AXEL.org

Privacy

Why Data Breaches are so Damaging and how the Law has Failed Consumers

Very few times in history have a group of people sat down with the purpose of writing a set of new laws to improve society. Instead, what usually happens is that laws are written to solve specific problems. This leads to a litany of laws piling up over the decades. While it could always be debated how effective a particular law might be at accomplishing its goal, the rapid pace of technological advancement over the past 20 years – especially as compared to the pace of the lawmaking process – has introduced new challenges as laws become quickly outdated, sometimes even by the time they take effect.

The results of this are acutely apparent in the cross-section between the fields of cybersecurity and consumer protection, namely data breaches.

The magnanimity of consumer protection laws in the United States were written for a society concerned with immediate product safety and compensation for resulting injuries, not for the nebulous and incalculable injuries that may be sustained by potential millions when private records are exposed.

Why are data breaches so damaging?

The unique problem of data breaches stems from the fact that the breach of privacy carries in of itself no specific harm. Instead, it is the later misuse of information that has been breached that may lead to ensuing harm. However, with data breaches occurring on a near-daily basis, the causality of specific financial or reputational damage is nigh impossible to link to a single breach causally; with our laws written around the concept of calculable damages being the source of justified remuneration, we are left constantly and increasingly victimized but unable to seek just compensation.

Some would argue that even more problematic is the irreparable nature of many of the most severe data breaches. Once a name and social security number are leaked, that identity is permanently and irreversibly at risk for being used fraudulently. While one could always apply for a new social security number, the Social Security Administration is extremely reluctant to issue new identities, and while that is a debate for another time, it goes to show just how difficult it can be to recover from a breach. Victims are permanently marred and at increased risk for future injuries resulting from a single breach, no matter how much time has passed.

Because of the damage resulting from a data breach being so far removed temporally and causally from the actual breach itself, adequate compensation is rarely won, if it is even sought. Was it the Equifax breach, the MoviePass breach, or one of the innumerable other breaches this year that resulted in your identity being stolen and used to take out fraudulent loans a decade from now?

Moreover, even if you should find that it was MoviePass’ negligence that leads to your identity being stolen, what compensation can you seek from a company that has been defunct for years? Our laws were not written to address these issues adequately. Our legal system often does not ponder questions of uncertainty and possibility, and that’s the perfect summary of what victims face in the aftermath of a breach; uncertainty and possibilities.

For all the uncertainty victims face, the solutions going forward as a country are equally opaque.

It would be easy to write some draconian law to punish companies for exposing private data, but as is often the case, that could have unintended consequences, such as pushing data overseas where even looser security and weaker privacy laws may exacerbate the problem. Instead, it’s going to take a significant shift in our collective-consciousness over how data is handled.

Laws written for managing telecommunications and transmissions in that era are being used to handle complex cybersecurity and data privacy cases.

This can’t come just from one party though; companies need to seriously consider what data they need to collect, and what information needs to be retained on a long-term basis. Consumers have to take ownership of their data and demand a higher quality of service from corporations and governments over how their data is collected and used.

As a whole, we must recognize the value of data, and the dangers we expose ourselves to by collecting it (and why it might even be best to not collect data at all in many circumstances).

Just like holding valuables such as gold and art entails a security risk, so too does data. If people started treating data like the digital gold it really is, maybe then we could all come together to work out a solution.

But until then, I’ll be keeping my data to myself.

Projects We Love: PrivacyWall

This is part of our series highlighting startups who share our mission of trying to bring data privacy back to users.

You’ve had a rough week, maybe it’s a relationship or health problem, but either way, you’re feeling down. Fortunately, your family is there for you, and reach out to console you through a few private messages on social media.

Mom: “I know it’s expensive, I’m sorry your health care doesn’t cover it, we’ll do what we can to help you pay.”

Dad: “Don’t worry sport, she’s just going through a phase, I’m sure you guys will work through it.”

Friend: “Hey man, let’s meet up for a drink this weekend, cheer up!”

After reading your messages, you lay down in bed to rest and start scrolling through social media to pass the time until you fall asleep, and you’re astounded by what you find.

Ads.

But not just the usual ads for food, or some new tech gadget.

“Lower your healthcare costs now! Save 20% off market rate plans!”

“Relationship trouble? Local family counseling is available!”

“Cheapest beer in town, and half-price shots on Fridays!”

Maybe it’s just coincidence, or maybe every single thing you say or do online is being tracked and sold to advertisers… That “free” social media website has to make money somehow.

And that’s where PrivacyWall comes in- a startup that is returning data privacy and security to users. By blocking unwanted data collection by everyone from Facebook to Google, PrivacyWall puts you back in the driver’s seat.

