use. Bank customers would need to opt-in to the proposed Facebook services, the company said in a statement Monday.

JPMorgan isn’t “sharing our customers’ off-platform transaction data with these platforms, and have had to say no to some things as a result,” spokeswoman Trish Wexler said.

Banks view mobile commerce as one of their biggest opportunities but are still running behind technology firms such as PayPal Holdings Inc. PYPL 0.62% and Square Inc. Customers have moved slowly, too; many Americans still prefer using credit or debit cards, along with cash and checks.

In an effort to compete with PayPal’s Venmo, a group of large banks last year connected their smartphone apps to money-transfer network Zelle. Results are mixed so far: While usage has risen, many banks still aren’t on the platform.

In recent years, Facebook has tried to transform Messenger into a hub for customer service and commerce, in keeping with a broader trend among mobile messaging services.

A partnership with American Express Co. AXP 1.04% allows Facebook users to contact the card company’s representatives. Last year, Facebook struck a deal with PayPal that allows users of that payment service to send money through Messenger. And Mastercard Inc. MA 0.54% cardholders can place online orders with certain merchants through Messenger using the card company’s Masterpass digital wallet. (A Mastercard spokesman said Facebook doesn’t see the card users’ information.)

Rain takes on Vodacom, MTN

By Nick Hedley for Business Day 

The new mobile operator backed by prominent businessmen Patrice Motsepe, Paul Harris and Michael Jordaan is taking the fight over data prices to sector giants Vodacom and MTN.

Rain, a data-only network operator that launched mobile services two weeks ago, wanted to win over its rivals’ heavy data users with a simpler offering and competitive prices, CEO Willem Roos said.

Amid a decline in traditional voice revenues and public scrutiny over connectivity costs, data is becoming a major battleground for SA’s telecommunications companies, and the market is ballooning – Vodacom, MTN, Cell C and Telkom generated a combined R47bn in data revenues in SA in their financial years ended December and March.

Rain does not offer traditional voice services, but sells data for R50 a gigabyte, while outside of peak evening hours, its customers can use unlimited data for R250 a month, according to Roos, the former CEO of Outsurance.

In the two weeks since launching the product, “our business volumes have surprised us slightly on the positive side, particularly since we didn’t do any advertising”, he said.

“I really think we’ve addressed a few pain points in the market that customers have experienced, and although our offering is somewhat limited geographically and in being data only, for customers where that makes sense, I think it’s quite a compelling product.”

The metropolitan-focused operator plans to grow its network from 2,100 cellphone towers to 5,000 within the next three years.

Rain, which also offers fixed-wireless services, had mostly resolved “teething problems” related to delayed deliveries of SIM cards, Roos said.

The company, which is more than 40% black-owned, was promoting dual-SIM phones, where customers used Rain for data services and a rival’s network to make traditional voice calls. Roos said some customers were becoming comfortable with the idea of ditching voice-enabled SIM cards altogether and making all their calls on WhatsApp and other internet-based services.

With Rain’s coverage confined to cities and large towns, “we accept it’s slightly a niche product, but not small — I still think there are millions of people it would appeal to”.

Rain already lets Vodacom roam on its network and Roos said that it was considering giving mobile virtual network operators access to its spectrum and infrastructure.

“We have had discussions with a number of players. But I think the data-only aspect still needs to be proven, and we’re also keen on building our own business because the real value would lie in building a good retail business…. We’d like to become a decent-sized player.”

Africa Analysis director Dobek Pater said while it would take time for Rain to build market share, its mobile offering was likely to have a “significant” effect on the market.

It could stimulate competition by allowing new operators to use its network, while its larger competitors would probably have to reduce their data prices further, Pater said.

Bar some of Telkom’s offerings, Rain was the cheapest operator in the market for consumers who used less than 20GB of data a month.

“In terms of what Icasa [the Independent Communications Authority of SA] and the Competition Commission are trying to achieve in terms of reducing data prices and the cost to communicate, that will transpire to a large extent through private sector initiatives anyway. Competitive market forces will force prices down even further.”

