In the era of big data, how is the privacy and security dilemma broken?

In the era of big data, how is the privacy and security dilemma broken?

In the era of big data, are we all streaking?

In the era of rapid development of big data, privacy seems to be becoming a topic of serious fear, just as a well-known saying on the Internet: in the era of big data, everyone is "streaking." Although the domestic Internet amnesty has caused a strong rebound of Chinese netizens on the Internet, it also reflects part of the current status of privacy protection.

Singapore’s "Lianhe Zaobao" network on the 28th "From the leak door" to "Privacy", the author said that in the year of coming to China, daily life is the efficient operation of mobile phone take-away, taxi, navigation, shopping and other functions. And seamlessly connected. Although there is always a hesitation before entering personal information, but I can think of sitting on the sofa and shaking my feet and waiting for dinner to be delivered to the door, as if I don't have to think too much, I will enter personal information in one by one. According to the article, personal privacy has indeed depreciated in the face of the enormous convenience of technology. It is not difficult to imagine that when the technology of binding personal information such as cashless payment and brushing is more and more pervasive, as long as the convenience enjoyed by the user is greater than the cumbersomeness of inputting personal data, the general public is also difficult to have much resistance.

Qin An, director of the China Cyberspace Strategy Institute, told the Global Times that the security risks exposed by Facebook were widespread in the world and the country was quite severe. At present, the most representative security situation is that personal information is in the hands of key enterprises, and there is neither a national level of protection nor a legal level. Internet privacy law expert Wang Wei told the Global Times reporter that the concept of personal privacy has changed from the past, and the scope of protection needs to be changed. In the past, information that needs to be protected is in fact unprotected, but should be protected. The focus may not be protected.

Qin An believes that there must be a new understanding of personal privacy. For example, an individual's name, telephone number, and QQ number are likely to be disclosed through various channels, but the bank card number, clothing, food, and accommodation information associated with the individual is a privacy that must be protected.

Wang Wei believes that data collection is ubiquitous in daily life, browsing web pages, cameras, facial recognition and so on. The most harmful of these is the collection and abuse of biometrics. Unlike passwords, data such as fingerprints, irises, and DNA cannot be changed, so once they are leaked and misused, the damage is irreparable. At the same time, he also believes that some people may have diseases such as high blood pressure and diabetes. These privacys can be judged by the collectors of your shopping, location, etc., and even targeted marketing by enterprises. Some information may reduce the social evaluation of individuals, but at present, our country's laws still lack corresponding protection.

Protecting privacy, is the individual really powerless?

In the face of powerful big data collection and analysis capabilities, personal information security becomes very fragile, so what can each of us do?

For example, when a reporter installs an application on a mobile phone, it is often required to provide almost all permissions, such as location information, reading text messages, calling an address book, and turning on the camera. However, software developers do not explicitly state the use of these permissions.

Tan Xiaosheng, a well-known information security expert and 360 chief privacy officer of China, told the Global Times reporter on the 28th that there may be several possibilities. One possibility is that the developer will rudely and voluntarily give all the permissions for convenience. For the future program upgrades and functions, the reserved permissions may be reserved; in another case, the developer intends to collect more user information because the data can be used for big data analysis. The greater the amount of data, the more accurate the user image is. High, so it is possible to collect customer data that is not needed for business for business reasons. For example, a ordering software that requires the user's location information is reasonable, which can help users find nearby restaurants and conveniently deliver food to users. However, other permissions may not be necessary in the product service process, such as reading text messages, using address books, etc. are debatable. Is it possible to protect personal data by confirming permissions each time it is used? Tan Xiaosheng believes that this may bring about a great drop in user experience and convenience, and may not be the most ideal solution.

A well-known Chinese information security expert who asked not to be named told the Global Times reporter that in personal privacy protection, users are really powerless. If it is a single user, it can't compete with high-tech hackers and Internet companies with data. He believes that from the perspective of the user community, groups can participate in the formulation of rules. The country’s increasing emphasis on personal information protection reflects the voice of the general public.

Experts for privacy protection

The anonymous experts mentioned in the previous article believe that the future data will be collected more, and the data will be applied in medical, education and social governance in the future. The data itself is not guilty. The question is not whether the data is being collected, but whether the data is infringing on privacy, and whether it can find a suitable way for Big Data to protect personal privacy when it is applied.

He believes that relying on user informed consent during the information gathering phase is not necessarily the best approach. Information collection is only the first level. Later users should have the right to ask the collector, which can be used, and which can be used, so that they can be classified according to different people's understanding of privacy. He believes that the focus of data security needs to be addressed in the post-data collection process: application, sharing, and destruction. For example, data is stored in an Internet company, and even a person with authority cannot abuse it, and can only access it when the user makes a request. It can be supervised by a third party, so that the illegal use of data cannot be hidden. In addition, in the analysis of big data processing such as precision marketing, the overall plan also needs to be reviewed. For example, technically accurate marketing for users, but the background can not see the specific user information.

Wang Wei believes that due to the development of online shopping and mobile payment, China's big data field is at the forefront of the world, and relevant legislation in China is urgent. The first step is to strengthen legislation on biometric protection, such as fingerprint recognition technology for mobile phones, whether fingerprint information will be uploaded back to the manufacturer, whether it will be properly kept, and whether it will be used. Once violated, it must be severely punished. Second, there is a need to strengthen legislation on the protection of personal network data. The law should clearly state which can be collected, which cannot be collected, which can be saved, and which cannot be saved.

Qin An believes that the current protection of personal privacy is mainly the national legislation, corporate self-discipline and personal protection trinity. From a national perspective, the Cybersecurity Law, which came into force last year in China, is a basic law and general framework. Laws on cross-border flows of data and protection of data infrastructure are being formulated. The state must increase penalties for enterprises and let enterprises pay for their own actions. In addition, we must strengthen the cultivation of personal network security awareness, and the education of personal network security in China is generally lacking.