Why PrivacyWall?

Every website you visit, every search you type in, every message you send and photo you post, it’s all tracked, recorded, and monitored. PrivacyWall is the “off” switch we’ve been waiting for.

By blocking over 3,000+ trackers from many of the largest tech companies in the world you can once again browse the internet without fear of being tracked like the target of a CIA investigation. We expect privacy in our homes, and we should get the same treatment on the internet.

PrivacyWall even blocks Facebook Connect from building a shadow profile of your online activity when you are not on Facebook. If you didn’t know, that convenient “log-in with Facebook” turns that account you just signed up for into another data collection point for Facebook to build a profile on you.

If you didn’t know that, you aren’t alone. And that’s exactly why PrivacyWall blocks threats you don’t even know about yet. Because you shouldn’t have to become a security expert and worry about your private information being leaked just because you used Facebook to sign-up for a food delivery app, or a dating site, or anything.

You deserve privacy, and PrivacyWall is a step towards a more private world.

Q&A With The Developers Of AXEL IPFS

We sat down with AXEL’s development team to discuss their AXEL IPFS Pinning Facility.

Q: What inspired you to develop AXEL IPFS?

The next evolution of computing is distributed. IPFS or something very similar is going to be the basis of distributed storage. The AXEL IPFS integration into our ecosystem has given us a worldwide public distributed storage system to build practically anything on top of including AXEL IPFS Pinning, AXEL IPFS Search, and many other services to come. AXEL is building a very strong foundation in distributed storage and will be a leader in the next evolution of Web 3.0!

Q: What excites you the most about AXEL IPFS?

AXEL IPFS will allow our users to immediately and securely distribute their data around the world for personal or business use. AXEL will be fostering the movement from centralized to decentralized computing and AXEL IPFS is the start of the process. For AXEL users, they can share files or even distribute website information with IPFS. It is very exciting to bring Web 3.0 technology to the masses. AXEL has made it super easy to use, which is very important when you want to increase the adoption of complex technologies like IPFS.

Q: Do you see a future for IPFS and what industries will adopt it first?

Web 3.0 will be distributed. IPFS seems likely to be a core technology of Web 3.0 and the distributed Internet. Right now archivists, service providers, researchers, developers, and content creators have begun to adopt IPFS to address many problems caused by centralized computing. IPFS also addresses many issues around high-latency networks found in developing countries. Even NASA is using similar systems to address the high-latency involved in space communications. So there is a lot going on in this field. With that said, though, it is still very new. AXEL is bringing this technology to users today by making it secure and easy to use so anyone can take advantage. I think it will be interesting to see how IPFS develops and is integrated into more and more consumer products. 

Q: What industries will IPFS be the death blow for? Is there a future for cybersecurity in a distributed web?

I do not think we are talking extinction but evolution. Current centralized systems will evolve into decentralized/distributed systems as users demand the flexibility, security, and efficiency of decentralized/distributed systems. The only companies that will go extinct are those that fail to evolve or evolve without taking into account customer needs. And as far as cybersecurity goes, as long as we use computers and the human condition remains as it is, cybersecurity will also be a lucrative and in-demand career.

Q: How much will AXEL IPFS cost to use?

The IPFS is the backbone for our private, secure file-sharing and cloud storage platform; AXEL Go. You can sign up for a free Basic account and receive 2GB of online storage and enough network fuel for hundreds of typical shares. Power users or enterprise customers have a choice of pricing tiers to accommodate their specific needs. 

Q: Is IPFS the death of HTTP?

In the computer industry, protocols die hard. As much as we want to criticize the problems with centralized computing, it has provided one of the greatest revolutions in mankind’s history. Never before have so many had access to almost the entire world’s knowledge. Individuals and entrepreneurs have tapped into this knowledge to develop some incredibly cool tech over these past 20 years. So, HTTP has been a great success, and it will not disappear quickly. But as 5G becomes more prevalent and developing countries increase their demand for data, decentralized and distributed technologies will be selected as the protocol over HTTP. It is also interesting to note that Tim Berners-Lee who created the HTTP protocol and the World Wide Web is now working on the next distributed/decentralized protocol. It is one of the greatest qualities of humans, we never stop creating.

Q: Do you have any concerns that content on IPFS can’t be removed or censored?

Yes, absolutely. There are clearly certain types of information that are not suited for publication anywhere at any time, such as child pornography or sex trafficking. Universally, this type of abhorrent information has no place on IPFS or anywhere else on the internet for that matter. When it is so universal and clear-cut like this, AXEL will do everything in its power to prevent this content from being listed on IPFS.

