Consumer Protection & Privacy in a Digital Age: A Global Perspective
all right so I would like to give it a little sponsor shout out so this is for burst IQ is the company behind lifegraph a technology that revolutionizes how sensitive data is collected managed and controlled powered by an Innovative web 3 ready blockchain platform life graph equips your business with trusted secure and intelligent driven data ecosystem lifecraft allows you to understand humans like never before use it to build solutions that meet the needs of your business better than you ever thought possible all on a breakthrough platform that is amazingly easy to adopt this panel is going to be a a panel that focuses on consumer protection and privacy they will cover topics including new privacy regulations and laws around the world including Europe Australia and the United States obviously they're going to be talking about Micah they will touch on reporting requirements and discuss the impact of privacy Technologies and artists distinguished panels will be introduced by Greg Greg if you'd come up and introduce your panelists welcome everybody I hope you had a great break so this is an interesting panel because it um delves into issues of privacy as well as consumer protection you know if we're building these Technologies for the people we need to balance uh one against the other uh we have some really distinguished people here to talk about this from all sides of the spectrum I guess we could start from my left so Frank rakota I'm just going to say a couple words and then I'd love for you guys to maybe say some of you already have been up here and so people know you nevertheless Frank ricotta is the CEO and founder of burst IQ the developer of life graph the solution that revolutionizes how sensitive data is collected and managed and controlled frankly there's over 30 years of experience as a CEO and CTO empowering people building companies and creating innovative solutions um we also have um Michael benziken he's a former chair and CEO of Life Sciences multinational founder and executive director of the non-profit citizen Warrior Foundation Mike was dedicated to creating more efficient Economic Development systems for foreign disaster relief and strengthening International diplomacy through cross-border Commerce his organization aims to unify people under the common cause preserve the middle class and reverse the cultural degradation providing education and tools to individuals and distressed communities reverse cultural degradation we emerge in Tech and there's a lot of cultural degradation to go around to reverse [Music] sorry if I mispronounce is the Chief Information officer of the U.N joined staff pension fund an 80 billion dollar fund that Services thousands of veterans in one retirees and 190 countries there's also digital transformation working group lead of the United Nations dinner design and built and identity management system for the UN to support and process the payments of the pension fund as well and then actually there was a last minute change on on the panel Amelia yes uh so you've already seen Amelia up here Amelia Gardner everybody government Innovation leader and blockchain Advocate she's done some amazing things in Utah which already many of which you've heard and Utah is going to be one of the states we're going to talk about uh the Child Protection Law in Utah touches on privacy as well because it requires people to perhaps upload their credentials to access websites and so on um so with that I kind of want to give you an overview of what the uh the scope is about and then let's delve into it so what we're really talking about especially at the government blockchain Association I'm just pulling up my notes Here what we're talking about is governments trying to balance things as they always do between one group's interest or another group's interest sometimes it's the same group and so privacy is obviously an important right privacy was used for example in Gold versus Wade as a uh you know to talk about how a woman's right to privacy uh can lead to birth control recently that was overturned I guess uh the Supreme Court there's a lot of controversy privacy uh also we have people in government obviously some of whom uh want crimes to be solved we had William Barr for example in Trump's Administration famously kind of against encryption we have leaked documents recently from the Spanish government saying that they're against anti-encryption there's a lot of that around the world and so we want to talk about that um and yeah maybe that's a good place to start so end-to-end encryption is something that obviously preserves privacy uh it's something that we are told by Facebook is in WhatsApp uh we have to take the word for it uh I was also uh in telegram you know it's not on by default but uh Pavel Dove uh has a history of trying to stand up for his users I guess he was booted out of Russia by the Russian government uh in a way made it difficult for him now he lives in Dubai uh so all these Messengers incorporate these uh this privacy protections of course they're Apple there's Apple that FBI wanted them to unlock phones they refused there's all that stuff um on the one hand there's you know people's privacy on the other hand uh Isis was using telegram to you know to organize and uh let's just say door of investors were not happy uh with with that um how do you see going forward uh do you see end-to-end um encryption being under attack do you see it declining or do you see it or increasing in in the space I guess we can go in order so Frank so I get to be the first one so you know when you look at encryption one it's just an enforcement mechanism you know it's on that spectrum of privacy enhanced Tech and where does it where does it fall um and again we're balancing individual rights versus