By Tehillah Niselow for Fin24 

Liberty Holdings customers received SMSs on Saturday alerting them that personal information related to their insurance policies could have been stolen by an external party.

The Information Regulator, which has asked for information about the Liberty breach, is clearly concerned about the increasing number of cyber attacks affecting personal data in South Africa.

“Without a fully functional Information Regulator, these breaches will continue to occur without sanctions provided for in the Protection of Personal Information Act (POPIA),” said chairperson Advocate Pansy Tlakula.

Tlakula urged “the powers that be to assist it in fast tracking its operationalisation”.

According to corporate law firm Michalsons, certain limited sections of POPIA have already been implemented. However, the bulk of the legislation will only commence at a later date, to be proclaimed by the president. As there is a one-year grace period, the POPIA deadline might only be set for the end of 2019 or in 2020.

In the meantime, South Africans are coming under heightened attack from cyber criminals and hackers.

Andrew Chester, MD of Ukuvuma Security, told Fin24 that affected clients or users should immediately alert their banks and cellphone provider. They should also undertake a credit check as well as a Google search to determine whether their personal information is in the public domain.

Liberty email hack

In SMSs to clients on Saturday, financial services company Liberty informed them that its email repository had been breached by a third party trying to demand a “ransom” in exchange for the data.

Liberty has not revealed much about the breach, citing a police investigation. CEO David Munro confirmed that Liberty’s insurance clients were the only ones affected, and that none of its other business had been compromised.

The company said none of its clients have been impacted financially, and that individuals will be personally advised if their information has been affected.

ViewFines licence details

In May the Hawks, the State Security Agency and the Information Regulator said they would probe the breach of personal records of 943 000 South African drivers, allegedly from online traffic fine website ViewFines.

The information reportedly contained the names, identity numbers and email addresses of South African drivers stored on the ViewFines website in plaintext.

The ViewFines website is owned by Aggregated Payment Systems. News24 reported that its operations manager confirmed the company was “implementing security measures immediately” to improve the website after being informed of the breach.

The source of the data was located by Troy Hunt, an Australian security researcher and creator of the free service Have I Been Pwned, which checks whether an individual’s information has been compromised.

Facebook scandal

While Facebook founder and CEO Mark Zuckerberg had to face angry lawmakers in the US and European Union, it was reported that the data breach involving the UK political consultancy affected almost 60 000 South African users.

In May, the Information Commissioner’s Office of the United Kingdom (which regulates Facebook outside the US and Canada) advised the Information Regulator of South Africa that over 87 million people had been affected worldwide.

However, no evidence could be found of South Africans having been targeted, as the majority of users involved were in the US.

Master Deed’s data breach “biggest” digital security threat in SA

Hunt was once again instrumental in revealing what was known as the “biggest” data breach in South African history, together with iAfrikan CEO Tefo Mohapi in October 2017.

Over 60 million South Africans’ personal data, from ID numbers to company directorships, was believed to have been affected.

The information was traced to Jigsaw Holdings, a holding company for several real estate firms including Realty1, ERA and Aida. The information reportedly came from credit bureau agencies, and was used to vet potential clients.

The information trove was found not to have been hacked, as it was stored in an easily accessible manner on an open web server.

Ster-Kinekor’s database compromised

Movie theatre chain Ster-Kinekor was responsible for up to 7 million South Africans falling victim to a data leak in March 2017.

Fin24 reported that Durban developer Matt Cavanagh announced he had discovered a flaw in Ster-Kinekor’s booking website, and that he had reported it to the company.

There were between 6 and 7 million users in the database. Of those, 1.6 million people had email addresses linked to them on the movie theatre chain’s database.

By Harry Pettit for MailOnline 

An ’embarrassing’ leak shows the European Union has fallen short of its own data protection laws.

The European Commission’s website has published 700 records, including the names, addresses and mobile numbers of conference attendees, according to a report.

Officials in Brussels admitted the authority that designed the rules is not itself compliant with the General Data Protection Regulation (GDPR).

The Commission has previously warned that those who breach these rules, which came into force last week, could face millions in fines.

Following the leak, a spokesperson said the authority was exempt from GDPR laws for ‘legal reasons’.

