Privacy or Truth?
Making data public in a blockchain can keep fake data to a minimum, but that might be too high a price for corporations.
The companies that do the best job on managing a user’s privacy will be the companies that ultimately are the most successful. — Fred Wilson
By principle a decentralized application cannot be controlled. Usually a set of economic incentives are designed instead, guiding its evolution towards a chosen goal. In supply chain that goal includes complete and correct data, but the incentives that take the solution to this desired state also require making data publicly available, which is understandably a difficult choice for private corporations.
In this article I want to discuss how a supply chain blockchain solution can ensure the accuracy of the data contained at the expense of privacy. This understanding is critical for architects and business leaders considering blockchain technology.
Using a blockchain doesn’t guarantee that the stored data is accurate. False data can be introduced, but the radical departure from norm is that the immutability properties of a blockchain allow to implement strong negative incentives for careless or malicious use.
Any user entering false data in a well-architected blockchain is permanently at risk of being found out, and the longer he persists in damaging behaviour the more likely it is that he will be caught and punished. In the long term, this reduces the amount of false data in the system to a minimum, even if it can’t ever be guaranteed to be zero.
Using a blockchain doesn’t guarantee that the stored data is accurate. False data can be introduced.
Allowing the data in a blockchain to be reviewed for accuracy has serious implications for privacy. The questions of what data needs to be made available and who to needs to be carefully considered.
The guarantee that data in a blockchain will be mostly true relies on the immutability property to make careless or malicious actions visible permanently to those looking for them. The higher the probability of being caught and punished, the more infrequent false data in the blockchain will be.
The customers at the end of a supply chain are the most likely to find out unexpected results out of a transaction, and are as well those with a strongest incentive to carefully analyze the supply chain data leading to the unsatisfying transaction, looking for the point where something might not add up and raising it to the relevant authorities. These could be the human resources department of the company that introduced the data, a legal body, or twitter.
The use of economic incentives is central to the concept of blockchain solutions and many have been proposed that encourage participants provide useful services to the market, such as verifying documentation, acting as market makers or resolving disputes.
The higher the probability of being caught and punished, the more infrequent false data in the blockchain will be.
Implementing an economic incentive that encourages users to look for incongruent data would be trivial and not very different from the way that bounties are implemented today to reveal bugs in publicly released software.
Finally, we can also conceive of some police force regularly analyzing the blockchain data. This is a centralized approach that has been extensively used during human history and is relatively effective, even if commonly plagued by not enough resources, occasional abuse of power, and corruption.
Data in a blockchain is neither secret nor anonymous, despite the use of cryptographic methods. Cryptography is used in blockchain for the unconventional purpose of guaranteeing only immutability of data, not privacy.
Cryptographic algorithms are used to calculate hashes of data which are like a tamper-proof signature. If the data has been tampered with the associated signature won’t match and tampering the signature is very difficult without the private key used to generate it. By using cryptography we ensure that the data in the blockchain is read only and therefore immutable.
However, data in most blockchain platforms is public by default. All bitcoin transactions are recorded in the bitcoin blockchain and anyone can review all of them. That’s how we know the address of Satoshi Nakamoto, that he holds about a million of bitcoins worth $7B at the current valuation, and that he hasn’t made a single transaction since 2012.
Data in a blockchain is neither secret nor anonymous, despite the use of cryptographic methods.
Bitcoin was supposed to be anonymous because there is no direct data linking a bitcoin address with any personal data. The reality is that since transactions are public it is possible to infer who does a bitcoin address belong to, by analyzing its transactions and especially interactions with real world services and currencies. The same can be applied to corporations that include just hashes of encrypted data in a blockchain, their transaction patterns can be analyzed.
The public nature of blockchain is something that has held back its use by corporations, since they can’t reasonably make all their transactions public. The only blockchain implementations that are seriously being considered by corporations are those in that it can be controlled who can see the transaction data.
But hold on, if you make your transactions and their data completely private, how can independent and impartial reviewers check whether it’s accurate? Not an easy answer.
In an corporate supply chain implementation of a blockchain, there will be a trade-off on what information should be revealed and to who. Enough data must be made public so that accuracy can be enforced, but the users’ requirements for privacy also need to be met so that they feel secure using the platform.
In some cases the data can be revealed to a professional enforcers, which preserves privacy to a degree, but is prone to centralization and corruption. In some other cases the data can be revealed to a wider public which would be encouraged to look for malicious actors in exchange for rewards.
Enough data must be made public so that accuracy can be enforced, but the users’ requirements for privacy also need to be met.
In a supply chain use case it would be conceivable to reach an agreement with all participants in that supply chain data is public to all, but financial information available only to the tax authorities. This is only a example of many possible privacy models, which must always ensure that the privacy of the data introduced in a blockchain is configured in such a way that:
- Users feel safe with how much of their private data is shared.
- The data introduced in the blockchain can be analyzed for policing purposes.
The accuracy of the data in a blockchain data structure can be policed by the use of regulation or by the use of economic incentives, but it ultimately derives from the immutability properties of a well-architected blockchain solution.
While the Bitcoin implementation relied on complete transparency to ensure the accuracy of its transactions, corporate use of blockchain requires a more refined approach that balances the need for accurate data with the privacy requirements of its users.
The priorities will be different for each use case and a very careful analysis needs to be done before choosing the right point in this trade off between data privacy and data accuracy, neither extreme is necessarily the best choice.