AXEL.org

Blog

Why Data Breaches are so Damaging and how the Law has Failed Consumers

Very few times in history have a group of people sat down with the purpose of writing a set of new laws to improve society. Instead, what usually happens is that laws are written to solve specific problems. This leads to a litany of laws piling up over the decades. While it could always be debated how effective a particular law might be at accomplishing its goal, the rapid pace of technological advancement over the past 20 years – especially as compared to the pace of the lawmaking process – has introduced new challenges as laws become quickly outdated, sometimes even by the time they take effect.

The results of this are acutely apparent in the cross-section between the fields of cybersecurity and consumer protection, namely data breaches.

The magnanimity of consumer protection laws in the United States were written for a society concerned with immediate product safety and compensation for resulting injuries, not for the nebulous and incalculable injuries that may be sustained by potential millions when private records are exposed.

Why are data breaches so damaging?

The unique problem of data breaches stems from the fact that the breach of privacy carries in of itself no specific harm. Instead, it is the later misuse of information that has been breached that may lead to ensuing harm. However, with data breaches occurring on a near-daily basis, the causality of specific financial or reputational damage is nigh impossible to link to a single breach causally; with our laws written around the concept of calculable damages being the source of justified remuneration, we are left constantly and increasingly victimized but unable to seek just compensation.

Some would argue that even more problematic is the irreparable nature of many of the most severe data breaches. Once a name and social security number are leaked, that identity is permanently and irreversibly at risk for being used fraudulently. While one could always apply for a new social security number, the Social Security Administration is extremely reluctant to issue new identities, and while that is a debate for another time, it goes to show just how difficult it can be to recover from a breach. Victims are permanently marred and at increased risk for future injuries resulting from a single breach, no matter how much time has passed.

Because of the damage resulting from a data breach being so far removed temporally and causally from the actual breach itself, adequate compensation is rarely won, if it is even sought. Was it the Equifax breach, the MoviePass breach, or one of the innumerable other breaches this year that resulted in your identity being stolen and used to take out fraudulent loans a decade from now?

Moreover, even if you should find that it was MoviePass’ negligence that leads to your identity being stolen, what compensation can you seek from a company that has been defunct for years? Our laws were not written to address these issues adequately. Our legal system often does not ponder questions of uncertainty and possibility, and that’s the perfect summary of what victims face in the aftermath of a breach; uncertainty and possibilities.

For all the uncertainty victims face, the solutions going forward as a country are equally opaque.

It would be easy to write some draconian law to punish companies for exposing private data, but as is often the case, that could have unintended consequences, such as pushing data overseas where even looser security and weaker privacy laws may exacerbate the problem. Instead, it’s going to take a significant shift in our collective-consciousness over how data is handled.

Laws written for managing telecommunications and transmissions in that era are being used to handle complex cybersecurity and data privacy cases.

This can’t come just from one party though; companies need to seriously consider what data they need to collect, and what information needs to be retained on a long-term basis. Consumers have to take ownership of their data and demand a higher quality of service from corporations and governments over how their data is collected and used.

As a whole, we must recognize the value of data, and the dangers we expose ourselves to by collecting it (and why it might even be best to not collect data at all in many circumstances).

Just like holding valuables such as gold and art entails a security risk, so too does data. If people started treating data like the digital gold it really is, maybe then we could all come together to work out a solution.

But until then, I’ll be keeping my data to myself.

Projects We Love: PrivacyWall

This is part of our series highlighting startups who share our mission of trying to bring data privacy back to users.

You’ve had a rough week, maybe it’s a relationship or health problem, but either way, you’re feeling down. Fortunately, your family is there for you, and reach out to console you through a few private messages on social media.

Mom: “I know it’s expensive, I’m sorry your health care doesn’t cover it, we’ll do what we can to help you pay.”

Dad: “Don’t worry sport, she’s just going through a phase, I’m sure you guys will work through it.”

Friend: “Hey man, let’s meet up for a drink this weekend, cheer up!”

After reading your messages, you lay down in bed to rest and start scrolling through social media to pass the time until you fall asleep, and you’re astounded by what you find.

Ads.

But not just the usual ads for food, or some new tech gadget.

“Lower your healthcare costs now! Save 20% off market rate plans!”

“Relationship trouble? Local family counseling is available!”

“Cheapest beer in town, and half-price shots on Fridays!”

Maybe it’s just coincidence, or maybe every single thing you say or do online is being tracked and sold to advertisers… That “free” social media website has to make money somehow.

And that’s where PrivacyWall comes in- a startup that is returning data privacy and security to users. By blocking unwanted data collection by everyone from Facebook to Google, PrivacyWall puts you back in the driver’s seat.

