Why do we need blockchain for privacy protection?
In the last medium, we have presented the strengths and weaknesses of blockchain on privacy protection. In this article, we will focus on why we need the blockchain technology to achieve privacy protection in this interconnected world.
The world has witnessed the emergence of the Internet of Things (IoT), wearable devices, and mobile communication technology. These technological realms have brought us to an era of big data. Each of us is generating huge amounts of data all the time and we have also become fully digital individuals. Large-scale data continuously generate and converge to multiple data collectors, which causes more and more severe privacy leaks [1].
Although privacy protection has been studied in academia for many years, there are still few products that can truly be integrated into our lives. The most directly related products are the Differential Privacy [2] of Apple and the Federated Learning [3] of Google. With the convergence and integration of big data technology and human lives, rich data is continuously collected by multiple data collectors in a variety of ways, and then decisions are made and services are provided based on these data. This kind of data collection model has become a necessary condition for more and more applications. Although large-scale data collection brings huge data value to individuals, companies and countries, it also accompanied by by a series of problems such as privacy leakage [4]. So the privacy protection needs to be strengthened from both legislation and technology.
In the previous article, we have briefly introduced the privacy protection ability of blockchain. Now, let’s think about a further question:
Why does privacy protection need the blockchain technology?
In many technical solutions for privacy protection, blockchain is not mentioned or adopted. However, blockchain is born with two important property: trusted third parties and resistance to cheating, which make it distinct from the traditional solutions of privacy protection. Though the differential privacy and federated learning do make real progress in privacy protection in terms of both theory and practice, one thing that cannot be ignored is that we have to believe what the centralized companies have declared. Since privacy protection is in conflict with the realization of commercial value of enterprises, we have to keep a certain degree of suspicion about the motivation of enterprises to protect users’ privacy.
Trusted Third Parties. In the field of network security, “trustworthiness” has always been the goal that everyone pursues. But trustworthiness is also a very difficult goal to achieve due the existence of Byzantine general problem and others. In the past, the common solution was to introduce a “trusted third party”, such as banks. The trustfully transmission is realized through this trusted third party. For example, the trustful transmission channel can rely on the HyperText Transfer Protocol Secure (HTTPS). However, it acquires a certificate service. In the case that people can only communicate in an intranet, there is a need to build and maintain the certificate server of this company, which causes extra economic burden. Further, when multiple intranet-only companies carry out reliable transmission, a cross-domain certificate server is required to be built and maintained. However, the granting and revocation of certificates means the centralization of authorities. How to establish such a centralized certificate service organization between multiple peers has extremely high costs in terms of both administration costs and society. As a trusted third party, the blockchain works in the way of consensus. The certificate granting, authorization and signature verification are jointly performed by the nodes participating in the consensus of the blockchain. By this way, a provable trusted third party is established at a very low cost.
Resistance to Cheating. Existing research on data acquisition supporting traceability and accountability is still relatively limited, and problems such as unknown data collection, excessive data collection, and lack of control by users need to be resolved. A Pew Research Center report on the state of privacy in the United States pointed out that the vast majority of respondents believe that they have lost control over the collection and use of personal data, and more than half of the respondents are not aware of how data collectors use personal data, which makes them frustrated [4]. Although many companies have stated that they have complete privacy protection measures and the corporate philosophy to protect user privacy, but how can we totally believe in them? What if they tamper with the record of data acquisition? Blockchain technology allows the establishment of a distributed, transparent, and non-tamperable ledger. We can deploy the authentication protocol, access control strategy, and the data sharing strategy on the blockchain in the form of a smart contract so that the execution and evaluation of access control and data sharing are realized by executing distributed smart contracts on the blockchain. The biggest advantages of doing so is that the records of data collaboration are non-tamperable and traceable. These records provide permanent basis for subsequent credit evaluation and audition. What’s more, it can also effectively achieve the decentralization and transparency of access authorization and data sharing and prevent problems such as illegal authorization or denial of service [5].
Generally, blockchain provides trustful privacy protection in data collaboration. It essentially uses the group trust model, providing a reliable and practical solution of trustworthiness instead of the traditional ones that must rely on a trusted third party.
Zecrey official website: Zecrey
Welcome to join our communities and follow us on twitter:
Medium:https://medium.com/@zecrey
Twitter: https://twitter.com/zecreyprotocol
Telegram: https://t.me/zecrey
Discord: https://discord.com/invite/U98ghQsJE5
Reference
[1] Misra S, Mukherjee A, Roy A, et al. Blockchain at the edge: performance of resource-constrained IoT networks[J]. IEEE Transactions on Parallel and Distributed Systems, 2020, 32(1): 174–183.
[2] Differential Privacy. https://www.apple.com/privacy/docs/Differential_Privacy_Overview.pdf
[3] Federated Learning: Collaborative Machine Learning without Centralized Training Data. https://ai.googleblog.com/2017/04/federated-learning-collaborative.html
[4] Meng Xiaofeng, Liu Lixin. Blockchain-Based Data Transparency: Issues and Challenges[J]. Journal of Computer Research and Development, 2021, 58(2): 237–252.
[5] Rongna XIE, Hui LI, Guozhen SHI, Yunchuan GUO, Ming ZHANG, Xiuze DONG. Blockchain-based access control mechanism for data traceability[J]. Journal on Communications, 2020, 41(12): 82–93.
