Single Point of Failure

One argument against having the government develop dossiers on every citizen en masse is that it introduces a single point of failure: if that repository is breached, all data is compromised in one swift stroke. This phenomenon is nothing new. Insurance companies have detailed information about the insured, and those repositories have been targeted, as we saw earlier this year in the Anthem attack that compromised the information of 8.8 million people. The government also collects lots of information on workers that it gives security clearances to, naturally. The information is quite detailed for a Single Scope Background Investigation, and that information is compiled into an 127-page SF-86 form (pdf, if you’re curious). It turns out those forms were compromised in the latest attack made by China on U.S. government databases. Decentralized systems are more robust because they avoid a single point of failure, and can still authorize parties to retrieve information as needed. One project that trends in this direction is Unhosted, which separates the concern of hosting the application from the concern of storing the data. ReadWrite has an explanation of the architecture.