Lessig: Future Tech Will Help Privacy Catch Up With the Internet

An anonymous reader writes: In a new interview, Harvard law professor Lawrence Lessig shared his view of the future of privacy in this age of data breaches. "The average cost per user of a data breach is now $240 — think of businesses looking at that cost and saying, 'What if I can find a way to not hold that data, but the value of that data?' When we do that, our concept of privacy will be different. Our concept so far is that we should give people control over copies of data. In the future, we will not worry about copies of data, but using data." Lessig sees new technological advancements as the key to shoring up our privacy, which has been eroding since the dawn of the internet. Being able to act on data without holding it is key: "If I ping a service, and it tells me someone is over 18, I don't need to hold that fact. The level of security I have to apply [is not] the same [that] would be required if I was holding all of this data on my servers. This will radically change the burden of security that people will have."

Over 18?

[U2xhc2hkb3QgU3Vja3M]

If I ping a service, and it tells me someone is over 18, I don't need to hold that fact.

Lessig: do you mean a website like www.is-she-legal-yet.com ?

Re:Data will still be copied.

[zAPPzAPP]

But that is exactly the point the article makes:
Holding (sensible) data also comes with a cost. Securing the data has a cost and a risk attached to it.

If the cost of 'pinging' is lower than that, then the idea may hold true.

If.

And this of would require standards so that these data accesses can smoothly run in the background between all parties.

he's missing the point, entirely

[dltaylor]

The cost of breaches is never going to be enough to offset the value of having the data, any more than the cost of insurance and lawsuits has offset the value of dangerous (to employees, nearby residences, ...) workplaces and operations caused companies to be extra careful. It's just perceived as a cost of doing business.

Only when executives and board members do long hard prison sentences for data breaches will they ever give up collecting every scrap of data they can acquire.

Re:$240

[GuB-42]

I think the solution is more insurance-like : when a company asks for personal data, a damage clause must be present on the contract, repaying $xxx in case of a data leak. Like when you send a package and get a certain amount of money back if the package is lost.
The advantage is that it will open an insurance business, and insurances are much better at dealing with security than the legal system. The idea would be like with physical security : you open a warehouse, you promise your clients you will pay them back if their stuff is stolen, you then contact an insurance company to deal with this case, the insurance company will mandate security measures (alarm, high security locks, etc...)

Re:Funny How A Few Short Months Change Perceptions

[phantomfive]

I used to read "Lessig" and think, "right, he's that often clever crypto-tech guy."

Lessig is a Harvard law professor, maybe you confused him with Bruce Schneier? Both are great people, and Lessig volunteers to help the FSF. He clearly doesn't understand how to do legal activism, though (some might say that Harvard people in general are out of touch with the world).