um you know the safety of a broader Society but I think we need to take a step back and kind of look at this and what we've given up over time as well so you know when you when you get online and you see https oh okay it's encrypted but you know both sides are really looking at looking at that data you know where we've compromised our own privacy for the sake of free services and now we're trying to kind of claw that back and a lot of the blockchain web 3 foundations you're really pushing more ownership and privacy of individual data out out to the user where it's more of a consented mechanism so do I see end-to-end encryption really continuing to to explode yes I do but I also see you know Tech techniques on a broader level to even penetrate that Bell when we talk about WhatsApp I hate to tell you Facebook can see your WhatsApp messages that's why their signal and other things like that and it's it's not going to go away because there's a community that'll want their privacy and will gravitate to those communities that support individual freedoms at the same time it's the same argument we have with Bitcoin you know it's used for nefarious purposes but yet they like the auditability of it in actuality so yes we're going to see a lot more of it I think all right Amelia what do you see out of Utah um so Utah is we have a unique culture in Utah um a large part of that is is is is my my lineage and in My DNA and I was just looking up the how many of you have heard uh this quote by Benjamin Franklin those who would give up essential Liberty to purchase a little temporary security as I'm reading deserve neither Liberty nor safety right so as you think about it throughout history I'm thinking like way back like way back um was it was it safer for the Hebrews to stay in Egypt or to follow Moses right but it was it was safer for them to stay in Egypt as slaves but they chose Liberty and left and wandered the Wilderness for 40 years so then we're going to fast forward and my ancestor William Brewster who was on the Mayflower can you all imagine getting on a rickety Wooden Boat with nothing but the Stars to guide you to travel across the ocean so that you can practice religious liberty do you think that was safe I don't think so and then and then fast forward uh you know several hundred years and um and my family once again left the state of Missouri and walked on foot across the Rocky Mountains to settle the valley that I live in today 170 years ago do you think it was safe walking on foot across the Rocky Mountains in the middle of the winter no a lot of my a lot of my ancestors died during that process but they did it so that they could perhaps so they could have Liberty and so in the state of Utah we are very protective of our children and I think you'll probably bring this up I mean I have six children myself I am a mama bear you want to you want to see me go from a nice lady in a dress with high heels into a mama bear real fast mess with one of my children right but with that said we value Liberty and so uh as far as like the end-to-end encryption goes does it mean that we sacrifice some security absolutely it does but I think Liberty is worth fighting for Michael don't mess with Mama Bear don't do it oh yeah for sure okay so the topic what's up like this yeah yeah okay okay all right so so yeah the the topic of the panel we're looking at trade-offs right we're looking at trade-offs right yeah exactly so so I would okay so I would I don't like it okay I I would have to say that it's a it's a false dichotomy so what consumer protections go ahead what consumer protections let's get started privacy versus consumer protections what consumer protections so there may be consumer protections on the law are they being enforced and how's that playing out in reality so just let's just start right there what consumer protections sure I pay for them I love half my my earnings going to Consumer Protections that's fantastic you know the regulatory oversight that's fantastic I'm Pro regulatory reasonable at regulatory oversight but show me the consumer protections that protect that protected FTX unsecured creditors Celsius Network unsecured creditors where the state the oversight apparatus literally repeated what we now know to be I can't say criminally but fraudulent marketing as to how they generated their yield which was the deciding factor as to why I moved all my money there which is now in the debtors estate as ruled by District 4 in New York as no longer being owned by the people who put all their stuff there so consumer protections yeah I made the biggest investment decision in my life based on the regulatory apparatus who validated a fraudulent claim and now in a state who does not rep who's not recognize federal capital losses to offset both the principal and earnings generated in the app that I was essentially coaxed into bows because of monetary policy I wanted to hedge against inflation with the stable coin and right a little suspicion of traffic I I would have to say so I'm gonna and I don't want to keep on going but that's just the question that I'm going to inject what consumer protection it can be on the books show me words being were forced in a way that's mitigating meaningless suffering show it to me by the way um to add to what you're saying I was recently informed of the IRS has laid a claim to about 40 50 billion dollars of uh of tax yeah further line before the debtors so the government's taking a peace of FTX of that FTX bankruptcy as New York did with Celsius Network that took all of our Intel and then spun it up and then went right up to the point of of of uh of gross negligence but pull back right just a little bit to keep it civil throwing the line okay so that's another thing yeah I'm in touch with some large uh claimants in that um in that suit and they're not