Officials in Brussels will follow a similar set of new laws that ‘mirror’ those laid out in GDPR.

These rules will not enter force until autumn, according to the Telegraph.

The spokesperson added that the Commission is ‘taking and will continue to take all the necessary steps to comply’.

GDPR aims to strengthen and unify data protection for all individuals within the EU, which means cracking down on how companies use and sell user data.

Under GDPR, companies are required to report data breaches within 72 hours, as well as allow customers to export their data and delete it.

Companies scrambled to comply with the rules before they were ratified on May 25 with the Commission threatening hefty fines for those who breached them.

The bureaucracy’s website exposed 700 records that include people’s names, professions, and even some postcodes and addresses.

Officials in Brussels admitted the authority that designed the rules is not itself compliant with the General Data Protection Regulation. GDPR aims to strengthen and unify data protection for all individuals within the EU.

The records, some of which featured the private information of Britons, were collected during EU meetings and conferences and stored on data spreadsheets.

Tech website Indivigital found the documents are among thousands hosted by the website Europa.eu that are freely accessible online.

Many of them could be found by simply searching for the document on Google.

This leak would constitute a breach of GDPR rules were the blunder committed by other organisations or businesses.

What is GDPR?

The General Data Protection Regulation is an EU-wide law that cam into force on May 25 2018.

It gives greater power to regulators to penalise companies who mishandle personal data or are not transparent about how their business uses it.

For consumers, it brings new powers that require firms to obtain clear consent from users before processing their data.

It also grants users a right to easily access the data collected from them and transparency on how it is being used.

Everyday users have to do very little to comply with GDPR – it’s more targeted at big online businesses.

Under the new rules, any company that controls or processes the data of EU citizens must adhere to the GDPR guidelines.

This ends territorial-based accountability used by some firms not based in the EU to previously avoid sanction.

The law also states that notification of a data breach must occur within 72 hours of being first discovered, increasing transparency around leaks.

The weight of fines able to be issued has also increased under GDPR.

Regulators will be able to issue penalties equivalent of up to four per cent of annual global turnover or 20 million euro (£17.5 million) – whichever is greater.

For tech giants such as Google and Facebook, this could mean the risk of fines running into the hundreds of millions.

Fines for such a breach can reach up to £17.5 million ($23 million) or four per cent of global turnover – whichever is largest.

Jon Baines, a data protection expert at law firm Mishcon de Reya, described the ‘irony’ of the EU’s admission.

‘Although the information disclosed here does not appear to be particularly sensitive, it does raise questions about the general level of compliance, and whether any further inadvertent disclosures have been made,’ he told the Telegraph.

Steve Gailey, security expert at database security firm Exabeam, added that the exposure ‘is embarrassing for the EU, coming hot on the heels of GDPR’.

By Scott Duke Kominers for Bloomberg 

How much is your privacy on Facebook worth?

This question has seen renewed attention following the revelation that political analysis firm Cambridge Analytica, hired by the Trump election campaign, gained access to the private information of more than 50 million users. One of the possible responses that’s generated some discussion is the creation of a paid tier that’s free of ads and data sharing. 1 Such an option would likely be socially beneficial and have considerable public appeal. But my guess is that it would be pretty expensive, too.

Let’s start with some rough calculations. Facebook’s annual ad revenue was about $40 billion in 2017, with 2.13 billion monthly active users. That means the average user is worth roughly $20 in ads to Facebook a year. That’s probably already a lot more than many users would pay for privacy on the social network.

But the price also depends on who would choose to pay for greater privacy. And it’s likely that many of the users who would opt for more protection could be worth more than $20 each to the company.

Why’s that? First, the value of keeping your data private increases with the amount of data you provide on the platform; by the same token, the more data you give Facebook, the better it can advertise to you. Similarly, you might find privacy especially valuable if there’s something unusual or unique about you that makes you especially easy to target.

The people who can afford a paid tier are on average wealthier; that too makes them more valuable to advertisers. And some of them already have browser ad blockers, so it’s hard to reach them via other channels.

