Data Infidelity

Popular community website Reddit’s Thanksgiving was ruined by virtue of the CEO, Steve Huffman (going by username /u/spez), editing select posts without disclosing change history. In particular, there were threads where supporters of Donald Trump, under a subreddit called /r/The_Donald, called /u/spez a pedophile and other names. He spent an hour going through and replacing his own name with the usernames of the community moderators of /r/The_Donald. This caused quite a stir.

It may seem to outsiders like a tempest in a teapot, but the principle is that tens (hundreds) of millions of users expect that when they put bits into a computer, those bits play back as recorded. They’re quite upset when the digital record of history is altered.

There’s a broader issue at play. Noted computer scientists including MIT’s own Ron Rivest have called for an audit of the computerized voting systems used in the most recent U.S. election due to the fact that the nation’s own security forces have identified widespread efforts by a state actor to interfere with the election. 

As we build a digitally founded economy, versus one where the digital world is a reflecting mirror (sometimes distorted) of analog reality, questions of data infidelity become more and more acute. 

For my own part, the more work I conduct in digital identity, the more issues I run into. In the past year, my identity has been lost, stolen, hacked and replicated. Multiple times. I’m on my fifth corporate credit card, for example.  To examine further data infidelity in fintech for a minute, I understand that fraud rates for card-not-present transactions (i.e., in the purely digital world) are 300% higher than those in card-present transactions (i.e., in the analog world) – and the CNP fraud is expected to continue to grow, reaching nearly $26 billion by 2020. 

This summer, in respect to requests from the U.S. and European Union governments, we proposed a broad framework for robust digital identity, better data security and better data sharing. Through it, we seek to address critical questions including: if access to government services, healthcare and financial services are mediated by biometrics instead of easily-forged paper documents – what happens when someone steals your biometric ID file? You only have one set of fingerprints and iris scans; it’s not like you can just replace your fingers the way I’ve been replacing my credit cards.

Distributed ledger technologies (DLT, popularly known as blockchain) are a partial answer, of course. If we have a more resilient network of thousands of nodes recording and agreeing on nominal reality, it’s harder to hack. Better encryption is another answer. They need to be implemented in combination with new data management techniques and new computing solutions. 

The issues raise more questions than answers. 

We are at the beginning of a technological shift on par with the industrial revolution, and are seeing labor and civil unrest of similar scale as a result. The 1980s and 1990s saw a technological optimism with unerring faith in the reliability, the credibility, of technology. But “truth” and “trust” of that era, battered by everything from multiple space shuttle disasters to multiple stock market crashes, and shaped by rising media polarization, have propelled a fundamental decay in our trust in institutions. In turn, we are seeing accelerating mistrust of the data and computing systems that we have put our faiths into.

The convergence of fear and mistrust in systems creates even more basic problems. If you and I are operating on a different set of facts (eminently possible thanks to media polarization), how can we possibly engage in civic dialog and participate together in the same civil society?

How can we begin to once again trust data? And fundamentally, how can we begin to trust each other?

Read our new book, Trust::Data!

The views expressed in this column are my own, and may not reflect those of the Massachusetts Institute of Technology (MIT) or its faculty.