Internet users want control over their data and visibility into how their data is being used. An evolution of today’s web, already mapped out by Sir Tim Berners-Lee, can provide both. Credit: greenbutterfly Web 3.0, or Web3 if you prefer, refers to a new web paradigm that promises to make the internet fairer and more secure by putting users in charge of their own data and identities. Web 3.0 promises to empower all of us with unprecedented levels of control over, and visibility into, how our data is used. To Web 3.0 evangelists, this revolution is achieved via a fully “decentralized” internet built on blockchain. Needless to say, this is a departure from all of the existing constructs of the web. However, it’s not reasonable to expect everyone to throw away what they currently have and start over. After all, what we have is pretty good at a lot of things. We need to shift the paradigm, not overhaul it. Instead of a revolution, what we need is an evolution of the web as we know it, to enable the capabilities promised by Web 3.0: security, privacy, consent, user-centricity, interoperability, and more. As currently considered, the Web 3.0 promise is missing something—namely, the logical next step toward a better internet. This logical next step has been provided by the originator of the web himself, Sir Tim Berners-Lee. A practical step toward a better internet In order to disentangle the promise of Web 3.0 from the implementation details of blockchain, it helps to consider what people actually want out of the next era of the web. What many of us want is visibility, choice, and a reasonable degree of control over our data. We require the ability to know who has access to our data, to know how our data is being used, and to decline consent if we’re not comfortable with sharing certain data. Perhaps most importantly, we want our data to be used for our benefit. Blockchain can help with these goals in certain cases. Because blockchain is a protocol for reading and writing data in a decentralized and immutable way, it can help make the ownership and historical integrity of data easier to manage and access. Certain finance, supply chain, and chain of custody use cases are perfect fits for blockchain as a result. But there are many more technical capabilities required for Web 3.0 solutions to deliver visibility, choice, and control over data. In order to build Web 3.0 apps that are fast and flexible, we need a tech stack with solutions for identity, data management, application interoperability, access control, and consent. Fortunately, solutions to these requirements already exist in the form of emerging web standards and technologies, including those encapsulated in Solid, Berners-Lee’s new system for organizing data, applications, and identities on the web. Let’s look closer at these requirements and what complete solutions need to look like. Web 3.0 must rely on identity and access control What most people want and need is visibility, transparency, and consent over their data. In particular, individuals need guarantees around confidentiality between themselves and trusted parties, partners, and institutions. For example, my medical records are between me and my doctor. My finances are between me, my financial institution, and my accountant. Whenever more than one party requires access to data, we need a robust and unambiguous access control system to manage confidentiality—not a public ledger of who owns which data point. These types of flexible data relationships require identities on the web that are not tied to any particular vendor or application. Solutions such as decentralized identifiers and web identifiers are already gaining traction in this space, but the solutions must be finalized and integrated with the rest of the web stack. Fine-grained access controls are also required for an end-to-end solution. Accordingly, web standards are emerging that aim to provide simple privacy controls over user data. These standards are incorporated into Berners-Lee’s Solid technology, which is designed to be an end-to-end solution for identity, applications, and data on the web—all built around personal online datastores (Solid Pods). What would this look like in a Web 3.0 world? Today, when you install a new app on your smartphone, you will receive a notification requesting access to various classes of data stored on your device, such as your contacts, pictures, or location. You’re given the option to grant that access or reject it, and you reserve the right to revoke access to those applications and services at any time in your privacy settings. A true Web 3.0 solution would bring this user experience to all of the data about you on the web, such as your financial records, medical data, browsing preferences, and ecommerce data, not just the data stored on your phone. Web 3.0 applications must be interoperable The web today is characterized by fragmented data. Every web user’s data is scattered across countless organizations, each with its own silo. Nearly every company in the world struggles to capture a valid and consistently up-to-date, 360-degree view of its customers. Companies integrate numerous platforms and data warehouses to avoid data duplication, staleness, and decay. All of this effort leads to incredibly complex infrastructure, which is a compliance and liability