Q: What was the most challenging aspect of developing AXEL IPFS?

The IPFS is still actively being developed and there are always difficulties with anything new and in-development. But otherwise, I have been developing technology for over 30 years and with that experience, you learn how to be diligent and get it done the right way.

Q: What does AXEL IPFS do that sets it apart from any other IPFS platform?

We believe our IPFS integration is the most easy-to-use, intuitive solution on the market. In the past, IPFS pinning required extensive technical knowledge or expensive third party services. We’ve eliminated both barriers and made utilizing this decentralized technology simple and affordable. For instance, with AXEL Go, the process isn’t any more complicated than using other popular cloud storage and sharing applications. And it doesn’t get much more affordable than a free Basic account! 

Q: How can someone help or participate in the project?

Join us on Discord or Telegram and get involved. Telegram has a lot of great community activity and Discord is where the Devs hang out. Come chat with us! There are so many ways to get involved, ask any of the channel admins and they’d be happy to help!

AXEL IPFS Is Out Now

Two weeks ago we released the AXEL Wallet, the window into our blockchain and the basis of everything we plan to do. And now, it’s only getting better!

Not only have we released one of the best-designed blockchains on Earth, but we also integrated it with the most advanced IPFS platform out there. You no longer have to make a choice between privacy or convenience, you can have both. There already are ways to stay private online, but privacy often comes at the cost of your experience and is inconvenient. AXEL IPFS is the best of both worlds, it’s secure and encryption-enabled, while still being fast and free!

But more important than just the technology of the distributed web is the team who built it. No matter how great their product is, would you really want one of those big-tech conglomerates, who have continually monitored you, sold your data and abused your trust, starting the distributed web? Do you really trust them to have your best interest at heart? While they may have the right technology, their past behavior should make you wary of trusting them with something as important as the distributed web.

Unlike most tech companies our business is not in advertising, we don’t host ads and we don’t sell data. Our business is privacy; specifically, your privacy. It has always been our business and it always will be.

That’s why we started this project. Our entire company is based around privacy and data custody. For over a decade, our team has been working on products to give you back your data, and give you the option to divorce yourselves from the surveillance-web that’s been forced upon us by big tech. Every product and project we’ve worked on has been building towards this moment.

The distributed web is no longer something to talk about as something that’s coming, it’s here. We built it, for you. AXEL IPFS is already the most advanced IPFS-integrated blockchain, and it’s just going to keep getting better with time! But now it’s your turn, show us what you can do with it, how you’d live your life, free from surveillance and censorship.

Welcome to the future of the internet, welcome… to AXEL IPFS.

How To Stay Safe Online When You’re Traveling

Travel can be a mind-opening and life-altering experience. Whether you’re traveling for business, for pleasure, or to visit your family in your hometown, it’s always great to get away from the drudgery of your daily routine to see new things and meet new people.
However, unfamiliar places can bring unfamiliar dangers. And while you’ve likely been told to not keep your valuables on your person in case you get mugged or to lock yourself in a small cabinet when visiting family so they can never find you again, the rules for safely using technology while you travel are a bit nebulous at times.
Never fear: we’ve got you covered. Here’s how to keep your personal information safe when visiting an unfamiliar — or all too familiar — locale.

Business travel

Wow — you’re important enough that it’s actually necessary for you go to a whole different city or country for work. Because you’re needed there. Ok. Are you Beyonce or something?!
Anyway business travel has its own set of risks and challenges, so here are some things to keep in mind.

  • Bring only what you need. Increasingly, security personnel at airports will look through devices to determine if their owner poses a security threat. And the risk of having something stolen is greater in unfamiliar environments. Bring the tools you need to safely work, but don’t bring anything you don’t absolutely need.
  • Keep your devices on you at all times. Yes, the danger of security going through your phone is real, but don’t check your work laptop that has all your company’s trade secrets. If one of your devices gets lost, then anyone who finds it will be able to hack into it and figure out when your next secret album is dropping. (You are Beyonce, aren’t you?!)
  • Don’t trust the Wi-Fi. This is always a solid tip, but especially important when you’re traveling for business. Never use unfamiliar public Wi-Fi to do official company business or any sensitive personal browsing. Doing so leaves you open to hacking, government surveillance, and increased risk of malware being installed on your device.
  • Use a VPN. If you’re traveling for business, all of your internet browsing should happen while connected to a VPN. Many companies require you to use a VPN to log into their networks while working, but if your company doesn’t, invest in one.
  • Consult your company’s IT department before you leave. Ask your IT department if there are any special considerations for working remotely in the country you’re visiting, unless your IT department is just three people sitting in a basement. Then just follow the tips above and also begin looking for a new job.

