Blockchain Technology Can Protect Users From What Companies Do With Personal Data
David Petersson, a contributor at Forbes, wrote an article in which he explains how blockchain technology is able to change the way firms handle personal data from users. He starts by mentioning an example of what a firm does near Brown University. The coffee shop Shiru Facé decided to give ‘free’ coffee to users in exchange for their name, emails and phone numbers.
In general, students at the University do not believe that this is a bad thing. Indeed, one of the students said that she gives a lot of information to organizations and companies without receiving anything back.
Companies are sure about the fact that data is the new oil. Without data, companies are not able to create proper advertising campaigns, analytics and other policies. However, several firms are having this data for free without giving anything back. Hesses Leimgruber, the co-founder of Bloom, said that there are more than 10,000 companies asking for data, only in the United States.
Already in Europe, the GDPR rules work in order to change this direction, forcing companies to be more responsible with the data they collect and how they do it. Companies that are not compliant with these rules can face several penalties.
Companies such as Google and Facebook are already facing some problems. For example, one of the most known scandals was related to Cambridge Analytica leaking data from millions of Facebook users. However, Google+ has also experienced a breach, but the case did not arrive at the court.
The main problem is that computer data can be easily replicated, something that is much more difficult to do with paper documents. Although it is possible to secure monetary transactions using a blockchain network and a decentralized system, the situation looks different for doing the same with personal data. This is why exist the concept of Self-Sovereign Identities (SSI).
Petersson says that SSI is based on the principle of encryption. In this way, cryptographic keys are used in order to sign documents. Usually, the keys are generated by applications on each device. This specific private key is used in order to sign that specific document. Comparing the final hash and the public key it is possible to be sure that the person is the true owner of the document.
Using SSI it is possible to use this concept and apply it to personal data. The data is stored on the user’s device and only the necessary parts will be shared. Petersson explains that personally identifiable information is not shared on the ledger. Different parties turn to validators that have been in contact with the specific person that issued proofs. As soon as a user presents a proof, the validator is required and asked to validate the claims.
In this way, it is much more secure to share information and private data.
“When releasing raw information to a lender or financial service, you normally need to provide the full raw info (like SSN, full name, or address). With Bloom, you can share the proof of verification without sharing raw info.”
This allows the companies to receive a minimum amount of data and even the storage is decentralized.
It seems that Blockchain and SSI can be very promising for protecting personal data. There are some companies that are already working with Bloom in order to improve how they handle information. Two of these companies are American Express ME and BMW.
The future of data seems very different to the one that we are used to. Companies will be able to improve their services with blockchain technology and users will have their data protected using distributed ledger technology (DLT).