Blockchain technology has been in the limelight of recent. New use cases stretching across multiple industries were swelling. Governments, large corporations and agile startups deployed successful pilot projects, showing that blockchain indeed has a “life” beyond cryptocurrencies in manufacturing, investing and other industries.
This year has also been a complicated one security-wise. Multiple data breaches have made both users and legislators question how businesses should be treating the data they are entrusted with. New compliance requirements tackling user privacy and data collection (GDPR) have emerged. These two trends seem to merged into a single new one – businesses are now thinking whether blockchain can be that “magic bullet” for tackling data privacy issues.
“Blockchain has the technological underpinnings to ensure better data security,” said Xiaoyang He, founder of Lambda, a secure and scalable decentralized storage network with a mission to promote the decentralization of the Internet.
Blockchain is a decentralized technology, functioning as a distributed ledger, shared across multiple of devices worldwide. All the data recorded to that ledger is stored in a distributed fashion, eliminating the single point of failure – the central data repository most cyber criminals tend to target right now. According to Xiaoyang “Breaking into an individual block to steal some recorded information is virtually impossible at this point. Altering or in any other way hampering with a string of data entered to a blockchain-ledger is even less likely.”
Secondly, blockchain technology has enabled the new type of storage for any types of virtual assets – legal documents, healthcare records, payment or identity information. “Once these data points are codified and entered to the ledger, there’s no way of copying or duplicating that information without the owner’s explicit permission, granted technologically,” explained Xiaoyang. “Securely exchanging such cryptographically protected records, however, is simple. The sensitive information does not ‘change hands’. The two users just exchange their keys for accessing and reviewing that information. And one party can revoke that access any time.”
Such “permissioned” accesses, powered by the blockchain, is now being actively explored as a new solution for remaining GDPR compliant.
Emerging Use Cases of Blockchain For Data Privacy
IBM is among the first companies to hop on the bandwagon. Last September, the tech giant filed a new patent for a blockchain-based system that will handle privacy and security concerns for drones.
The outlined solution can be used to manage sensitive data exchanges such as those related to drone’s location, its manufacturer and/or model, its flying behavior, the vehicle’s proximity to restricted or forbidden flight zones and additional information required for smooth operations. The patent further indicates that smart contracts may be leveraged to securely “feed” additional data to the described blockchain system.
General Motors seems to be following suit. The company just filed a patent describing how self-driving cars could store all the necessary data on a distributed ledger and exchange it with other entities plugged to the system e.g. authorities, public facilities such as airports and other participating self-driving vehicles on the roads. Clearly, more and more companies are viewing blockchain as a secure data exchange solution to power IoT devices and “smart” gadgets, transmitting sensitive data.
Lambda looks into spinning off the value of blockchain for data privacy even further. This new blockchain infrastructure project tackles decentralized data storage from a scientific perspective, leveraging two different approaches – Provable Data Possession (PDP) and Proofs of Retrievability (POR) – to create an immutable and secure solution for storing, recording and exchanging large volumes of data between multiple parties. Their platform can serve as an alternative to on-premises and cloud-based solutions, with an added layer of security and transparency. For businesses bound by strict compliance requirements, decentralized storage can be a significant lever to remain compliant without increasing operational costs.
MedRec, a project launched at MIT, pursues a similar goal, but for the healthcare industry. The project positions itself as “a network, not a service,” enabling seamless and secure healthcare information exchanges between patients and services provider. Patients can retain full control of their information and give access to their records to providers, rather than the other way around as it is now. Healthcare professionals can join the network and make the patient data available on-demand, with the patient’s permission. They already ran a series of pilots with research partners, and currently, work on further improvements. Solutions similar to MedRec can reduce the numbers and costs of healthcare data breaches, still reigning supreme in the industry and power the development of new HIPAA compliant EHR solutions.
Blockchain has a significant potential to change data transactions in the future, making them more secure and permission-based. The successes are still too early to be called definitive, but they certainly demonstrate what we can expect when blockchain finally moves from the margins to mainstreams.