By the Blouin News Technology staff

Stefaan Verhulst on hacking, trust, and big data

by in Personal Tech.



2014 has been a shaky year for trust in technology. Even as disruptive, innovative technologies hit the scene on a regular basis, users’ trust in their capacity to properly safeguard personal information plummeted. At the same time, revelations of large-scale hacks, i.e., the recent debacle at Sony Pictures, have done little to assuage growing user distrust. In an interview with Blouin News, Stefaan Verhulst, co-founder and Chief Research and Development Officer for the Governance Laboratory at NYU, described some of the security and ethics obstacles faced by technology companies and governments in creating a framework for the use of big data.

Verhulst said that on a policy level, 2014 has been the year of the debate over the ethics of big data: how it can be used in research; how it can be used for informing decisions; how it can be used for marketing purposes. “What are the ethical frameworks for this?” he asks. “I haven’t seen a framework that is solid and accepted.”

He mentions that there have been efforts to create alternative services for those looking for different ways of exchanging data. He noted that Ello — an alternative social network — has provided something akin to a new environment for data exchange. And Tim Berners Lee is coming out with “a new model of how information is exchanged, which they call Crosscloud. But ultimately, a framework for trust is needed that does not currently exist.”

Another framework that is missing is one for retaliation when it comes to cyber hacks. The questions around North Korea’s suspected participation in the hack on Sony Pictures raises questions about an international structure for retaliating against digital acts of war. Verhulst says that there is sufficient capability right now to overcome the attribution challenge, meaning how hacking sources are identified. But the biggest challenge is what to do in response. What is the reaction if one country digitally attacks another? “There is no retaliation framework that is internationally accepted,” he says. “Traditional legal frameworks are harder to apply because there is always this level of uncertainty. There is concern of elevation with regard to how you would retaliate.”

Verhulst says that what is more important is the responsibility to support the investigation. According to the expert, there needs to be an international agreement and support for investigation into cyber hacks whose origins are known. Of course, the sophistication of some breaches — Sony’s included — make investigation and origin-determination difficult. Nonetheless, international coordination is needed to combat cyber criminal activity.

Clearly, there is work to do. But thanks to increased understanding and use of big data, as well as ongoing work on a global scale to develop technology to combat cyber crime, progress might just inch along over the next year.