Data Privacy

Why we simply must move to a user-centric personal data model

We are generally very positive here at

We prefer to look to – and actively work towards – a brave new personal data future fuelled by data mobility, rather than dwelling too much on the negatives of the current model.

But sometimes, you see something which is too powerful to ignore – or not write about.

Today it is this – CNET’s running list of every major security breach and data hack so far – which makes for very sobering reading.

It’s not that the article is telling many of us, particularly those with even a passing interest in personal data privacy, anything that isn’t already known.

Rather, it is the scale of the most recent breaches, laid out together, which combine to create a devastating critique of why things simply cannot, must not, continue as they are.

One hundred million people affected by the recent Capital One breach, 143 million by Equifax, 383 million by Marriott, 3 billion by Yahoo – the list can, and does, go on and on.

At the heart of every breach is the theft of often-sensitive personal information, including health, financial and dates of birth etc. This is bad, and violating, enough in itself, but also exposes the person whose data it was to a knock-on risk of identity theft and fraud.

The biggest frustration comes from knowing that this does not have to be the norm – solutions exist, including technology such as, which allows individuals to store their own data in their own secure library, as opposed to centrally with an organisation in a huge honeypot for hackers.

Decentralising data storage is something that needs to become more mainstream, for all our sakes. Security of personal data needs to be taken much more seriously, and individuals need much greater control over their own data, not least for the chance to keep it safe.

Then, and only then, does the pace of breaches stand a chance of slowing.