Why PrivacyWall?

Every website you visit, every search you type in, every message you send and photo you post, it’s all tracked, recorded, and monitored. PrivacyWall is the “off” switch we’ve been waiting for.

By blocking over 3,000+ trackers from many of the largest tech companies in the world you can once again browse the internet without fear of being tracked like the target of a CIA investigation. We expect privacy in our homes, and we should get the same treatment on the internet.

PrivacyWall even blocks Facebook Connect from building a shadow profile of your online activity when you are not on Facebook. If you didn’t know, that convenient “log-in with Facebook” turns that account you just signed up for into another data collection point for Facebook to build a profile on you.

If you didn’t know that, you aren’t alone. And that’s exactly why PrivacyWall blocks threats you don’t even know about yet. Because you shouldn’t have to become a security expert and worry about your private information being leaked just because you used Facebook to sign-up for a food delivery app, or a dating site, or anything.

You deserve privacy, and PrivacyWall is a step towards a more private world.

How Artificial Intelligence is Shaping the Future of Cybersecurity

This article is a guest post by Maddie Davis, co-founder of Enlightened Digital.

The threat of a cyberattack in today’s world reaches far beyond just enterprise level companies. Government systems, small and large businesses, educational institutions and non-profit organizations are all targets for the vicious hackers of the dark web. Moving forward, the advancement of technology will contribute to changes in both attack methods and defense mechanisms of cybersecurity. Artificial intelligence (AI), in particular, is currently viewed as a leading technology in this transformation. AI’s capabilities carry significant advantages. As AI-enthusiast, Mark Hurd has stated, “the advantage of AI not only is that it constantly learns, but it also never forgets.” We’re taking a look at how AI will use this advantage, among others, to shape the future of cybersecurity.

AI-powered security

An AI-powered defense system is no longer just a possible option for businesses today, but a necessity, considering the threat of AI-fueld cyber attacks. As attackers become more vigilant about their techniques and more vicious in their invasions, organizations must step up their defence in retaliation. Moving forward, AI will play a large role in how cybercrimes are both prevented and dealt with. As Executive Director of NCSA (National Cybersecurity Alliance, Kevin Coleman puts it, “this new era in tech and cybersecurity is driven by prediction, detection and rapid response.”

Attack detection

Using machine learning algorithms, AI will be able to improve a victim’s ability to detect potential threats. Every user within a given system can be tracked and monitored based on their individual roles, allowances and common behaviors, so any deviation from the standard can be flagged to prompt a second form of authentication. Password protection can also be improved. AI can monitor how individuals enter their passwords, which characters are used and the length of passwords to better identify and rectify poor practices. Moving forward, the hope is that AI will ultimately transform the current password model with something more advanced and secure.

Natural language processing (NLP)

AI’s natural language capabilities are expected to significantly improve cybersecurity efforts through better attack identification and reaction. Armorblox’s natural language understanding platform for example, uses NLP to more accurately inspect text content of everything within an organization’s system. This technology enables companies to detect threats regardless of whether or not they contain links or file attachments and provides heightened visibility of all communication and data transferring across an organization. As Armorblo explains it there are three main offerings of the platform that can improve cybersecurity

  1. A natural language engine that derives new insights from enterprise communications and data.
  2. Automated policy recommendations through learning what is important for the organization.
  3. An alert remediation framework that distributes context-sensitive alerts to the relevant users, saving time for the security team.

AI-powered attacks

The level of sophistication in modern cybercrime is continuously increasing. Both cyber criminals and their attacks are equipped with more advanced technology than we, as a society, have ever combated before. Artificial intelligence, specifically, is contributing to frightening new malware that goes beyond the level of attacks we’ve traditionally seen from computer algorithms without the help of AI. 

There are numerous new threats to consider for businesses and individuals alike now that hackers are armed with machine learning technology. According to an article by Towards Data Science, there are essentially five ways machine learning can be used for potential attacks.

  1. Information gathering: AI can analyze vast amounts of data quickly.
  2. Impersonation: Self-learning AI can accurately imitate human communications.
  3. Unauthorized access: AI is adaptable to new environments, enabling easier access to secured systems.
  4. Attack: Malware and DDoS attacks can be made more scalable and harder to detect.
  5. Automation: AI botnets are capable of automating various aspects of an attack. 

The main function of machine learning is its ability to continuously learn and adapt. In terms of cyber crime, this ability presents an advantage to attackers. Self-learning AI could potentially lead to scalable attacks that can adapt to victims’ changing environments and modify itself to compromise each unique system it encounters. This agility may also make it more difficult for IT teams to detect intruders.