Personal travel

Wow — you’d rather explore the world than sit at home in your sad studio apartment with your cat. Because you want to. Ok.
When traveling for pleasure, you should bring only what you need, be wary of Wi-Fi, and keep all devices on your at all times, as mentioned above. Here are some additional tips for world explorers.

  • Wait until you get home to post pictures. It’s tempting to post all your sexy beach pics immediately to make others jealous, but it’s best to wait so you’re not advertising that your home is empty or giving away your location.
  • Don’t do any crimes online. If you do venture on the Wi-Fi, make sure you know that laws in the country you’re in. For instance, don’t go on adult sites in Cuba and don’t trash the government on social media in China — it won’t turn out well for you!
  • Password protect all your mobile devices. You should always have strong passwords in place for all your hardware and online accounts, but it’s particularly important when you’re traveling. Have strong passwords for hardware and two-factor authentication for all accounts.
  • Don’t swim with your phone in your pocket. This has nothing to do with online safety, it’s just better if you don’t.

Visiting your family in your hometown

Oh man — how’d you get tricked into visiting your hometown? Whether you’re home for the holidays or visiting your beloved family dog Sparky, your hometown is full of dangers

  • Stay in a hotel on the dark side of town. Do not reveal the location of this hotel to anyone. Pay in cash and use “Jon Bon Jovi” as a pseudonym.
  • Do not complain about your mom’s meatloaf on social media. Similar to complaining about the government in China, this will get you into big trouble.
  • Turn off all location-sharing capabilities on your phone, and make sure your phone isn’t set to automatically connect to Wi-Fi. Government agencies and your mom can use this information to track your location.
  • Whoops — your mom found you at your sketchy hotel because Jon Bon Jovi is a pretty obvious pseudonym. Grab Sparky and leave in the night.

Traveling can be a minefield of digital dangers, but as long as you exercise reasonable caution and refrain from using the pseudonym “Jon Bon Jovi,” you should have a safe trip. Bon Voyage, Beyonce!

How To Sound Like A Cybersecurity Expert

Cybersecurity is a buzzy topic these days. Everyone seems to be clamoring for tips on how to stay safe online, and you read in a listicle somewhere that cybersecurity is currently one of the fastest growing fields. So how can you get a piece of the respect and professional prestige that a cybersecurity expert might have? Simply follow these tips.

Warn people about social media

Inform people that by posting photos of their brunch on social media, they are giving hackers and state actors the tools necessary to take you down.

But actually, that’s too specific and information-y to remember, and it’s kind of a downer. Make your warnings vague, as in, “that Facebook is up to no good!” or “be careful about Twitter!” This way, when the next terrible Facebook or Twitter thing happens, people will recognize your prescience.

Bring encryption up often

Now, you may not know what encryption is, and I certainly don’t, but what we do know is that it’s somehow important to cybersecurity experts. Talk about it a lot, and if you encounter someone whose knowledge on encryption is more advanced than yours, simply run away.

Make a big deal out of the dark web

Studies have shown that people love hearing about the dark web. Take advantage of this fact to improve your social standing by making a huge honkin’ deal out of the dark web whenever you can.

If you see someone holding a credit card, mention that there’s lots of stolen credit card information on the dark web. This will confuse them into thinking you can help them keep their credit card information off the dark web.

Extra points if you can explain to people what TOR stands for. But if someone actually asks you how it works, this is again the moment to simply run away.

Loudly proclaim that quantum computing is the future of cybersecurity

This is certainly true. Don’t ask me why.

If someone asks you to elaborate on your claims, run away.

Chant “identity, not perimeter” to anyone in your general vicinity

The idea here is that perimeter security, or the mighty firewall as some call it, will be overtaken by identity and access management security, which allows for more granular permissions to be set, and ensures that even if someone does breach the firewall, they won’t have access to everything.

But that’s sort of a long thing to remember, so just remember the chant. If anyone asks questions about the chant, tell them to stop interrupting the chant.

Start a group chat to share cybersecurity articles you don’t understand

You’re not legit until you’re sharing articles saying common facts that we all know about like “phishing is a thing,” and “hackers have our data.”

To solidify your standing as a thought leader, however, you need to take it one step further. Sharing articles about concepts you don’t understand will allow you to rise to the top of the cybersecurity fake expert field. Look for a title like “why you NEED quantum encryption TOR identity blockchain security NOW.” If someone asks you what that means, tell them it’s too late for them if they don’t know.