happy you know they're saying how can you pay taxes on stolen money uh interesting question well I don't want to I don't want to get into that uh or say words uh okay Dino uh you're you have an international view on this uh go ahead okay so let me let me give a a little bit of a Different Twist and this comes directly from my personal experience in designing an application that was intended if you will for a particular type of demographics so my clients the client the UN joint staff pension fund are indeed Ray Diaries in most of the cases we're talking about senior people that are not very familiar with digital with computer but who or habit can benefit tremendously from the technology itself so of course when we start designing the solution that eventually we put in practice we look at every tool at our disposal that could protect the client the end user so end-to-encryption zero knowledge proof privacy enhancing technique and so forth and so on but what we really realize that ultimately we need to make sure that we protect the user from themselves because no matter what kind of technology or encryptions mechanism we may adopt if they don't use a certain type of dual care all this technology all this sophisticated mechanism will not provide the expected benefit you know on the other side I really felt again being a former auditor as I shared in previous comments I felt that I and we as an organization we had the duty to protect so the challenge in front of us is how do we package a solution that makes a use of the latest encryption mechanism the latest technology mechanism a blockchain that does not put PRI personal identifiable information on the Chain but keeps it off the chamber at the same time creates an independently auditable record in order to make then this all this process all this sophistication transparent to the end user and that was the challenge that ultimately we were able to address by developing an application that uses biometrics because ultimately we couldn't trust them to keep the password the private key secret because we do know things happen and especially with people who do not have that level of expertise of understanding familiarity it would eventually happen and we couldn't take that risk so in thinking about okay what kind of secure mechanism you can use ultimately is themself protect themselves from themselves and use themselves as the key to use the system hence we use the biometric facial recognition profile to give them access to the system fantastic yeah for authenticate what you're talking about is authenticating yourself with the device and you know when you authenticate by the way in China they have they experiment and piloted this thing pay with your face you know and that is a little bit susceptible to replay attacks you know I record your face and then I pay as you so if you authenticate yourself you authenticate to your device right the device that's in your hand and then you unlock it with your face or biometrics the Privacy issue is more about what are your conversations so I want to I want to add a little twist here okay private conversations that we're having we're talking about you know personal relationships uh sexual relationships different things those are typically considered okay you have a right to privacy there in the context of serving a company or working for a corporation a lot of stuff is logged including in the banking system uh employees are typically observed their conversations are there public servants I would love for all of government you know to be transparent or logged uh you know we have C-SPAN that's excellent I love C-SPAN you know I would love to extend that to other things as well um so transparency look if they want to know how we spend 600 I would like to know how they spend trillions of dollars and why um well I think on that and being an elected official myself I think it's it's it's good to differentiate between the work that I do publicly in my job and like the conversations I have with my child right exactly and so there and there are people that come and say well I want to have access to all of your text messages and my reply is I don't waive my Fourth Amendment right when I put my name on the ballot like you don't need to know about the conversations that I'm having with my teenager or with my mother or with my husband right um with that said total transparency on how I choose to spend taxpayer dollars a hundred percent we should have that we should have that transparency what about also in corporations inside you know entities where you're working in the role of an employee right same question um does anybody want to take that in terms of yes of course public servants of a city of a state what about of a pizzeria I don't know uh was anyone have opinions about that well okay so a lot a lot of this is you know talking about conversation basically can I do I have a right to understand what your conversations are again I'm going to go back and forth on this you know one aspect in an official capacity absolutely if I'm an employer I want to understand particularly if an employee is put me at risk conversely you know I would hope my employees have the ability to have free flow of conversations on lots of topics and explore different ideas and positions to come up with you know a course of action or what we might be able to do without holding that against them and you know too often somebody says something all of a sudden it's held against them when they're exploring an idea or a concept and we we've lost the ability to have civil conversations with the different different opinions without being without fear of ramifications you know and it's this also extends I think to some of the bigger bigger elements who owns you I mean that's really what what amount what it amounts to particularly as we transition