Quantum Computing Laws – Part II

Quantum computers will probably take over the various technology industries in the near future. It is called the “Fourth Industrial Revolution” and it will change the way we use and experience technology. These superfast computers have an extremely powerful computing power that is unmatched by traditional computers. Its technology is based on quantum physics. It will arguably disrupt many industries and will have a direct impact on cybersecurity and privacy. Quantum computers use “quantum bits” or “qubits” which can have multiple properties (i.e., they can be both 0 and 1 simultaneously) and can store electronic information. In other words, they can be in two states at one time which is called “superposition” by the experts. However, they are susceptible to distortion and therefore proper error correction is important.

The large technology companies such as IBM, Google, Intel, and Microsoft have invested a significant amount of their resources. In fact, IBM Quantum is an organizational initiative to build universal quantum computers to solve complex problems with its supercomputers. So, once this type of technology becomes more prevalent, other manufacturers will follow a similar path.

Cybersecurity will be directly impacted by these supercomputers because it will allow their owners or operators to infiltrate the target’s defense mechanisms. It may take a traditional computer a longer time to decipher strong passwords and hack into a computer network system. As such, the owners or operators of quantum computers will have a significant advantage when it comes to these procedures. Cybersecurity and privacy will be major concerns due to the nature of these supercomputers as they can potentially disrupt multiple industries. We know that electronic information can be protected by algorithms. Now, quantum algorithm is referred to as “Shor’s algorithm” which gives quantum computers a higher capability to decrypt information.

The European Union’s General Data Protection Regulation (“GDPR”), under Article 5, requires personal data to be processed in a manner that ensures appropriate security, including, but not limited to, protecting against unauthorized or illegal processing and accidental loss, and destruction/damage by preserving integrity and confidentiality. It states under Section 5(1)(f) that: “personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.”

In general, this should be done by using proper technical and organizational measures such as firewalls, encryption, and two-factor authentication. However, considering a quantum computer’s capability to infiltrate the network system and crack strong passwords, that organization may be penalized for its failure or refusal to comply. Also, Article 22 requires the right to explanation regarding automated profiling decisions. And, as such, quantum computers which will have extreme computing power and capabilities, can circumvent the mandatory compliance process.

Quantum computers will have a direct impact on the protection of personal or confidential information that’s been stored on local and remote servers. In other words, cloud computing will also be affected by these supercomputers. Therefore, state, federal, and international legislation should be modified or updated to address the issues.

Our internet and technology lawyers have been prosecuting and defending legal actions in state and federal courts and are available to speak with their clients. Our law firm assists clients in matters related to privacy and cybersecurity and the related state, federal, and international laws. Please contact our law firm to speak with an internet attorney at your earliest convenience.