Why metadata should not live forever

Why metadata should not live forever

Why metadata should not live forever

The global surge in encrypted traffic and a wide adoption of end-to-end encryption by mainstream tech companies is a transformative shift in information security worth celebrating. Billions of online users now enjoy default peer-to-peer security, shielding the content of web communications from prying eyes of criminals and corporate surveillance.

Yet the industry continues to collect and store massive amounts of metadata associated with every digital transaction — conversations, purchases, data transfers. These extensive historical accounts of personal or business activities live forever, and are shared and analyzed outside of user control, becoming a breeding ground for the next wave of cyber risks at all levels — reputational, financial and national security.

We have been led to believe that metadata — or rather, activity logs — is nothing to worry about; it’s only the content that matters. This may have been true a couple of decades ago when the frequency of digital communications between people and systems was minimal and storage prohibitively expensive. Today, metadata collection and mining has become an industry of its own — accumulating and matching information across countless databases to produce detailed records of everyone’s activities and associations. The goals range from targeting users with relevant advertising to behavioral pattern recognition to aimless harvesting of records for yet unknown future use.

Read Also:
The Best Entrepreneurs Think Globally, Not Just Digitally

Every technology and service we use — from banking to communications to transport — combined with the massive visual surveillance we encounter daily generate a historically unprecedented amount of information about our whereabouts, mapping out countless connections between people, businesses, locations and things.

In practical terms, the depth and the historic nature of metadata collection would be similar to having someone follow you around 24/7 — online or offline — recording everything you do and who you do it with, only stopping short of listening to your conversations. This is clearly contrary to the dominating public narrative: metadata alone cannot be used to infer specific sensitive details about you.

With the Internet of Things bringing billions of new devices online in the next few years — from cars to smart homes to public utilities and healthcare systems — even more metadata will be fed into the global commercial databases, adding yet another rich and often unprotected layer of information about organizations, individuals and nations.

Today’s corporate data collection, particularly of metadata, is easy and cheap, and it often occurs without meaningful user input and proper informed consent. Most people don’t know where their personal or business activity logs reside and for how long, how they are shared, what conclusions are derived from this data and how it may impact their personal lives or business prospects.

Read Also:
Cloud Stampede Is On, But Who's Watching Security?

 



Big Data Innovation Summit London

30
Mar
2017
Big Data Innovation Summit London

$200 off with code DATA200

Read Also:
Does your company need an innovation lab?

Data Innovation Summit 2017

30
Mar
2017
Data Innovation Summit 2017

30% off with code 7wData

Read Also:
How to combat financial fraud by using big data?

Enterprise Data World 2017

2
Apr
2017
Enterprise Data World 2017

$200 off with code 7WDATA

Read Also:
These Healthcare Data Companies Earn Millions by Making Employees Healthier, Saving Their Employers Boatloads of Money

Data Visualisation Summit San Francisco

19
Apr
2017
Data Visualisation Summit San Francisco

$200 off with code DATA200

Read Also:
Why We Should Design Smart Cities for Getting Lost

Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
How data science fights modern insider threats

Leave a Reply

Your email address will not be published. Required fields are marked *