Having worked in the field of enterprise IT for the past 20 years, my first reaction to “revolutionary new technology” is one of skepticism. Much of the time, these advancements quickly fall by the wayside, never to be heard from again. That said, when I heard that Tim Berners-Lee (aka TimBL) – the inventor of the World Wide Web – recently took a startup out of stealth mode with the intent of “world domination” as it relates to how we use the Internet, even a skeptic like myself must listen.
The startup known as Inrupt claims to “unlock the true promise of the web by decentralizing the power that’s currently centralized in the hands of a few.” Let’s look at the details of Inrupt, as well as potential impact to business that operate on the web.
One of the hottest topics regarding the Internet today is how users should have control over their personal data. As it stands now, technology businesses, including Google, Facebook and Twitter, build much of their revenue stream by collecting, analyzing and monetizing information gathered from users of their “free” services. Now that these users are beginning to understand the extent of that data collection, as well as the risk that comes along with forfeiting their personal info, many are to the point where they feel their privacy has been severely invaded. While governments are beginning to intervene to help protect their citizens, it’s likely not enough.
This is where TimBL and Inrupt comes into play. The concept is quite simple. Instead of submitting your personal data to be collected and maintained various Internet businesses in exchange for using their services, you as the individual manage your own data in what’s known as a personal online data store (POD). Because you have ultimate control over your POD, you can permit or deny access to it. This creates an entirely new level of personal responsibility over a person's data. This control equates to trust. This new level of trust in who can and cannot access personal data would effectively eliminate the backlash we’re witnessing today.
Ultimately, if people can restore their faith in the Web, the potential for continued business growth and innovation can reach entirely new levels. The Web as we know it today is controlled by businesses that don’t have any interest in protecting user data. After all, there’s no profit in it.
That’s why Berners-Lee and Inrupt are so adamant about a complete architecture change relating to how personal data is maintained. By removing the control of personal data from businesses, it frees the user to engage in whatever services they choose without the concern of personal information being stolen due to mishandling – or sold off to the highest bidder. Issues of data breaches, government surveillance and censorship are also dramatically reduced using a decentralized model. For example, Facebook could no longer be accused of playing a factor in politics as they’ve been accused of in the past. The reason for this is because they would no longer control the data used to harvest the type of information needed to target users for the purpose of swaying an election.
Businesses that have built their revenue stream on the free-flow of personal data collection would obviously have to re-work their revenue models. Likely, this would equate to those providers beginning to charge a fee for services that were once free. Yet, for most users, this would be a small price to pay in return for more control over their personal information.
For other businesses that simply interact with users as an online merchant, a decentralized model could simplify things in terms of Payment Card Industry (PCI) compliance rules. By fully segmenting user data – including payment information that would be safely stored in each users POD – businesses will no longer need to collect or store this type of sensitive information. Thus, their risk is reduced to nearly nothing. Payment information will never need to be seen by the online merchant. Instead, the payment would be approved or denied between the POD and bank or credit institution. Thus, for those businesses that spend thousands or millions on verifying that they are PCI compliant, a distributed Web architecture looks very appealing.
While Inrupt, PODs and distributed Web architectures sound appealing – and have the coveted backing of Mr. Berners-Lee -- it still has a long way to go to become mainstream. Internet giants that exist thanks to collection and monetarization our personal data don’t necessarily want to change their thriving business model, and thus will likely fight tooth and nail to keep the status-quo.
Really, this fight is up to individual Internet users that are fed up with their data being sold or stolen repeatedly. If enough people stand up and speak for an alternative, it can mean big things for both individuals and businesses that seek to form trusting relationships with their customers. After all, if the Internet is to make its next evolutionary leap, it’s cruciall that trust is formed between the customer and the businesses they choose to interact with.