Moving fast and breaking things cost us our privacy and security | techcrunch


Moving fast and breaking things cost us our privacy and security | techcrunch

Play all audios:


Over the years, I’ve had a front-row seat to the future of technology. In my role at Y Combinator as director of admissions, I saw hundreds of startup pitches. Many shared a particular


attribute: They followed the path of quickly growing users and monetizing the data extracted from the user. As time went on, I began to see the full picture of what our technologies were


creating: A “Minority Report” world where our every move is tracked and monetized. Some companies, like Facebook, lived by the mantra “move fast, break things.” Not only did they break


things, they failed us by propagating disinformation and propaganda that, ultimately, cost some people their lives. And that happened because of a growth-at-all-costs mindset. Some of the


biggest consumer-facing Silicon Valley companies in the 21st century flourished by using data to sell ads with little or no consideration for user privacy or security. We have some of the


brightest minds in technology; if we really wanted to, we could change things so that, at the very least, people wouldn’t have to worry about privacy and the security of their information.


We could move toward a model where people have more control over their own data and where Silicon Valley explores innovations in privacy and data security. While there are multiple long-term


approaches and potential new business models to explore, there are ways to approach a privacy-first mindset in the near term. Here are a couple of ways to start moving toward a future in


which people can have control over their data. WORKPLACE APPLICATIONS SHOULD LEAD THE CHARGE IN ENABLING MORE SECURE IDENTITY TECHNOLOGIES We need to approach technology by consciously


designing a future where technology works for humans, businesses and society in a secure and ethical way. Approaching technological growth without understanding or considering the


consequences has eroded trust in Silicon Valley. We must do better — and we can start in the workplace by better protecting personal data through self-sovereign identity, an approach that


gives people control and ownership over their digital identity. Using the workplace as a starting point for better privacy and security of people’s digital identities makes sense because


many technologies that have been widely adopted — think personal computers, the internet, mobile phones and email — started out in the workplace before they became household technologies,


thereby inheriting the foundational principles. With a return to office life on the horizon, there’s no better time than now to reexamine how we might adopt new practices in our workplaces.


So how would employers do this? For starters, they can use the return to office as an impetus for contactless access and digital IDs, which protect against physical and digital data


breaches, the latter of which are becoming more common. Employees could enter offices through their digital IDs, or tokenized IDs, which are stored securely on their phones. They will no


longer need to use plastic cards with their personal information and photo imprinted on them, which are easy to fake or duplicate, improving security for both the employer and employee.


Contactless access isn’t a big leap nowadays, either. The pandemic primed us for digital identification — because the use of contactless payment accelerated due to COVID, the change to


contactless ID will be seamless for many. INVEST IN CRITICAL PRIVACY-CENTRIC INFRASTRUCTURE Tokenized identification puts the power in the user’s hands. This is crucial not just for


workplace access and identity, but for a host of other, even more important reasons. Tokenized digital IDs are encrypted and can only be used once, making it nearly impossible for anyone to


view the data included in the digital ID should the system be breached. It’s like Signal, but for your digital IDs. As even more sophisticated technologies roll out, more personal data will


be produced (and that means more data is vulnerable). It’s not just our driver’s licenses, credit cards or Social Security numbers we must worry about. Our biometrics and personal


health-related data, like our medical records, are increasingly online and accessed for verification purposes. Encrypted digital IDs are incredibly important because of the prevalence of


hacking and identity theft. Without tokenized digital IDs, we are all vulnerable. We saw what happened with the Colonial Pipeline ransomware attack recently. It crippled a large portion of


the U.S. pipeline system for weeks, showing that critical parts of our infrastructure are extremely vulnerable to breaches. Ultimately, we need to think about making technology that serves


humanity, not vice versa. We also need to ask ourselves if the technology we create is beneficial not just to the user, but to society in general. One way to build technology that better


serves humanity is to ensure that it protects users and their values. Self-sovereign identity will be key in our future as other technologies arise. Among other things, we will see our


digital wallets house far more than just credit cards, making the need for secure digital IDs more critical. Most importantly, people and companies just need control over their own data,


period. Given the broader general awareness of privacy and security in recent years, employers must take the threat of personal-data vulnerability seriously and lead the way in


self-sovereign identity. Through the initial step of contactless access and digital IDs in the workplace, we can begin to inch closer toward a more secure future, at least in terms of our


own data and identity. > 3 adtech and martech VCs see major opportunities in privacy and > compliance