Last updated on September 12th, 2018,

BitBoost marketplace: a different paradigm for user data

paypal and the e-commerce privacy problem

The E-commerce business has currently a privacy problem.

Every major e-commerce platform harvests personal data, often sharing it or even selling it to third party providers. For users of Amazon, PayPal and eBay, there are no choices about this. It is presented as a fait accompli, simply the price of doing business. Operating differently needs not just a different attitude to customer data, but a whole new business paradigm and platform architecture – which is where BitBoost’s marketplace, with its ‘Don’t track, Don’t store’ approach, excels.

The Internet is the most liberating tool for humanity ever invented, and also the best for surveillance. It’s not one or the other. It’s both.

– John Perry Barlow, cyber rights activist

The recent storm around Facebook and Cambridge Analytica has raised fresh concerns about the theft and misuse of personal data. But there is another dynamic at work within e-commerce and other online services: the harvesting and distribution of personal data to third parties, completely legally but without users’ explicit consent – and on a scale that many customers will find almost unbelievable.

Sharing economy, shared data?

It’s a truism that online services collect personal data, but users generally assume that this is stored securely and used benignly, typically to conduct KYC and ‘improve services’ or similar. Unfortunately, interrogating that assumption demonstrates it to be deeply flawed. Where the platform requires real-world information such as home address, phone numbers and so on – as major e-commerce platforms do – serious concerns may arise.

Take eBay, for example, which will freely distribute the data provided by buyers and sellers to any prospective transaction partner who asks for it. In practice, this can be anyone at all, subject only to them registering on the platform. This isn’t simply a matter of privacy – it may be one of physical safety. Many sellers operate from home as a full-time business and the details they give to eBay are their residential addresses and personal phone numbers. Anyone selling an expensive or rare item constitutes a honeypot for criminals. When one critic asked for further information, eBay answered with the following: ‘Typically the seller shouldn’t have anything to worry about, as we only allow members of eBay to request contact information. We allow any transaction partner (including a bidder) to request the buyer/seller’s contact information. This includes a phone number, and the address. This is for all members of the site, and something we’ve found be very helpful overall. There’s not a way to opt out of this as we expect it of everyone on the site, namely because we’re only a venue and don’t buy or sell the item directly.’

Remember that phrase: ‘Typically the seller shouldn’t have anything to worry about.’ It falls somewhat short of being reassuring. Meanwhile, the company pushed responsibility for any problems that might arise from external communication onto the seller – suggesting that any harassment be dealt with by local law enforcement.

Then there’s PayPal, the payments processor owned by eBay, which shares customer information with a staggeringly extensive list of third parties. These may not be other buyers and sellers, but they certainly make up for it in number.

eBay’s business involves matching buyers and sellers. Where the e-commerce platform acts more like a broker, there’s another dynamic at work. Amazon also collects a bewildering amount of personal information about its users, much of it based on their search histories as well as what they actually buy. It does not sell this information to third parties (it says); instead, the data is used to build up an extremely detailed picture of its customers in order to present them with items that match their interests. On the one hand that’s fair enough, but Amazon also make it impossible to delete the data it has collected on you – which they will share with third-party affiliates. Even closing your account will not work. There is nothing customers can do about this: those account records allegedly represent part of their ‘business transaction records’ and will be retained by the company forever.

BitBoost: privacy guaranteed

These concerns about the large-scale use and misuse of personal data are one of the factors that has led BitBoost to create a blockchain-based marketplace that operates on entirely different principles and values. Privacy is at the heart of the platform, which is built from the ground up to protect users’ data and takes a ‘Don’t track, Don’t store’ approach to personal information.

Mainstream e-commerce platforms require registration, which is the first stage of the long data-harvesting process that will ensue. BitBoost doesn’t need any email addresses or even a password; the platform is accessed via an Ethereum address that is no more than a string of random characters, and inherently pseudonymous. This is used both to identify users and make payments, with further information being provided on an absolutely voluntary basis. Since strong encryption is built into every blockchain, there are in-built safeguards around orders and communication between buyers and sellers.

Amazon and eBay use credit cards and payment processors like PayPal, which not only share financial data with a wide range of counterparties but mediate in the case of disputes – often investigating in a cursory manner or simply siding with the buyer as a matter of policy. Sellers are frequently hit by chargebacks as a result. With blockchain-based payments and smart contracts, effective escrow and third-party arbitration becomes a reality, and a feedback mechanism ensures that the best and most trusted arbiters are rated more highly.

Ultimately, this isn’t just a marginal improvement but a complete paradigm shift away from data sharing as a tool of doing business. Data is personal and BitBoost ensures that the user remains in full control of their personal data at all times. In the course of using the platform, privacy isn’t considered a privilege, or even a right that needs protecting wherever possible – it is a sine qua non, something valued so highly that its integrity is never threatened as a matter of both policy and design.