from this you know full physical state to a um to to kind of a hybrid a hybrid state of online physical presence to full virtual space who owns your personas online who who owns your ident digital identity who owns that data and data tracks you know we've relegated a lot of that to Big Tech at this point in time we're trying to Claude that back your your European Union just fine Facebook um a huge amount and is going to impact their operations there uh we work a lot with Health Data so there's privacy regulations associated with Health Data but you know Most states don't say you own your own Health Data you have access to it but you don't own it why you know and other jurisdictions say I can't store Health Data of a citizen outside Geographic boundary so again I think the fundamental issue is who owns you in a digital form and including your identity which then translates to these other conversations and topics and I I would hate to for us to do something that limits our ability to explore and to push before we say hey this is what I think well an international spent on that I spent four years in Canada and you don't own your health data in Canada and you don't actually have a right to to view it without a court order unless you have a doctor that's willing to show it to you because they're because the government controls and pays for the medical care the government owns that information so even though it's my medical information they own it and um when I was moving back to the U.S that was a challenge to get all of my health data to bring with me to the US to give to my doctor yeah self-sovereignty yeah I think that's a huge part of what we're here to do right with blockchain own your own keys not your keys not your data I guess not your yeah please jump in so okay I mean can you hear me yes thank you okay so the monetary value of data is the focus of the future access is the focus of the future focus is the focus of the future closer oh my goodness okay can you hear me now [Laughter] all right here we go okay to collect my thoughts now so okay let's say we talk about we want to have free health care or subsidized Health Care do you understand the value of your data if properly tracked to be able to determine probabilistic outcomes that would be able to innovate determine what medications are not misdiagnose direct diagnosis decrease costs in health care so we it's funny because there's this again a false dichotomy I keep on saying all these conversations are false like I just I want to get to the root cause of it is that it's not so yeah we ought to own our data but we can send into whatever we consent into we need to understand the value of our data can fundamentally change the things that the so-called left and right who obstensibly hate each other right now fight over okay there's so much I'm going to call it graft and inefficiency and without the knowledge of the value of data and how it's being used that can solve the problems that plagued Humanity since time immemorial and I'm not being hyperbolic I want to ask each of you one question sort of like a pointed question based on uh your background so Dino for example you just uh to look at the international view because you're at the un uh let me just rattle off a couple things that's happened just the last few years um in the okay so we have uh the European in the EU we've got the uh well yes we have gdpr for consumer protection that's important uh it had a big effect uh we we also have some um new bills coming down the pike uh there's things like for example the um in the United Kingdom we have the Online safety Bill uh for children uh basically you would have to reveal your age in order to surf the Internet uh because uh well how would you uh prove that you're over 18. there is ways there's verifiable credentials but the lawmakers have to learn about those uh
there's also the Cyber resilience act in the EU uh that for the first time might encumber open source developers uh to put stuff in their software or face prosecution I suppose uh how do you view this at the UN because obviously it's freedom of expression by open source developers and others that has historically been pretty protected but these days it seems sometimes we go after the makers of the tools uh you know to force them to uh spy on their citizens I guess been users good question so as has been said by people much more prepared in myself on international law it goes by saying without saying that the U.N is an international organization and therefore we are not subject to any of this legislation or jurisdiction you just mentioned however however we feel the duty to actually give the best examples in complying with this principle and therefore if you actually try to read our own internal regulation which by the way are public we try exactly to mirror if you will principles that are consistent and aligned with all these legislation that you just mentioned so specifically speaking about data protection and privacy in 2018 again it's something that you can easily verify publicly in October 2018 the high level management Committee of the UN which is a body that coordinates all the activities and the policy at the high level all the U.N entities the 50 is United entity that benedetta was alluding to before issue exactly 10 principles for data protection and privacy and if you read them you will see that by and large are reflecting exactly the same principle that have been initiated in those legislation at the national level being issued I will go a little step further and again try now to bring this to my specific personal experience so when we build this digital identity the solution for directory and beneficiary think about this distinction here you have the U.N building an application any solution for individuals that are no longer part of the UN because now they