Artificial intelligence in the world of cybersecurity is seemingly both friend and foe. In the right hands, technology is the key to better detection and faster incident response. In the wrong hands, it can be the conductor of devastating attacks. Moving forward, we can certainly expect to see continuous AI advancement and implementation in the future of cybersecurity.

Maddie Davis is the co-founder of Enlightened Digital and self-described tech-obsessed female from the Big Apple who lives by building and redesigning websites, running marathons, and reading anything and everything on the NYT Best Sellers list.

You can read more great content from Maddie and her team right now on Enlightened Digital’s website.

Q&A With The Developers Of AXEL IPFS

Q&A With The Developers Of AXEL IPFS

We sat down with AXEL’s development team to discuss their AXEL IPFS Pinning Facility.

Q: What inspired you to develop AXEL IPFS?

The next evolution of computing is distributed. IPFS or something very similar is going to be the basis of distributed storage. The AXEL IPFS integration into our ecosystem has given us a worldwide public distributed storage system to build practically anything on top of including AXEL IPFS Pinning, AXEL IPFS Search, and many other services to come. AXEL is building a very strong foundation in distributed storage and will be a leader in the next evolution of Web 3.0!

Q: What excites you the most about AXEL IPFS?

AXEL IPFS will allow our users to immediately and securely distribute their data around the world for personal or business use. AXEL will be fostering the movement from centralized to decentralized computing and AXEL IPFS is the start of the process. For AXEL users, they can share files or even distribute website information with IPFS. It is very exciting to bring Web 3.0 technology to the masses. AXEL has made it super easy to use, which is very important when you want to increase the adoption of complex technologies like IPFS.

Q: Do you see a future for IPFS and what industries will adopt it first?

Web 3.0 will be distributed. IPFS seems likely to be a core technology of Web 3.0 and the distributed Internet. Right now archivists, service providers, researchers, developers, and content creators have begun to adopt IPFS to address many problems caused by centralized computing. IPFS also addresses many issues around high-latency networks found in developing countries. Even NASA is using similar systems to address the high-latency involved in space communications. So there is a lot going on in this field. With that said, though, it is still very new. AXEL is bringing this technology to users today by making it secure and easy to use so anyone can take advantage. I think it will be interesting to see how IPFS develops and is integrated into more and more consumer products. 

Q: What industries will IPFS be the death blow for? Is there a future for cybersecurity in a distributed web?

I do not think we are talking extinction but evolution. Current centralized systems will evolve into decentralized/distributed systems as users demand the flexibility, security, and efficiency of decentralized/distributed systems. The only companies that will go extinct are those that fail to evolve or evolve without taking into account customer needs. And as far as cybersecurity goes, as long as we use computers and the human condition remains as it is, cybersecurity will also be a lucrative and in-demand career.

Q: How much will AXEL IPFS cost to use?

The IPFS is the backbone for our private, secure file-sharing and cloud storage platform; AXEL Go. You can sign up for a free Basic account and receive 2GB of online storage and enough network fuel for hundreds of typical shares. Power users or enterprise customers have a choice of pricing tiers to accommodate their specific needs. 

Q: Is IPFS the death of HTTP?

In the computer industry, protocols die hard. As much as we want to criticize the problems with centralized computing, it has provided one of the greatest revolutions in mankind’s history. Never before have so many had access to almost the entire world’s knowledge. Individuals and entrepreneurs have tapped into this knowledge to develop some incredibly cool tech over these past 20 years. So, HTTP has been a great success, and it will not disappear quickly. But as 5G becomes more prevalent and developing countries increase their demand for data, decentralized and distributed technologies will be selected as the protocol over HTTP. It is also interesting to note that Tim Berners-Lee who created the HTTP protocol and the World Wide Web is now working on the next distributed/decentralized protocol. It is one of the greatest qualities of humans, we never stop creating.

Q: Do you have any concerns that content on IPFS can’t be removed or censored?

Yes, absolutely. There are clearly certain types of information that are not suited for publication anywhere at any time, such as child pornography or sex trafficking. Universally, this type of abhorrent information has no place on IPFS or anywhere else on the internet for that matter. When it is so universal and clear-cut like this, AXEL will do everything in its power to prevent this content from being listed on IPFS.

Q: What was the most challenging aspect of developing AXEL IPFS?

The IPFS is still actively being developed and there are always difficulties with anything new and in-development. But otherwise, I have been developing technology for over 30 years and with that experience, you learn how to be diligent and get it done the right way.

Q: What does AXEL IPFS do that sets it apart from any other IPFS platform?

