A Data Security Model for Altering Data Ecosystem and Affirmatively Prevent Mass Data Breaches

This article discusses the root cause of prevalent mass data breaches and new approach to preventing mass data breaches. The prevalent mass data breaches can be attributed to the trusted business concept. In an internet system constructed on trusted relationship, consumer data records for all consumers can be cracked in the same way. Potential rewards from a successful hacking are much larger than the cost needed to crack the system. In such a system, whatever data security measures placed on the business’s server can be defeated by insider’s help which can be secured by sharing only a small part of rewards. A realist solution cannot be merely improving data security. Most business transactions between two parties can be conducted with minimum mutual trust and minimum personal data. A viable security measure must depart from the trusted business model but be designed to reach a sophisticated balance between trust and distrust. I will show that encrypting consumer data by the consumer’s own keys in a semi-trust business transaction model will put an end to repeating mass data breaches. I will discuss the conditions for using such encryption technologies and how to address the big nightmare that more than half of U.S. residents might have lost their personal identity data. Finally, I will show how the new technologies can prevent a variety of damages to consumers, federal government, state governments, and societies (particularly most non-internet companies and insurance companies).