retire they reside in any 192 countries around the world they are Citizen and therefore they are subject to legislation that applies only to to their country so the challenge here is how can we design something that compliant with the first and foremost with the U.N regulation but also that sensitive to the potential other principal requirement of other countries although we are not subject to it so the solution and it's really not an easy solution is not perfect solution is to actually hold as less data as possible within the UN system I I think that's an important Point data used to be this thing that corporations wanted to hoard right it was big data and by making it costly sometimes toxic to whole data you don't need with gdpr pioneered then you got California's law as well uh now they have to do the calculation right the bottom line depends on how much data you hold why you hold it do you really need that data to have to get creative and why you need that data so here in the United States I want to I want to turn the United States um just to finish with International Australian hacking Bill very interesting bill uh allows authorities to even get access to your account to impersonate you in extreme cases maybe if you'll tell us to log on and say I no longer believe in this thing my father was dispersed I don't know um but here in the United States okay we've got we had things like sesta Foster which was a joke for child protection um the some like the eff the Electronic Frontier Foundation uh Free Speech Advocates the United States is a very strong protections for free speech I interviewed Noam Chomsky who was like the biggest critic of the United States many times and I got him to admit not I got him he admits this freely that the NSA says that even though he criticizes the United States He Praises it for being the biggest most free country in terms of free speech he says since the 60s of any country so a few things things are bad here go see how things are elsewhere um but we had um in the name of the children which I want to ask you you know Sister Foster was about also uh shutting down uh some speech or sites uh Craigslist I think was shut down uh voluntarily because of this also earn it act which was proposed l-a-e-d was another act uh basically there's an IRS reporting requirement for 600 that they proposed to pay for the infrastructure bill as well they wanted the Brokers to move your money like venmo to report anything over 600 this is not to mention fat Co which is the international uh guys uh unelected perhaps bureaucrats but they tell every country that a thousand dollars is uh the travel rule it says if they have to report anything moving like that so uh so to Utah uh yes I was going to say I was going to bring this up the uh in Utah they have a media law for children has just passed and uh basically the idea is look the children shouldn't be accessing certain sites and it's certainly true that um you know Tick Tock and Instagram has had a deleterious effect on right sure but uh teenage girls they did studies like record levels of sadness uh lots of you know the media machine applied to the teenage brain okay and you're seeing these perfect airbrushed AI models whatever and you're thinking of yourself who am I so I understand why Utah wants to do it how are they going to do it how are they going to enforce any of this I think this is a a great question to have and this is a great room to have the the conversation in because uh we're Innovative innovators so um Utah wanted to lead the way in in child protection um I think it's I think it's it's common sense and it's openly accepted globally that that children uh particularly when your brain is in development your frontal lobe is not fully developed we've all agreed that there are certain addictive substances that we shouldn't give to Children particularly while their brain is developing because then it patterns them for addiction things like tobacco and alcohol I mean how many of you think that's very reasonable to restrict children from alcohol and tobacco right Okay so then we further that and we say we can actually show using science that these social media sites trigger the same chemical response in the brain as tobacco and alcohol and cocaine even right it triggers those same those same areas and it causes an addictive reaction we also know through a generation that it is doing irreparable harm it's actually abusive I mean if there was a child who was in a horribly mentally abusive household then the government would come in and take that child out of that abusive household well on that same note these these social media sites we now have a decade of data that shows that this is incredibly emotionally abusive and that it's affecting the brain development so Utah we're leading and we've come forward and we've said two there's two different bills there's one for uh there's one for pornography sites um PornHub has geocached Utah and you can currently cannot access PornHub from the state of Utah because they've geocached that you have to verify your identity each time and then we also have the social media law that sang anyone under the age of 16 can't have a social media account between 16 and 18 asked to be restricted between 11 pm and 7 A.M so how are we going to implement that we don't actually know yet we did a delayed Implement implementation until January of 2024 because we value privacy we're looking for a way that we can do that can we get a third party provider or does the Department of Commerce in the state of Utah become that third party provider that can come in and gather that we already have that information we already know we already have your birth certificate we're the one who made your birth certificate right so can we come in and can we just send a ping to these providers and say we have verified that this person is who they say they are and yes they are over the age of 18. we haven't yet figured that out but that's really
