Could Blockchain Solve Our Personal Privacy Issue?
Blockchain has been on the back shelf lately, and for good reason. The miracle technology that promises to secure everything from copyrights to escrow processes has hit what could be deemed an adoption slump. It seems we all know blockchain is potentially good for a lot of things, but there are still many questions standing in the way of its adoption on a mass scale. Could personal privacy protection with blockchain be the thing to push the tech into the mainstream?
First, some background. Blockchain—in case you haven’t been following fintech news—is the secure ledger behind bitcoin, the legendary cryptocurrency. Despite its association with bitcoin, it turns out blockchain has tons of uses beyond the secure management of digital currency. Because of the way blockchain works—creating an immutable ledger of information—it makes user fraud incredibly difficult. That means it can be used to prove the authenticity of pretty much anything it tracks, and it can bridge the “trust gap” in any business exchange. So, how does personal privacy protection with blockchain work?
Technologists believe that blockchain could someday replace things like usernames and passwords by providing us—as in, all of us—personalized, encrypted digital identities that we can use to manage everything from online information to our personal medical records. Blockchain will track and store all of the data personal to us, and because of its immutable nature, that info will remain safe and secure. That is, in theory, that’s what personal privacy protection with blockchain would look like. The question is, are we really ready for blockchain to allow us all to create our own digital watermark? And can we really trust it to keep our personal information safe?
Personal Privacy Protection with Blockchain: Privacy vs. Protection
One of the biggest issues with trying to build personal privacy protection with blockchain is the fact that privacy and protection are two very different things. I recently wrote an article about this exact issue. Privacy is one’s ability to determine what type of information is collected about them. It’s the ability to decide that a web site won’t collect data on the types of products we browse, the types of songs we listen to, or the times of day we like to shop. Protection is how well the data is secured once it is has already been gathered. The first part, privacy, is a right of the user. (A right that is often violated in today’s digital culture.) The second is the responsibility of the data gatherer. Both privacy and protection are important, but blockchain does one part far better than the other.
Case in point: because blockchain is immutable, it means that a user will never have the option to go back and “erase” certain parts of their personal history if they wish to remove it from the blockchain itself. This single issue already defies the EU’s General Data Protection Regulation, which says that all users have the right to be “forgotten”—i.e. the fact that I shopped for a certain book title on Amazon should not exist in the data ether forever. But with blockchain, it would. In this sense, blockchain is good for security but bad for privacy, which makes its adoption as a personal privacy insurance policy that much more ubiquitous.
Personal Privacy Protection with Blockchain: Moving Forward
I’m not saying we need to throw the blockchain baby out with the bathwater. I’m saying the current state of blockchain is not immediately useful in terms of protecting personal privacy in the way we currently define it.
In today’s marketplace, data is value. Every single search we perform on Google, every item we buy online, every time we use our valued customer ID at the grocery store—all of this information is being tracked because it is worth something to someone. The Internet of Things, and the network of billions of connected devices we’ll all be sharing, means that we’ll soon be providing exponentially more information about ourselves to anyone willing to collect it. That’s where I believe blockchain holds the most personal privacy protection potential.
Blockchain represents the ability to empower users to decide which data they are willing to share, and with whom. No, they won’t be able to delete data collected about their visit to a certain porn site. But they could turn off access to that node of the blockchain to ensure that no one else knows the visit ever happened. (Until at some point, the blockchain gets hacked. Because even despite their high level of security, they can get hacked. And that’s another area where personal privacy protection with blockchain remains problematic.)
Here’s the thing: there’s tremendous potential for personal privacy protection with blockchain. However, we are years—and years—out from having the type of coordination we’d need to see from governments, businesses, people, and regulatory bodies to make it a reality. My guess is that we’ll see certain companies begin to experiment with offering nodes of blockchain protection for their customers, but we won’t see a united blockchain encrypted identity service for at least five years or more. Could blockchain be the personal privacy protection solution we’re looking for? Maybe—someday. But in the fast-moving age of digital transformation, today is the day I’m most worried about.
The original version of this article was first published on Forbes.