There’s an elephant in the room. It’s data intermediaries. These intermediaries, or middlemen, are the mediator between those who make their data available (you), and those who want to leverage that data for profit (companies). They govern your data, chop it up into data sets, and sell it or make it accessible, all while convincing you that they can be confidently trusted to take care of that data. Of course, you wouldn’t just give anyone your personal data, so there needs to be an exchange of services. Some data intermediaries you’ve likely already given your information to include Google, Facebook, Instagram, Tinder, Uber, Strava, PayPal and WhatsApp. That’s just scratching the surface.
The more you think about how many online services and apps hold your personal data, the more you consider how much of the advertising you see has been tailored specifically to you. The traditional Web 2.0 exchange of your data in exchange for access to digital services has often unknowingly turned the consumer into a marketable product. Let it not be forgotten that the collection of your data goes beyond your details and behaviour, but also includes information from facial recognition and voice messaging.
Intermediary data isn’t always used honestly either. Fraudsters use legitimate datasets gathered from the big social, marketing and ecommerce platforms to correlate the sets of data stolen by hackers and sold on the dark web. That allows them for example to know they have the right address for you from the location data on the cat pictures you post publicly to instagram. Our data is valuable and often nowhere near as benign as we think when it’s in the hands of a bad actor.
Web3 isn’t happy about the old deal, and for good reason. We’re seeing disruptions that change the role of data intermediaries and put the power and control back into the hands of the user in the form of things like data unions and Self Sovereign ID. But like the platforms of Web2.0 these things are still still too siloed. Real control needs further change.
The Current Asymmetrical Face of Data
For those unfamiliar with the concept of data asymmetry, in layman’s terms this is where there is a data accessibility disparity between two entities. Essentially, the steward of the data is able to unlock more value than the contributor. The lack of fairness in this exchange is a key concern for Web3 developers.
Here’s an example. You use Google Maps for directions and location services to get from point A to point B. So do many of the other cars around you. Google now knows how many cars are in the area, how bad the traffic is, and where you are all going. Aggregated over time, this data shows them when traffic surges, where the biggest bottlenecks are, and the general flow of cars at different times of the day. Google now has a lot of aggregated data that they can sell to third parties, typically for marketing and advertising purposes.
As we become more aware of how our data is collected and sold, for many of us, the result is frustration. Why are we not profiting and being rewarded? Is access to a service a fair exchange? Web3 says it isn’t. Web3 is decentralising data so that a world in which organisations no longer buy and sell aggregated data becomes a reality. Instead, for access to your information, they’ll pay you directly.
When the data and services exchange becomes equal and both parties receive a balance of value, we will have achieved data symmetry. This is one of the goals of Web3. Paul Mitchell, Senior Director of Technology Policy at Microsoft, who predicted the future of data symmetry (pre-Web3) back in 2014, said “Data-driven economies are reliant on a dependable supply of data to be sustainable. The current imbalance between the amount of data about individuals held by or accessible to institutions, and the inability of those same individuals to control the use of that data has created an asymmetry of power, resulting in a crisis of trust.”
What Does a World of Data Without Intermediaries Look Like?
Perhaps the best way to explore this potential future is by looking through the lens of Self. This anti-fraud solution looks to tackle the problems caused by how we handle data today by giving control of identifiable data back to the user and making personal data and communication part of identity.
Self makes no secret of its position on the mismanagement of data in Web 2.0, and is effectively solving it with every new user and business that joins its service. The cost of data fraud and cybercrime globally was over $6 trillion in 2021, most of which is an avoidable cost for both people and organisations. By connecting with their customers through Self, companies can get access to verified information without having to collect it. This protects the users personal data while allowing companies to process user data without it containing personal information. Why gather data, store it and rely on it even if it’s not accurate when you don’t need to. Self sees today's data middlemen as the data partners of the future. Tailoring advertising and marketing more effectively and being useful not just to the companies, but to the consumer.
Self’s messaging system is another revelation. We’ve seen that Telegram and Signal could win millions of users simply by encrypting communications and stopping data from being collected, but Self goes beyond that. As well as end-to-end encryption between the two parties in a chat or call, both participants need to be fully verified. With Telegram or Signal, an encrypted chat can’t stop you from being scammed, but with Self, it can. As you build up your verified contact list, you build a genuine network of people and businesses that you don’t need to trust blindly, you have the knowledge that they are who they say they are. Even if it’s someone you don’t know personally like an employee at your bank.
The Single Digital Identity
Identity is about more than the documents and accounts conferred upon us by governments and companies. Our identities online encompass our voices - what we say and write, our data, everything about us and what we do and our credentials, everything from passports to degrees and employment references. That vision of identity lends itself to a single digital identity, just as we have a single identity in real life. The elements discussed above, including taking control of our data, securing and distributing communications, and creating a web of trusted connections all also lead towards that single digital identity.
Right now, each time you want to join a website, you either have to type in your personal data, or make a sign-up connection with Google, Facebook, or Apple (to name but a few). The latter is certainly easier, but it does mean contributing even more data to these mega-middlemen. When you consider that the average person visits around 100 websites per day, this is a lot of data being given away, and it’s not just your credentials, it's your behavioural data too. How you use a website, where you click, how long you spend on a page, and whether you are all collected and used.
Alongside website use, we must bring apps into the equation. On average, Smartphone users have 40 apps downloaded (not including pre-installed) and cycle through about 18 of them on a daily basis. Your interactions with these apps are tracked for behavioural data too, and in many of these apps, you give away heaps of identifiable personal information. Strava, Uber and Google Maps give location information, Tinder, Bumble and Grindr reveal personality and dating habits, while PayPal, Venmo, and Zelle all show your spending habits and more.
For all of these websites and all of these apps, which can number into the hundreds for some users, the data exchange is hugely imbalanced, you have many passwords to remember (or even worse, you are using the same one for all of them), and you are easily identifiable. The single digital identity, such as that envisioned by Self, will eventually allow you to bring everything into an app representing you, where you control your data and what is shared. Even better, in time you will be rewarded financially for allowing companies to use your data, or market to you. Data aggregation platforms that profit from collecting your data will even stand to benefit, because they can operate more freely on anonymous data, allowing their clients to serve customers more effectively while protecting their personal data
Verdict: It’s Time to Put Users in Control.
Data gets old really fast. Simple changes like replacing personal information in company records with anonymised identifiers very quickly breaks down the fraudsters model. Creating symmetrical relationships between companies and users builds stronger trust and removes the role of the company as a provider of identity in its relationships with its users. Both changes lead to a much-needed single digital identity, but they come with unique challenges. Convincing businesses that they can be more profitable and successful while protecting their customers will be key to achieving mass adoption.