To make up for those sorts of customers opting out of data sharing, Facebook would have to charge a lot more than the average of $20 just to break even. A back-of-the-envelope estimate based on the Pareto principle — 80 percent of the ad revenue coming from 20 percent of users — suggests that if mostly high-value users purchase privacy, then Facebook would need to charge closer to $80 a year.

That’s much more than even high estimates of the value most people attach to having access to Facebook. And it’s still a substantial underestimate of the likely price. According to Facebook’s annual report, the company’s 239 million North American users are responsible for a bit less than half of ad revenue; applying the Pareto principle to them would suggest annual privacy prices in the range of $325 a person.

If price alone were the question, Facebook might indeed want to charge huge amounts for enhanced privacy. The users who buy out won’t all be the most valuable users, and it would be pretty lucrative if the company could sustainably charge some customers much more for privacy than the annual ad revenue they generate. But that’s unlikely to work out in the long run.

Putting a high price on privacy would make it clear just how much Facebook’s user data is worth. We’d probably see increased calls to share that value by giving users a portion of revenues. The consumer-led drive for increased privacy would likely accelerate, too, prompting a growing number of users to leave the platform (assuming they can’t afford or are unwilling to pay for greater privacy).

A user exodus plus enhanced scrutiny of data practices would quickly eat away at the profits from offering the paid tier, making the whole thing a losing proposition.

Facebook must have run the numbers on this already, using much better information than we have here. The idea of a paid tier isn’t new; if Facebook hasn’t offered such an option, the company probably thinks it would be a money-loser. So if we want Facebook users to have control over how their data is shared, we may need outside pressure. The company isn’t likely to provide the option on its own.

It’s also worth noting that advertising and data sharing don’t have to be completely coupled. Facebook could enhance privacy directly by adopting data protection strategies based on privacy science, as Apple, Google, and the Census have in some of their applications.

Taking back your digital identity

We’re bringing information and devices online at an unprecedented rate, raising one of the fundamental questions of our time: how do we represent ourselves in this digital world that we are creating? And more importantly, how do we secure our identity in a digital world?

We’ve heard about blockchain for currencies and smart contracts, a compelling and crucial application is in securing online identity.

For four billion years, the genetic code has been life’s data store- containing not only instructions for but also the lineage of all terrestrial life. Over the past few hundred thousand years, a new species has emerged, one that is rapidly and inexhaustibly producing huge volumes of data of their own: humans.

A brief history of humanity’s data affair
We have observed the world and made sense of it through language for as long as we’ve existed. Armed with the technologies we developed, we peered inside atoms and learned something about the behaviour of the fundamental particles including electrons and photons that we have found there. Developing capabilities to manipulate collections of these units of electricity and light has led to a series of technological revolutions that has had a fundamental impact on how we store, analyse and communicate information about our world.

The network of networks, the Internet, has evolved over time from a range of contributing developments by mathematicians, scientists and engineers. In each decade from the 1940s inventions included the transistor, the computer, computer networks, remote access to computing power, software and documents, and finally by the mid-1990s, commercial service providers ensured increasingly global connectivity. Near-instant text and audio-visual communication, and the emergence of social media and online services across industries, have vastly transformed our society in a remarkably short space of time.

The benefits of increased connectivity come with the associated risk around how the information that we create, communicate and store can be intercepted, sometimes with malicious intent. Cryptography is the ancient art of achieving confidentiality by transforming a message such that is only intelligible to someone in possession of a key. Since the emergence of the Internet, a multitude of algorithms for data security have been developed, and global standards for encryption protocols provide some level of communications security over our computer networks.
Just months after the financial crash of 2008, the first digital currency to employ cryptography to solve the problem of double-spending without the requirement for a central trusted third party was proposed. That currency was Bitcoin, now valued at over USD 100 billion, and one of over 1000 different crypto-currencies. The technology underlying this decentralised capability is a distributed ledger, or blockchain. Transactions are recorded in blocks that are linked and secured by cryptography, these records are verified and stored across a network making the ledger resistant to modification.

The really interesting part is that blockchain, this combination of capabilities in computing, connectivity and cryptography, has applications not only in the financial world, but in any transactional environment, including for a decentralised personal data management system that ensures users own and control their data.

