Contents

Introduction

Context

Online Services and Personal Data

Online Privacy

Solid

ReactJS

Conclusions

References

Introduction

This literature review will determine the current issues surrounding privacy and the use of personal data online. The information gathered will show how relevant a solution to the highlighted issues will be – also an understanding of previous or current potential solutions will be beneficial to this project. There also be a small section of information regarding the technologies used to make this project viable in its solution – the software defined technologies will include: ReactJS and Solid. ReactJS is a JavaScript framework which eases the creation of user interfaces (UI) with constantly changing data (usually user dependant data). Solid which is a very new technology, introduced to provide a system which allows the ability to store a user’s data in one or multiple locations, then allow it to communicate with various online services – whilst specific online services will not have any control over the user data it receives.

Context

This project aims to create and implement a solution to solve current issues surrounding privacy and the use of personal data online. The solution aims to be a de-centralised web in theory, with user’s personal data never being stored on third-parties’ filesystems, resulting in the user having full control over their data. Many organisations have become victim to cybercrime, resulting in their user’s personal data being stolen – so a potential solution means that users will have to be responsible for their own personal data.

Online Services and Personal Data

With more users than ever online, rising from 738 million in 2000, to over 3 billion people as of 2015 (Davidson, 2015). Online services are now more common than ever, with a number of organisations considering moving their services entirely online – such as the UK Government who are planning to make their Tax system online only by October 2019 (Overview of Making Tax Digital – GOV.UK, n.d.). The rise of online services has resulted in people storing more personal data online than ever seen before, with the average UK email address being associated with 118 different online accounts (Le Bras, 2015). The higher number of online accounts results in a greater probability of becoming a victim to a data breach, with each of those service providers needing to provide an adequate level of security to protect personal data.

A recent cybercrime report has shown that 43% of UK businesses experience a cyber security breach or attack within a 12 month period (Department for Digital, Culture, 2018). These high probabilities of a cyber-attack show that personal data stored online is very vulnerable. Using online services is not something companies or individuals can avoid, with 98% of businesses relying on some form of online communication such as company emails, websites, or VoIP systems; 92% of companies using emails, 83% of companies using a website or blog; and 56% of companies holding information about customers electronically (Department for Digital, Culture, 2018). Findings by the IT Governance have shown that cybercrime is on the rise; in 2010 there were 3.8 million records breached, in comparison with 2016 where 3.1 billion records were breached. (Graham, 2018)

As seen many organisations are moving online resulting in a rise of online only services, which is also rising alongside cybercrime – dramatically increasing the chances of people becoming victim to a data breach. As of November 2018, according to the Identity Theft Resource Centre there has been 57,667,911 separate online records stolen in 1027 data breaches (Data Breach Category YTD Summary, 2018).

Even organisations as large as Facebook fall victim to cyber-attacks, as seen in 2018 when hackers were able to gain access to over 50 million user accounts (Solon, 2018; Wong Carrie, 2018). If Facebook; one of the world’s largest companies couldn’t protect user’s data, smaller companies would find it near impossible to protect against any type of data breach. Some online services may collect real-time data, such as location tracking which was present in Fitness app PolarFlow, which offers users the ability to see their running history – this type of data resulted in PolarFlow leaking the secret locations of military personnel in active service (Burgess, 2018).

New laws are now being implemented such as the General Data Protection Regulation (GDPR), which will fine organisations up to €20 million or 4% of global annual turnover, if they fail to adequately protect user’s personal data (Key Changes with the General Data Protection Regulation – EUGDPR, 2018). If complete new laws are being introduced it shows that there is a clear motive to solve the current issues with online privacy and the use of personal data.

Data mishandling has evidently been prevalent in various online services, showing that organisations aren’t competently implementing adequate security measures to protect their user’s data. Despite cybersecurity becoming increasingly important people and organisations are still lacking an apparent understanding in how it works (Singer W. and Friedman, 2013). This clear misunderstanding of cybersecurity shows that organisations cannot be trusted to protect user’s data when it is stored on their internal systems. If online service providers can’t protect user’s data a solution needs to be found to enable functionality of these online services, whilst taking away the responsibility of organisations needing to store various sensitive user data.

This project will hope to achieve a potential solution to enable a system to be developed which allows online services to remain functional, by using a user’s personal data, however they shall not be required to store the data on their own internal systems. These findings have shown a definite problem with the use and storage of user’s personal data online; which is made extremely vulnerable by the current issues within cybersecurity. This project will use the information gathered to understand the potential solutions which are currently being developed to solve these issues, with this the project can have greater relevancy in a potential solution.

Online Privacy

The massive losses of personal data in various data breaches has led to concerns surrounding people’s privacy online, with personal data falling into cyber criminal’s hands. Once pe