Wherever something is wrong, something is too big

In mid-July 2024, computers in large parts of the world were hit by serious IT problems. Massive disruptions followed at airlines, stock exchanges, and stores globally. Nearly 10 million computers were affected.

Another common problem today is the leaking of user data.

The American telecom giant AT&T recently reported that data regarding 110 million of its customers’ call records (who called whom, where they called from, and when they called) had leaked out. This was the result of a breach in the cloud storage company Snowflake’s systems. Earlier in March, the same telecom company leaked 73 million customers’ data. An American company handling health records and insurance claims admitted in June that “a substantial proportion " of Americans’ data had been leaked, including medical records. Meta leaked details for [200]0 Facebook Marketplace accounts earlier this year.

In the league of IT security breaches, the company Yahoo currently holds the gold medal. They leaked three billion users’ data as early as 2013. However, this year’s breach at Snowflake appears to be even larger, potentially affecting 165 companies .

Leopold Kohr wrote in The Breakdown of Nations (1978) that “Wherever something is wrong, something is too big”. Could this be the case?

What resulted in stranded travelers and non-functional store cash registers worldwide is the fact that the IT security company CrowdStrike is the market leader. A minor issue with them can quickly lead to global consequences. If companies and organizations had used a wider variety of systems, the scope of the problems would have been significantly smaller.

Similarly, IT leaks become so extensive because data is collected in single locations. If data were largely stored across different systems, placed in separate locations, the scope of the leaks would have been far more limited.

A more effective way to handle the problem of IT leaks is to avoid collecting data. The government’s decision not to proceed with a Swedish “super register” is one such example. Data that has not been collected cannot leak. However, within the EU, a register is also under investigation that could become even more “super” than the Swedish one. A wide range of assets could eventually be registered : bank accounts, real estate, vehicles, artworks, and precious metals. Why not jackets as well?

In Sweden, the Riksbank and “private” banks will also eventually be able to keep “tabs on all” citizens’ transactions with e-krona (a central bank digital currency). Coincidentally, the Riksbank collaborates with the IT security company TietoEvry, whose flaws in early 2024 led to massive IT disruptions, feared data leaks, and police reports .

“Socialism means keeping account of everything. You will have socialism if you take stock of every piece of iron and cloth”, said Vladimir Lenin 1917. From an IT security perspective, however, the optimal approach would be to completely avoid “keeping account”. And if our so-called leaders still wish to collect data, we should hope they are sensible enough not to put all their eggs in one basket.

Cover image: AI