Facebook, Twitter, Instagram, and other social media platforms have played a crucial role in driving the continued explosive growth of the internet sector; there's no denying their importance. But privacy concerns have grown apace, as user data fuels almost every Web 2.0 platform's revenue model. After all, these companies use such data to show highly targeted ads and recommendations to their users; it's how they make money. Without data collection, these free services wouldn't exist.

With the big tech platforms, like Google and Facebook, dominating global web traffic, these companies have access to the personal data of the bulk of internet users worldwide. Yet a majority of users do not trust these companies. For example, a 2021 survey found that US internet users widely distrusted Facebook, TikTok and Instagram to handle their data "responsibly" - despite continuing to rely on these services. Is it too late to find our way out of the privacy trap?

How we got here

In Web 2.0 - the wave of internet development that relied on user-generated content to fill centralized websites - platforms came to know quite a lot about their users, from their likes and dislikes, habits, and even sleeping patterns, to their political opinions. That knowledge was used to provide a personalized user experience, including targeted advertising, that aimed to influence internet users on almost every decision they make on a day-to-day basis. It turned out that besides haunting users with ads for products they'd been looking at, these very well-informed providers could manipulate their user base politically.

When the Cambridge Analytica scandal revealed the dark side of data-powered web platforms, public opinion started to turn against this model. Happily, at the same time, an alternative was emerging in the form of Web 3.0 (more commonly called Web3). This blockchain-powered iteration of the internet, driven by a desire for a more "fair" internet, offers new ways to serve user needs without data harvesting.

Restoring transparency and control

One key driver of decentralization is the desire to break the power of the tech giants, but decentralization is not in itself a step forward for privacy. It is, however, a way of restoring power to users. Web3 platforms are typically built on a distributed ownership model, in which users participate in governance. That gives everyone a say in how their data should be used, while the transparency inherent to blockchain provides clarity on what's actually happening. Instead of having to trust that your service provider is being careful with your data, you can actually check their behavior for yourself.

Alain Brenzikofer, CTO and co-founder of blockchain data processing platform Integritee, says: "For a long while, normal internet users weren't really bothered about data privacy. The general attitude was, 'I have nothing to hide so I don't care!' But people now have a much clearer understanding of what's at stake." 

Integritee is an example of a Web3 approach to data services, prioritizing security in its design through the use of trusted execution environments. That's a kind of secure hardware element that enables data processing without giving anyone access to the underlying dataset. If the code running in the TEE is open-source, anyone can check the rules governing how their data is being used.

This kind of user empowerment is core to the decentralized web. Nobody can take ownership of your data - control remains in your hands. Says Brenzikofer: "In Web3, we are aiming for users to have the final decision on whether they want their data to be shared, with whom, and on what terms. Even if they agree, they can put a stop to it at any time they want."

It may even be possible for users to monetize their data, releasing pieces of information as needed in exchange for crypto micropayments. As yet this is just an idea, but the tech is there; we can expect to see concrete efforts in this direction soon. Old models that take data harvesting for granted will need to be rethought.

Better security

It's not just about consent, either. Centralized services have shown themselves to be very attractive to hackers, meaning that over and over again, ordinary users have been shocked to find their personal details - anything from addresses, to passwords, to healthcare information - exposed in a large-scale breach.

The new generation of data platforms makes resistance to such hacks a priority. Integritee's TEE-based structure, for example, ensures that no one - not even an administrator - has access to the data locked inside its hardware. Another approach is to distribute data storage across multiple devices in "shards", removing the single point of attack that makes for such a tempting target.

In both cases, security is built in by design, it's not an afterthought. The new generation of internet services is rethinking the entire Web 2.0 approach that treated private data as a public good, there to be exploited without compensation, consent or confidentiality. What came out of that showed just how powerful data analytics can be. Web3 recognizes the value of data - and finds ways to benefit, without exploiting or disadvantaging the users generating that value. It's all part of the more democratic ideals of the decentralized internet.