I connected the dots from what I initially thought were unrelated events over the past few days.
My AmEx card was refused for a $6 charge at Los Amigos car wash in Harlem. It seems that the ever attentive folks at American Express decided that I was in the wrong zip code — all of 2.9 miles from my apartment, according to Google Maps — that this constituted suspicious behavior, and that I might not be me.
I was renting cross-country skis from a ski shop with a friend who is a regular customer. Clerk asked friend for his name and address, and friend said, “I’m sure I’m in your system.” Not so. “We don’t keep customers’ data,” clerk replied sharply. “We’re not the NSA.”
A juicerista at a local juice bar suddenly announced that “the system is down, and we are accepting only cash.” A groan arose from the line, and half the customers left.
At a restaurant I waited 20 minutes for friends who arrived late for dinner because the parking-meter readers kept rejecting their perfectly sound credit card. (Maybe they, too, were more than 2.9 miles from home.)
Get the picture? Besides giving you a glimpse into my humdrum existence, the above brings home the point that our lives are increasingly governed and arbitrated by data and networks.
Yes, of course, there have been unquantifiable gains in productivity, convenience, and happiness (ATMs! highway toll readers! Amazon!), and let me be clear that in no way am I any sort of eLuddite, but it is important to recognize two points: First, the rate of change here — and by “here” I mean the amount of our data and the number of our transactions occurring online — is increasing lickety-split. And second, our ability to understand and control the consequences of this increasing change is not keeping up. The consequence gap is proving highly problematic. The potential magnitude was recently brought home with the breach of up to 110 million accounts at Target — nearly the same number as total American households. But with all due respect to Target customers, this is more a matter of scope than of seriousness.
Last month I moderated a two-hour session at the World Economic Forum in Davos on Rethinking Personal Data, with all manner of seasoned and interested CEOs, academics, and NGO heads. It was amazing to me how broad and open-ended our conversation was — from banking-transaction security to social network privacy to individuals’ rights to telecom databases to government spying. Not surprisingly, guidelines, conclusions, and pretty bows were few and far between. Again, this world is changing and growing so fast that we can’t even understand it, never mind shape it.
It made me curious to see what law enforcement’s take was, and I found this: a Reuters story on a recent FBI report, “Recent Cyber Intrusion Events Directed Toward Retail Firms,” where the FBI noted, “We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms’ actions to mitigate it.” Gee, guys, you think?
The real shocker will be how and where our society is hit, and whether we can avoid some sort of Techmageddon that would, say, shut down the banking system for a week or cut off all power in the northern half of the country in the winter. Preposterous editorial fearmongering? Sadly, I say no. To me it’s not a matter of if; it’s a matter of when.
This story is from the February 24, 2014 issue of Fortune.