nightmare, and results in only a handful of companies having the resources to set themselves apart. This means that success continues to be determined by which companies can hoard the most data and not who delivers the best services. New web technologies like Solid solve this problem by building on already widely adopted web standards to ensure interoperability at an application and protocol level. Building on these standards prevents lock-in for users and enterprises alike. Application interoperability is necessary for organizations and people to work with each other seamlessly on the web. An interoperable data standard gives organizations a single authoritative source of truth while reducing operational overhead and simplifying infrastructure. Because each individual is empowered to control and update their own data within the framework, the information will be both accurate and up-to-date. Such a system also provides transparency and visibility into who has access to which data and what that data is being used for, which protects the individual’s data privacy rights and complies with modern privacy legislation. Web 3.0 must be distributed With web-native solutions such as Solid, data is distributed. This means that regardless of where personal data is physically stored, it is connected to the person it describes, and the data is interoperable across systems. People are able to revoke access to most classes of data if they choose, but there is also support for cases where access must be granted to certain entities for compliance and governance reasons. Decentralization is an extremely popular concept with Web3 evangelists. But requiring physically decentralized storage does not always mesh well with organizations that require governance and compliance. For example, if regulatory compliance requires special measures to be taken to protect certain classes of data housed on servers, organizations will generally struggle to adopt blockchain (or any solution based on decentralized storage) because they will have no simple means of identifying and governing those different classes of data. In addition, complete decentralization forces each individual to self-govern their data—a situation most people don’t want. Realistically, the majority of people do not have the knowledge and skills to do this effectively or safely, given the complexity of today’s data ecosystems. Full self-governance leaves end-users and their data more at risk, defeating a central purpose of Web 3.0 and regulations such as GDPR, HIPAA, and PCI. Blockchain is an impressive technology that can be highly useful in specific contexts. But it does not provide the end-to-end capabilities needed to serve as the foundation for the next evolutionary phase of the web. Achieving the full promise of Web 3.0 will require Solid technologies and standards that enable interoperability and fine-grained access control within a distributed and compliant system. These capabilities serve to engender trust as people gain visibility, transparency, and consent over their data. The logical next step toward a better web is for organizations to adopt this new infrastructure as the focal point of sharing critical data across their services and businesses—enabling governance and seamless flow among internal systems, external partner organizations, and users. For enterprises and governments, the endless integrations and operational workarounds necessitated by data silos would give way to an architecture that synchronizes consent-based data between the user and the organization. This is the empowerment that Web 3.0 aspires to and the vision that Solid is working to make a reality. Osmar Olivo is VP of product management at Inrupt. — New Tech Forum provides a venue to explore and discuss emerging enterprise technology in unprecedented depth and breadth. The selection is subjective, based on our pick of the technologies we believe to be important and of greatest interest to InfoWorld readers. InfoWorld does not accept marketing collateral for publication and reserves the right to edit all contributed content. Send all inquiries to newtechforum@infoworld.com. Related content feature 14 great preprocessors for developers who love to code Sometimes it seems like the rules of programming are designed to make coding a chore. Here are 14 ways preprocessors can help make software development fun again. By Peter Wayner Nov 18, 2024 10 mins Development Tools Software Development feature Designing the APIs that accidentally power businesses Well-designed APIs, even those often-neglected internal APIs, make developers more productive and businesses more agile. By Jean Yang Nov 18, 2024 6 mins APIs Software Development news Spin 3.0 supports polyglot development using Wasm components Fermyon’s open source framework for building server-side WebAssembly apps allows developers to compose apps from components created with different languages. By Paul Krill Nov 18, 2024 2 mins Microservices Serverless Computing Development Libraries and Frameworks news Go language evolving for future hardware, AI workloads The Go team is working to adapt Go to large multicore systems, the latest hardware instructions, and the needs of developers of large-scale AI systems. By Paul Krill Nov 15, 2024 3 mins Google Go Generative AI Programming Languages Resources Videos