We believe our IPFS integration is the most easy-to-use, intuitive solution on the market. In the past, IPFS pinning required extensive technical knowledge or expensive third party services. We’ve eliminated both barriers and made utilizing this decentralized technology simple and affordable. For instance, with AXEL Go, the process isn’t any more complicated than using other popular cloud storage and sharing applications. And it doesn’t get much more affordable than a free Basic account! 

Q: How can someone help or participate in the project?

Join us on Discord or Telegram and get involved. Telegram has a lot of great community activity and Discord is where the Devs hang out. Come chat with us! There are so many ways to get involved, ask any of the channel admins and they’d be happy to help!

The Distributed Future

According to Blade Runner, we only have 7 months left for the invention of sentient androids, but that seems unlikely at this point (I’m still hoping though). And we’re already four years late for Back to the Future’s flying cars and hover-boards. 

Looking back, all of these predictions seem a little bit silly in comparison to how fast technology has actually progressed. We don’t have androids, we don’t have flying cars, we don’t even have a printer that works without having to beg and plead for it to just print your document correctly for once. Physical tech has lagged behind our predictions. No matter how hard we work, there’s only so efficient you can make a chemical process, like the one that powers the batteries any of this tech would require. 

But what hasn’t slowed down… is digital technology. Smaller, lighter, and faster than anybody ever imagined even 30 years ago. Look at Blade Runner, they had sentient androids and still worked with magnetic tape recordings for data storage, not exactly a great prediction there Ridley Scott… 

The computing power in your cell phone dwarfs even the most advanced supercomputer of the early 1990s. And it doesn’t take up an entire warehouse and enough power to run a small town. And all you use it for is to watch cat videos on Youtube… really? 

So in a world where we’re all carrying around a supercomputer in our pocket, what are we going to do with it? (And please… don’t just say watch more cat videos, yes I know they’re adorable but come on, aim a little higher, please?) Why not run the internet ourselves? 

When we’re all running around with supercomputers, why should we be putting our trust in these large tech conglomerates when they’ve continually shown themselves, at best as ambivalent and at worst as downright negligible when it comes to our data privacy. Every other day it seems like there’s a new data breach, hack, or the company itself selling our private data to advertisers. They haven’t earned our trust, and even if they did at some point, they’ve certainly lost it by now. 

But we don’t have to anymore. We aren’t beholden to big tech if we are willing to take the plunge and dive into the distributed web. A web like our predecessors in the 80s imagined it, free to surf, send, and share without someone looking over your shoulder. A web free of censorship, where the only boundaries are our imaginations. A web hosted by people for people, not advertisers and tech monopolies. 

The distributed web is not the web like you’re used to though. It’s not some massive server farm hidden away in a warehouse, its independent server operators sharing the network load among them. It’s every one of us having the opportunity to participate in the governance of the internet. It’s freedom from control and freedom from censorship. 

It’s not just about escaping big tech though; it’s about building something better. Joining the distributed web doesn’t mean you don’t get to share photos and videos with your friends, it means sharing content in a way that doesn’t compromise your data privacy. It’s about creating a web where you are in ultimate control of your data, your privacy, and your life. 

Welcome to the future of the internet.

AXEL IPFS Is Out Now

Two weeks ago we released the AXEL Wallet, the window into our blockchain and the basis of everything we plan to do. And now, it’s only getting better!

Not only have we released one of the best-designed blockchains on Earth, but we also integrated it with the most advanced IPFS platform out there. You no longer have to make a choice between privacy or convenience, you can have both. There already are ways to stay private online, but privacy often comes at the cost of your experience and is inconvenient. AXEL IPFS is the best of both worlds, it’s secure and encryption-enabled, while still being fast and free!

But more important than just the technology of the distributed web is the team who built it. No matter how great their product is, would you really want one of those big-tech conglomerates, who have continually monitored you, sold your data and abused your trust, starting the distributed web? Do you really trust them to have your best interest at heart? While they may have the right technology, their past behavior should make you wary of trusting them with something as important as the distributed web.

Unlike most tech companies our business is not in advertising, we don’t host ads and we don’t sell data. Our business is privacy; specifically, your privacy. It has always been our business and it always will be.

That’s why we started this project. Our entire company is based around privacy and data custody. For over a decade, our team has been working on products to give you back your data, and give you the option to divorce yourselves from the surveillance-web that’s been forced upon us by big tech. Every product and project we’ve worked on has been building towards this moment.

The distributed web is no longer something to talk about as something that’s coming, it’s here. We built it, for you. AXEL IPFS is already the most advanced IPFS-integrated blockchain, and it’s just going to keep getting better with time! But now it’s your turn, show us what you can do with it, how you’d live your life, free from surveillance and censorship.

Welcome to the future of the internet, welcome… to AXEL IPFS.