Tsaaro Weekly Privacy Newsletter
17th June, 2022
Tsaaro Weekly Privacy Newsletter
17th June, 2022

Data Privacy and Web 3.0

Today, we face a daily reality where organisations regularly gather huge amounts of Users data, and they use this data intending to offer some incentive. Sooner or later, this data is utilised in ways the Users haven’t consented to. Data security has turned into a more noteworthy worry in light of those potentially harmful results in a recent couple of years. 

Users are becoming progressively mindful of the ramifications of their data being shared and used by organisations. Administrators and government officials are similarly bringing up issues about how Users’ data is being utilised. The vast majority of the populace, in any case, actually doesn’t see how important their data genuinely is. However, it is gradually crawling into the structure, holding the system together through issues like polarisation, deception, preference for non-threatening data and other negative impacts.

Accordingly, a few data security laws like GDPR and CCPA have added an extra layer of protection. In any case, they don’t go far to the point of securing User data protection. There is a requirement for many more steps to be taken, and the web should generally change to help a better connection among organisations and Users protection. Today, trend-setters allude to this new, principal change in the biological web system as Web 3.0. Unlike Web 2.0, Web 3.0 empowers an existence where Users can possess and be appropriately made up for their data.

What is Web 3.0?

Web 3.0 – is the new popular expression assuming control over the Internet world. Otherwise called the decentralised web, Web 3.0 is the third form of the Internet, which is an improvement over the current Web 2.0 Internet.

Under Web 2.0, the Internet has become more friendly. Under this stage, Internet users have been urged to interface with one another through person to person communication administrations and sites, prompting the formation of monstrous volumes of information and content.

Be that as it may, this information and substance are generally constrained by the gathering of tech giants including Amazon, Apple, Meta, Microsoft and Google in the current Web 2.0 stage. This creates protection issues, and Users might believe that they have lost their opportunity over their own business or financial information as one needs to acknowledge every one of the agreements to utilise the Internet administrations presented by these organisations.

Web 3.0 is expected to assist with beating this issue as it is relied upon to be a decentralised form of the Internet where individuals have command over their information. The third form of the web will have more straightforwardness and gloat gigantic substance that will be open to all.

How does Web 3.0 ensure a privacy driven future for users?

  • Blockchain innovation. Of course, blockchain is a decentralised innovation that permits no specific individual or gathering to control an environment completely. Instead, all Users, on the whole, can hold control. While there is no single overseeing substance in blockchain, blockchain is a data set with records while algorithmically guaranteeing security and straightforwardness.
  • Extraordinary blockchain structures have genuinely been viewed as the motivation to guarantee that all entertainers, from the people who keep up with the record and power the organisation to the organisations that expand on top of the blockchain, really work decently and straightforwardly. When they don’t, those entertainers can be rebuffed because of the principles of the blockchain or aggregate democratic.
  • Users can, in any case, share their data, yet they will know precisely how it’s utilised. Assuming blockchain is executed appropriately, Users ought to choose when, how and how long to share their data. Users likewise should know precisely the way that it’s used. Assuming an organisation offers Users’ data to an outsider, the Users should realise which organisations it has been provided to. On the off chance that inquiries in Google are utilised to anticipate and show Users a specific advertisement, they should know this as well.
  • Users can renounce the data they share whenever. If users aren’t happy with how their information is utilised or are not generally keen on offering data to a specific organisation, they can preferably be denied.

What does Web 3.0 mean for privacy?

For protection, this exciting modern lifestyle will mean people, undertakings, and machines can impart more data to far more critical security and security. We will never again depend on (or will cooperate in our specific manner with) Big Tech stages with all their intrinsic dangers. Users will possess their data and computerised impression utilising decentralised character advances.

In 2018, the IAPP spread out precisely what Web 3.0 could mean for security and was profoundly hopeful:

We’ll utilise cryptographically tied down computerised personalities to trust finish exchanges that right now expect us to surrender our exceptionally delicate and profoundly significant individual data. We will presently not be the item and return to being the Users.

The Googles of the world will never again control our data, and agitators will be less ready to assault it. In addition, state-run administrations won’t hold our data. All applications, Users and their gadgets will cooperate straightforwardly, and these administrations will put data away in secure decentralised ways. This will mean we’ll see fewer data penetrates that influence enormous quantities of Users and legitimately return data control to individual Users.

What are the major concerns for privacy with the coming of web 3.0?

Protection guidelines may be hindrances, and controllers should unwind issues including:

  • Who is the regulator/processor for decentralised individual data. 
  • Where might the decentralised data be put away – area and locale.
  • Instructions to react to subject access solicitations and which substances are needed to respond to such asks for.
  • Step by step instructions to erase or change individual data on and off the blockchain.
  • Simple to utilise and helpful decentralised applications will be principal for the normal Users.

Top Privacy & Cybersecurity updates of the week

Canada Proposes New Rules to Protect Personal Information

New legislation to give Canadians more control over their personal information will include the steepest corporate fines among Group of Seven nations, according to the country’s industry ministry . The proposed Consumer Privacy Protection Act establishes penalties of C$25 million ($19.4 million), or as much as 5% of global revenue, whichever is greater, for companies that breach privacy rules.  Bill C-27, or the Digital Charter Implementation Act, 2022, that was tabelled by Innovation Minister François-Philippe Champagne in the House of Commons on Thursday, aims to build on the government’s previous attempts to revamp Canada’s private-sector privacy laws. The proposed legislation includes three new sections around consumer privacy protection, personal information and artificial intelligence (AI). It also includes a focus on the protection of children online.

