Data protection is a serious topic at BitBoost. We are using our blockchain solutions to empower people, and for us this also means giving people back control of their personal data at any moment, not storing it without their consent, and not using it for unintended purposes. Furthermore, we have implemented our solution for data protection over the Ethereum blockchain.
We do not store any personal information from sellers or buyers. Every user will just need to provide a password to create their own personal wallet, with an alphanumeric address and alias as their only ID. With this wallet, address, and alias, users will be able to fully use our blockchain-based marketplace, and they will only provide their personal information to sellers, and just for delivery purposes. This information will never be stored or transmitted unencrypted, so no third party, including us, will be able to access it.
Nevertheless, the management of information in the blockchain brings some new issues to deal with, compared to centralized ledgers systems. First of all, all information stored in the blockchain will be available for every node in the network. This means that the responsibility for storing and managing information is distributed, and different data protection jurisdictions might apply, depending on the location of the nodes. In our case, we are applying EU laws and its General Data Protection Regulation, or GDPR. It is probably the most globally advanced law in data protection, so being compliant with it is enough for any blockchain company. We would like to comment on several points regarding this matter.
First, it is important to understand that the blockchain brings pseudonymity by design. Every node using the network is identified through an address, and users don’t need to share their personal information for any purpose. This is a really useful feature: in the blockchain we will store just the interactions between addresses, protecting our users’ personal information, which is always in users’ hands.
The problem here is that the GDPR considers that pseudonymised data is still considered personal data (including likely public keys in a blockchain). It also clearly states that if anybody can identify a particular user assembling and organizing anonymized data, further protection should be enabled. This is probably the case for the blockchain. For instance, if we can track in the public blockchain the purchases made by a node, its location and money spent, probably we can track down the person behind it (and the same can be easily applied to sellers through listings and locations).
To prevent that, we are implementing an encryption system over the pseudonymity feature of the blockchain. This way, all the personal information stored in the blockchain will be protected, and only shared with the parties involved. BitBoost won’t be able to check this info, nor will any other user. Just an arbiter, a third party individual selected for dispute resolution by sellers, will have the key to decipher a transaction, and just for a brief time and only for arbitration purposes.
Finally, we should talk about “the right to erasure”. As stated by the EU law, users have the right to demand the erasing of their personal information from Internet in the following cases:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
- The personal data has to be erased in order to comply with a legal obligation.
- The personal data processed belongs to a child.
Not in all cases does the right to erasure means the right to be forgotten, and although there is some controversy around this topic as applied to the blockchain, we can quote the Guide to blockchain and data protection (issued by Hogan Lovells in 2017) for general advice: “What constitutes “erasure” is still open to debate. Some data protection authorities have found that irreversible encryption constitutes erasure. In a blockchain environment, erasure is technically impossible because the system is designed to prevent it. However, smart contracts will contain mechanisms governing access rights. Therefore the smart contract can be used to revoke all access rights, thereby making the content invisible to others, albeit not erased”.
In our case, data access is regulated by both smart contracts and cryptography. While arbiters will not get access to the encrypted data without the permission of a smart contract, buyer and seller both have access to anything they have shared, whenever they want. This way, the data generated will be only available by those who have created it, at any time. For us, this is the best way to protect the data stored in the Ethereum public blockchain.
To summarize, our approach to personal data management in the blockchain is simple: we want to bring back to the users the power to manage their personal data. Neither we nor third parties will be able to do something not allowed with personal data. This approach is radically different from that of big digital companies, where data (aka our information) has become the most valuable asset to sell and trade, even without the fully conscious consent of those generating this data, and without compensating them! We find this practice unethical, and we want to build a new, decentralized Internet, where those practices will be excluded from digital business. If we succeed, we will be starting a new era of the Internet. That’s for sure.