Ups and downs: the risks of exponential data
As of this year, the digital world’s data content is estimated at billions of terabytes, or zettabytes, 90% of which has been created since 2016. Information is an increasingly valuable commodity, and its acquisition, analysis and trade plays an important role across industries. And with one quarter of the world’s population using Facebook every month in 2017, a lot of this data is personal.

The rise of social media has led to new conceptualisations and discussions around identity, as we build representations of ourselves online. On the other hand, information about ourselves that we did not intend to be shared or distributed is also contributing to our digital profiles. Any organisation with stores of personal data can be hacked, be negligent, or even sell this data to external parties for profit, resulting in outcomes that range from spam to identity theft.

In 2013 and 2014, three billion Yahoo! accounts were hacked in what was the highest-profile digital identity breach at the time. In South Africa, more than 30 million identity numbers and other associated financial information was leaked online only last year. Regulators have been swift in their response: personal data protection regulations such as the European GDPR or South African POPI Act carry severe penalties to companies who act recklessly or even negligently with personal data.

Stunning revelations surrounding Facebook’s sharing of up to 87 million members’ data to a third party in the service of the last US presidential election has caused shockwaves across the world, wiping $100-billion off its market capitalisation and leading some analysts to speculate around fines that could amount to $2-trillion – 100 times larger than the biggest corporate fine in history.

One definition of personal data is an economic asset generated by the identities and behaviours of individuals, and the monetisation potential of its (mis)use is astounding. Services like messaging, search and navigation may appear free to use, but they actually come at a cost: your personal data, or perhaps more aptly called your consumer data. Because as has been said, if you’re not paying, you’re not the customer; you’re the product. The question of how to verify, secure and manage identity and personal data online is more pertinent today than ever before.

The strongest link in the (block)chain
Identification provides a foundation for human rights. An estimated 1.1 billion people worldwide cannot officially prove their identity, and we simply don’t know how many of the world’s more than 200 million migrants, 21.3 million refugees, or 10 million stateless persons have some form of identification. The World Bank estimates that 78% of these unidentified people are from sub-Saharan Africa and Asia.
The recent Blockchain Africa Conference in Johannesburg brought together like-minded innovators. Global Consent, based in Cape Town, is one such local player doing exciting things in the identity space. Consent is developing a blockchain-based trust protocol to independently authenticate identity and selectively exchange personal information. Consent is also the first Sovrin steward in Africa. Sovrin is the world’s first publicly available distributed ledger dedicated to digital identity. The code base of Sovrin is part of the open source Hyperledger project, which is governed by the Linux Foundation and backed by corporates including SAP, IBM, NTT and Intel. The infrastructure for ensuring consensus, security and trust around identity transactions on the Sovrin network is provided by globally distributed stewards like Consent, who independently own and operate nodes on the network.

Blockchain has impressive applications in a transactional environment, in this context enabling individuals to own and control their identities online in a decentralised personal data management system where records are verified and stored across a network making the ledger resistant to modification. Like any network, the strength of a blockchain-enabled personal data management system depends in part on its size. And given the size of the problem of personal identification in Africa, both online and off, we can look forward to ongoing discussion and adoption of technologies like blockchain to meet this challenge going forward.

So … developments in computing, connectivity and cryptography, have resulted in blockchain, the technological confluence of the three, with exciting applications in identification and securing personal data online. However, we live in the physical world, and biometric data will need to support the initial registration of an individual on such a system. A candidate for advanced biometric identity verification is a naturally occurring structure, which could also be the future of data storage, with a remarkable 700 terabyte capacity per gram- the ultimate unique identifier.

This structure is the DNA molecule, and despite significant achievements like determining its structure and sequence, science continues to grapple with the computational complexity of understanding life. The role of large portions of determined sequences remain a complete mystery. Life, and in particular humanity, is arguably the most mysterious phenomenon we have ever encountered, and we have a long way to go in terms of fully understanding ourselves.

One thing we have arrived at is a solution to taking back ownership of our identities in the digital world we are creating, through the compelling application of blockchain in the digital identity space.

By Adriana Marais, Head of Innovation at SAP Africa

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top