“Personal Data of 2.3 Million Disaster Victims Was Released by FEMA”
The distressing headline is from the New York Times. When we think about refugees, our mind quickly flashes to images of millions leaving Syria because of the war, boats on the mediterranean or a caravan of Venezualeans fleeing because of starvation. But climate change and natural disasters do not discriminate and everyone is at risk of becoming a refugee.
It even happens at the heart of the most powerful country in the world. The United States. In the past few years, the California wildfires and Hurricanes Harvey, Irma and Maria led thousands to be displaced, refugees within their own country.
These people, already vulnerable, can become even more vulnerable if a malicious third party is able to access and use their private information.
As reported recently by The New York Times, The Federal Emergency Management Agency (FEMA) “unnecessarily shared sensitive personal data of more than two million disaster victims with a contractor” potentially subjecting them to fraud and identity thefts.
A memo written by the Office of Inspector General of the Department of Homeland Security “found that 20 data fields were unnecessarily shared with the contractor, including details about the victims’ financial institutions, electronic funds transfer numbers and bank transit numbers”. (source)
Privacy and security of personal data is paramount and something that the current identity management systems have difficulties in providing.
A digital identity management system focused on people’s well-being and leveraging Sovrin’s blockchain technology allows for sharing and requesting of personal data in a private and secure manner. Without the need for an organisation to excessively store sensitive information that may be subject to leaks. The user is in full control over their personal data and decides what data they share and with whom.
This is done through the use of distributed ledger (“blockchain”) technology and Zero-Knowledge Proofs.
Blockchain technology allows for an organisation to verify the validity of the information provided by, say, a person affected by a disaster, without having to check the actual data. Instead, an organisation checks the validity of the signature of the institution who issued and attested the provided data.
Zero-Knowledge Proofs, in the form of Schnorr proofs with Pedersen commitments, allow a person to prove that their personal details fulfil certain requirements (such as being eligible to receive shelter aid) without revealing the actual details.
We believe in a future where identity is portable, private and secure and that no one has to be even more vulnerable after suffering the devastating effects of a natural catastrophe. Because people matter.