what we need to talk about our Department of Commerce the legislators who passed the law those who sponsored the law they're all willing to look at a way how do we balance protection and privacy and can we use the Department of Commerce as an intermediary to do that but we need the underlying technology I really think this is good that the government blockchain Association exists because the people that the legislators need to talk to are the people who know about zero knowledge proofs okay and we're open to that in Utah I mean we're one of those crazy States that's open to zero knowledge proof we want that but we just yeah yes because thank you that conversation needs to happen because over the at the pond in Britain they think that you need to present literally your passport to access every website because they don't understand there's things like verifiable credentials and there's things like zero knowledge proofs where you could just say I'm over 18 without revealing who you are so that's something I think needs to happen and I'm glad you're here um okay so Frank before we jump on that real quick right it's about better medication it's about verification right so we just have a thing called civic duty and they used to be taught in schools and that would create we had called like societal uh cohesion meaning that we honored our neighbors and we treated them well and we give them a cup of sugar if they asked as opposed to seeing them as the other and would want to fight a bloody Civil War let's say right just pulling it out so yes there is a third option again which is the community policing of those who claim stewardship over this domain and talking about blockchain and token curated economies talking about building communities Greg right on shared first principles that start at the local level which is going to help solve a lot of extra money on me because I do that and we're just gonna start it but but then but then all the shared first principal communities can then link up through voluntary Association well in the 30 seconds that we have left I wanted to uh ask also Frank uh what if somebody could watch the Watchers like with Healthcare uh somebody uses your data they have to log why they use it how they used it in little parts of it what if we can apply that in all kinds of cases to solve rape on college campuses I'm saying this is this is a what if we had encrypted video everywhere but we only decrypted it with reasons and subpoenas and stuff what do you think um well that's a that's an awesome question big picture so so I think let's go back to the balance in 20 seconds sorry so the the answer I think is all things are doable via VIA technology I mean it's evolving very rapidly and we didn't even touch on all the generative Ai and all the Privacy aspects of all that stuff it really goes back to community standards what are Community standards how do we enforce those Community standards what what who do we protect in our society and how do we protect them how do we enforce the laws of the land all that kind of stuff has to be foundational in the governance structure for the for the technology to work effectively good or bad there's a reason that all the Sci-Fi a lot of sci-fi novels end up in dystopian versus utopian environments and those are the things we have to guard against when it comes to privacy and data sharing I would all right wait a second we have we've been trying to actually have greater amounts of Engagement with the audience and there was one question over here that we're going to give you time for thank you hi this is Jackie Cooper um just so you know I'm the GBA talk show host you're all welcome to be come on it um I do have a question my background's also law and I love the blockchain but when we're talking about families and we're talking about privacy sometimes we forget about the fact that we have adults and we have minors but we also sometimes have accidents that happen we have death that happens so when that happens we also have to think about how do we give access to family members so they can then access like with you know pension and retirement that aspect or other things because when we put in these privacy protections sometimes our family members don't know how to access so we need to think about some of the outliers so we can make sure that everyone is equal you know in the consumer protection side and also the Privacy side so as everyone is developing this just think about what are the consequences of the restrictions as well as the access points that we need for people that don't know yet so anyway thank you so the question is what what might be going on that you know of in the community to provide access to like in the UN let's say that someone passes but they still are allowed the retirement funds very very good question indeed that was one of our challenging use cases the way we addressed it is that we mirror what we do on the non-digital track so we have cases of minor that are eligible to receive the benefit of their parents that passed away so we have a procedure for legal guardian so we design the application to be issue using the biometric profile of the legal guardian and not the minor that was the first step the second step is of course we received almost immediately when we announced the intention to deploy the application from certain part of our client our user base the request to always keep an option for the manual process not too necessarily replace and substitute but just complement the process and therefore we're keeping a parallel process that is based on the manual process and not necessary on the digital one perfect thank you very much thank you panel that was great
2023-06-16 04:46