Our guest today is Michael Kende. He has a Ph.D. in economics from MIT and is a Digital Development consultant at the World Bank Group, a Senior Advisor at Analysys Mason, and the Board Chair of the Datasphere Initiative and until recently Chief Economist of the Internet Society. He has done a significant amount of work on promoting Internet development in emerging regions around the world. He works on the economics of cybersecurity, as a means to reduce data breaches and increase trust in the Internet.Trust & Internet Data. That is the subject of the interview I had with Michael Kende. He works on the economics of cybersecurity as a means to reduce data breaches and increase trust in the Internet. The Internet has brought us numerous free services, like contacting people, creating online content, video conferencing, sharing videos, communicating, and working online. But it comes at a price as the data we put online, some of it very personal, raises privacy issues, makes us vulnerable to cyber-attacks, and results in a concentration of power in large companies and governments. He talks about trust and the privacy paradox and the flip side of free services that Internet provides. The way to grow trust is through technology and regulation. Giving the example of the automobile industry where in the sixties there were no safety regulations until Ralph Nader’s book in 1965 “Unsafe at Any Speed“. He talks about the European GDPR Directive, the Datasphere Initiative, the privacy paradox, and contact tracing apps like the Ehteraz app Qatar requires people to use during the soccer World Cup.
The Privacy Trust Paradox
Some people may be happy to have an Alexa in their living room potentially listening to what they’re saying, but they wouldn’t put one in their bedroom. Other people may never really trust a self-driving car because they see what’s happening with websites and with other devices and they wouldn’t put themselves in a car that they can’t control. So going forward, I think there is going to be an impact, but I do agree that the way to grow trust is through technology and regulation ultimately, the industry has had years and years to address it and so far we’ve seen the results of that and you can go back for an analogue to the automobile industry in the 1960s. There was no regulation, basically no safety measures, cars only had lap belts in the front and they were optional and then Ralph Nader writes the book in 1965, “Unsafe at any Speed”, highlighting the lack of safety. And eventually the US government got involved, starting with seatbelt laws, then came airbags, crash testing, safety ratings built-in restraints for infant seats, and importantly, a real culture of safety and competition in safety by companies. So now controlling for the Miles travel, there were five times more fatalities in the 1960s than there are today. So there’s been a huge impact in terms of safety and our reliance and our willingness to pay extra for more safety. So this same shift has to take place online with regulations and competition and new technologies to help protect users and also more of a culture of safety so that everyone understands what they’re doing and looks for websites and for devices that are more safe.
The Flipside of Free, Understanding the Economics of Internet
(…) so the idea is first explain why these things are free and the benefits that we’re getting out of those, the ability to contact people now to make phone calls, to video conference, to do podcasts, to do things online with the government, to work online. All of these things that we saw really accelerated during the lockdowns and the pandemic. But we have to consider the flip sides. All of these things put our data online and the data that we’re putting online, some of it is very personal, so we’re more and more concerned about our privacy. Some of it is subject to cybersecurity attacks, as are many of the infrastructure that we rely on that we might not even know are attached to the Internet. And as the companies grow, we’re starting to become more and more concerned about the concentration of power in these companies. And as we see with Twitter, what one company or one owner can do to really what he calls the public square of the Internet.
Putting our personal information into a website is also a bit of a leap of faith
About Ashley Madison, a website with the express purpose of enabling married people to cheat on one another:
(…)even though the whole point of the website was to offer a discreet way for married people to commit adultery, the security was so bad that all 37 million usernames were leaked online. And of course, with devastating results for the people even it actually turns out not that many people were successful in their cheating, but having your name on the list did not look good if your spouse found out, of course. The problem is twofold. It’s difficult for a website to prove that it has good security. And so if you can’t prove that you have good security or compete on it, there’s less incentive to invest in good security. And also the downside is not that large. Ashley Madison was sued for over $400 million, but in the end, the lawsuit yielded just $11.2 million. So the downside wasn’t very big. And as I said at the beginning, this is really an example of the trust paradox. Many people didn’t say don’t rely on a website like Ashley Madison, but they actually use this to find out that such an opportunity exists. And as I said, now has more users than ever.
EU General Data Protection Regulation (GDPR)
I think Europe has really led the way with the General Data Protection Regulation, the GDPR, that is very user-centric and gives us more ability to consent and control our data. But it’s harder to control what happens when the data is moved out of the EU for processing in the United States or in other countries. And that’s the issue behind the privacy shield. What’s happening when Apple data goes back to California, to the headquarters? Is it subject to the same controls as in Europe? Because overall, it’s difficult for us to know what our data is being used for. Privacy policies tend to outline the basics of what can be done, but they’re not very specific. They may say, we can share this data with third-party companies for processing, but they don’t always say which companies, which data, what’s being done with it. And the result is that we’re never quite sure.
Transcript of interview With Michael Kende
Become a Friend of TrustTalk for €50 (or $50) per year, or donate
Like what we do? Help us by becoming a Friend Of TrustTalk (for €50 or $50 per year). You help us to continue to make more episodes in 2023. Go to https://trusttalk.co/friend and follow the steps.
Rather donate an amount? That is possible on https://trusttalk.co/donate. Thank you very much for your support! We greatly appreciate it.