All your data is ours, but, but wait, what about privacy?

It started with Gmail as far as I can remember. Google provided 1 GB of space and people thought why not store everything online. As I have already told a zillion times, this is what the single data source concept is all about. And now it is back with a bang, with Google Base.

But a thought struck me today.

How can we rely on people who we don't even know? What is the guarantee that Google will not misuse our data? You might say, “What will Google do with MY data?”, but think again. The world becomes so restricted because of the absence of trust. You are not ready to store your confidential files or your private files in the same place. That 100 billion dollar idea that you wrote last night? Are you ready to store it in an online data-source?

The solution?

It would be better if Google (or anyone for that matter) provides the same service, but it does not know what data we store.

The idea is simple.

Encrypt all data as soon as it is created using some key that depends on the user who created the data. Decrypt it just when you need it. A mediator between the client interface and the server is responsible for the encryption and decryption. The mediator of-course lies on the client side.

And in the world of semantic web services, you can expect companies encrypting all data that they generate. So it is ok if you store your confidential files or the vision document of your company in the same single-data-source that you use to publish your photos to the public! (This seems like a horror story now, but it is perfectly valid.) Accidental leaks will not be a problem.

You don't have to be bothered about whether someone will be accessing that data, or if someone misuses it. All copies made of the document will be a waste as people just cannot make sense of it.

Security features like encryption and digital signatures are going to be a very important piece in technological evolution in the years to come. You can bet on it!

Published by