Read More

Canada Proposes New Rules to Protect Personal Information

New legislation to give Canadians more control over their personal information will include the steepest corporate fines among Group of Seven nations, according to the country’s industry ministry . The proposed Consumer Privacy Protection Act establishes penalties of C$25 million ($19.4 million), or as much as 5% of global revenue, whichever is greater, for companies that breach privacy rules.  Bill C-27, or the Digital Charter Implementation Act, 2022, that was tabelled by Innovation Minister François-Philippe Champagne in the House of Commons on Thursday, aims to build on the government’s previous attempts to revamp Canada’s private-sector privacy laws. The proposed legislation includes three new sections around consumer privacy protection, personal information and artificial intelligence (AI). It also includes a focus on the protection of children online.

Read More

Personal data of 2 million leaked in cyberattack on Massachusetts healthcare group

The sensitive information of two million people was accessed during a cyberattack on Shields Health Care Group, a Massachusetts-based healthcare organization that provides services to dozens of hospitals and other medical facilities. The company said the hackers gained access to databases that contained full names, Social Security numbers, dates of birth, home addresses, provider information, diagnosis, billing information, insurance numbers and information, medical record numbers, patient IDs, and other medical or treatment information.

Read more

Personal data of 2 million leaked in cyberattack on Massachusetts healthcare group

The sensitive information of two million people was accessed during a cyberattack on Shields Health Care Group, a Massachusetts-based healthcare organization that provides services to dozens of hospitals and other medical facilities. The company said the hackers gained access to databases that contained full names, Social Security numbers, dates of birth, home addresses, provider information, diagnosis, billing information, insurance numbers and information, medical record numbers, patient IDs, and other medical or treatment information.

Read more

UK Announces Data Reform Bill

The UK government formally announced its intention to introduce a Data Reform Bill. The government stated that the Data Reform Bill would seek to reduce burden on businesses, boost the economy, and help innovation. UK currently operates under the UK version of the GDPR and the Data Protection Act of 2018, which were both put in place prior to Brexit. The UK has obtained an adequacy decision from the European Commission related to its data protection laws that is set to automatically expire in 2025. If the Data Reform Bill makes changes to UK law that are perceived by the EU to lessen data protection standards, renewal of the adequacy decision may be at risk, further complicating the international data transfer landscape.

Read more

UK Announces Data Reform Bill

The UK government formally announced its intention to introduce a Data Reform Bill. The government stated that the Data Reform Bill would seek to reduce burden on businesses, boost the economy, and help innovation. UK currently operates under the UK version of the GDPR and the Data Protection Act of 2018, which were both put in place prior to Brexit. The UK has obtained an adequacy decision from the European Commission related to its data protection laws that is set to automatically expire in 2025. If the Data Reform Bill makes changes to UK law that are perceived by the EU to lessen data protection standards, renewal of the adequacy decision may be at risk, further complicating the international data transfer landscape.

Read more

Hertzbleed vulnerability leaves Intel and AMD chips open to attack

Intel and AMD chips are affected by a newly discovered vulnerability that could allow hackers to remotely access and steal encryption keys. The vulnerability, dubbed Hertzbleed, can be exploited via a power side-channel attack which measures the power consumed by a semiconductor. The researchers discovered that cybercriminals could use a power and thermal management feature included in most modern chips, dynamic voltage and frequency scaling (DVFS), to monitor changes in power consumption of a specific chip. By doing this, hackers can extract secret cryptographic information from the chip, as power consumption changes when processing certain values.

Read more

Hertzbleed vulnerability leaves Intel and AMD chips open to attack

Intel and AMD chips are affected by a newly discovered vulnerability that could allow hackers to remotely access and steal encryption keys. The vulnerability, dubbed Hertzbleed, can be exploited via a power side-channel attack which measures the power consumed by a semiconductor. The researchers discovered that cybercriminals could use a power and thermal management feature included in most modern chips, dynamic voltage and frequency scaling (DVFS), to monitor changes in power consumption of a specific chip. By doing this, hackers can extract secret cryptographic information from the chip, as power consumption changes when processing certain values.

Read more

Microsoft to acquire cyber threat analysis startup Miburo

Microsoft announced that it will acquire Miburo, a small company that helps customers detect and respond to foreign information operations. Microsoft said the acquisition will help the tech giant “expand its threat detection and analysis capabilities to address new cyber-attacks and shed light on the ways in which foreign actors use information operations in conjunction with other cyber-attacks to achieve their objectives.”

Read more

Microsoft to acquire cyber threat analysis startup Miburo

Microsoft announced that it will acquire Miburo, a small company that helps customers detect and respond to foreign information operations. Microsoft said the acquisition will help the tech giant “expand its threat detection and analysis capabilities to address new cyber-attacks and shed light on the ways in which foreign actors use information operations in conjunction with other cyber-attacks to achieve their objectives.”

Read more

WEEKLY PRIVACY NEWSLETTER

Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro