Skip to main content

Biometrics, breaches, and blockchain - The state of data privacy in 2020

(Image credit: Image Credit: Wright Studio / Shutterstock)

In 2020, the penny will drop on the cost of giving away personal data freely

In 2020, the penny will drop on the cost of giving away personal data freely.

It’s easy to think that using connected devices increases our quality of life, by being able to utilise apps such as Snapchat, Instagram or Netflix. However, the misconception is that our lives are better because we are gaining value and not really perceiving the cost. The cost could be direct, such as the average data bill of $24 USDs per month spent on advertising on the mobile phone, to the cost of having our data breached, but what about the cost of having our perspective on the world manipulated? Being quantified as to what we are most likely to buy and the value we are most likely to spend is becoming the norm.

Gartner predicts that online shopping is an addiction. With the increasing availability of consumer data, marketers are able to pinpoint exactly which consumer will buy their product and at what point in the buyer journey. As technology grows more sophisticated, marketers will be able to more accurately predict what consumers want, how to price products and where to position them.

But this comes at a price. As consumers purchase more products they don’t need and can’t afford, businesses will need to take responsibility to warn potential buyers, similar to how U.S. casinos must promote responsible gambling. Businesses may also see increased pressure by governments and consumer groups to take responsibility for exploitative or irresponsible practices.

We will see a major a biometric breach in 2020

The implications of a breach of raw biometric data fall into two categories, those that affect the data subject and those that affect the organisation depending on biometrics as a proof of identity.

The authentication processes reliant on the use of passwords or answering random personal questions is flawed thanks to the nature of human beings, the ease of global data access and the current world of over sharing.  In response to these shortfalls more and more services are reliant on biometric data as proof of identity. This is a new technology for many sectors and therefore lacks the maturity that eradicates a great deal of the potential exploits. This means that buyers of raw biometric data on the Dark Web will be able to gain access to poorly implemented systems and in addition the lack of understanding by the operators will also make it extremely hard for the data subject to prove it was a bad actor. This will make cases of biometric identity theft both protracted and costly to both parties. Biometric identity theft has the added disadvantage that unlike passwords, biometric data cannot readily be changed and therefore once out in the wild, will be extremely difficult to regain control of.

Regulations such as the GDPR are being reviewed to help ensure organisations fully understand the implications of capturing, storing and using biometric information. Breaches will be classified as placing the data subject at risk and therefore requires far more measures in place around the handling of such information, including consent and justification.

Blockchain will mature as a viable method of authentication and privacy protection

Initially created to solve the problem of immutable truth and years later utilised to keep track of cryptocurrency transactions, Blockchain has evolved. New Blockchain use cases have spread throughout numerous industries including financial services, healthcare, transportation, consumer and industrial products and the public sector. In 2020 governments around the world will explore the use of Blockchain further – to better manage the transfer of data between departments.  There is excitement around Blockchain and what can be achieved and with new compliance requirements such as GDPR and PSD2 SCA, if used correctly it could be of real value when tackling data privacy issues.

Instant messaging and social media will emerge as a primary entry point for cyberattacks

In 2020, it’s going to be really hard to make a dent in this unwanted crown and email will continue to remain the number one exploit of choice. However, social media and social identities will emerge as an entry point that will have the potential to cause far more damage than email phishing. With social media applications deployed on several devices, hackers are able to infiltrate much faster and through a variety of entry points, making it even more difficult for individuals and businesses to control and secure what and where these apps are deployed, and how they’re used. This makes it a nearly impossible task to understand each solution’s exploits and associated risks. As a result, this year we will see Instant messaging and social media messaging attracting the same – if not more – attention from hackers that we see today with email.

Email tops the charts by a hefty margin in its prolific use as a cyberthreat entry point. Reason being, email is not a secure platform and email applications have become extremely intertwined with everything we do. Additionally, human activity and the tendency to trust messages from people we know has kept email at the top of the list entry point for hackers.

Colin Truran, Principal technology strategist, Quest

Colin Truran
Colin Truran is a principal technology strategist at Quest who functions as the EMEA virtual chief technology officer. His areas of expertise include IT strategy, pre-sales consultancy, professional services, solution architecture, cloud, SaaS, programming and GDPR strategy.