The truth behind blockchain, identity, and managing private data

The truth behind blockchain, identity, and managing private data

Jan Lindquist, Wed 29 August 2018

The hype around Blockchain is incredible, with many companies announcing support. Comcast announced in 2017 work on a Blockchain Insights Platform. Although it is not a solution for all of the world's problems, Dativa believes Blockchain can be an important part of managing data flow. Implemented correctly, it can provide a framework for creating full accountability for processing private data and handling consent that existing data engineering tools do not offer.

GDPR promotes privacy by design, but privacy is often determined by internal practices that are not revealed by an organization’s privacy policy. Nor are they revealed when a consumer consents to their data being used. Every time an organization shares private data with a third party, there is a risk of data breach and of organizations using data beyond legitimate reasons. A clear blockchain framework can ensure that data flows securely and transparently.

The default way that companies demonstrate their commitment to privacy is via their privacy policy, and by requiring consumers to give consent to use their data.

The privacy policy should be easy to read, and consumers need to trust that an organization will enforce the policy. In some instances, it is evident to consumers whether the policy is applied or not. One of the tenants of GDPR is that companies need to give consumers the right to access data belonging to them in a format that the company can easily transfer. Some companies share within hours, while others may take months to share the personal data. However, many elements of a privacy policy are impenetrable to consumers, or anyone outside the company. Consent similarly does not always clearly explain the use and purpose for which the organization is collecting the data.

This issue of privacy and consent is where Blockchain can be useful and where combined with a company’s privacy policy and consumer consent, it can provide the best solution for accountability.

How Blockchain could provide accountability for TV data

Hyperledger is an umbrella project hosted by the Linux Foundation that has over 200 companies collaborating to develop open source blockchain solutions. At the very heart of every Hyperledger project is a permissioned distributed ledger. Unlike Bitcoin and Ethereum a permissioned blockchain is a consortium of organizations responsible for authenticating and controlling the participants in a blockchain. The Hyperledger framework has stewards who manage the privacy ledger rather than an individual or single organization.

One of the Hyperledger projects, Hyperledger Indy, purpose-built for decentralized identity, aims to create a data operations system that protects the privacy of an individual by only sharing personal data that is relevant. A simple example would be to prove that an individual is over 21 without sharing their exact date of birth and driving license number, which are irrelevant when ordering alcohol at a restaurant. Blockchain can provide proof that the individual is over 21 without revealing any other personal data.

The Sovrin Foundation is a private-sector, international non-profit that was established to govern the world’s first self-sovereign identity (SSI) network. The code base for the Sovrin network is on Hyperledger Indy. One of the working groups at the Sovrin Foundation is working on a solution to build smart contract processing on top of generic ledger-stored schemas. Conditional processing could be introduced into the Sovrin ecosystem at a schema-build level via these intelligent schemas.

This example depicts a hypothetical project that an organization could deploy on Hyperledger Indy. The diagram shows the distributed ledger at the center and how the first step is to onboard new actors. The actors (this could be an MVPD, an advertiser, or any third party) exchange information to set up an agreed transaction. Finally, once the agreement is in place, the data flow is processed according to the agreed schema.

 Hyperledger Example

In this scenario, there are four central concepts to understand better how data flow is processed using Blockchain technology.

  1. Distributed ledger: These are the Blockchain stewards with specific business and consensus model for adding credential information to the ledger.
  2. Onboarding: Each new actor that the organization adds to the ecosystem through trusted anchors will have a particular role within the data engineering set-up. Trusted anchors enforce due diligence when accepting new actors to be part of the ledger. Once the organization has added a new actor to the ledger, their identity is pseudonymized when communicating with another actor.
  3. Transaction: When an actor creates a new transaction, like the agreement of a new privacy policy or the act of giving consent, they have to define a schema, and then establish a transaction with a second actor. There is an issuer of a schema and holder of the consent in the form of a signed transaction.
  4. Verification: Verification is required to check proof of which attributes the organization can store and under what conditions

The organization must define the data collected in the data warehouse in a schema for traceability. The schema would list all the attributes, and whether specific attributes are sensitive or have special conditions for storing or accessing. If the consumer questions usage of the data it is possible to update the schema to reflect any new privacy agreements that the organization agrees to implement.

The consumer may withdraw their consent to access their private data at any stage, and the organization then records this in the ledger and removes access from both the service provider and any third parties.

The schemas are visible to all and make it possible to create a data marketplace without revealing the identity of the individual sharing data. Onboarded third parties may get access to the data once the operator gives consent or the consumer does so directly. The result is a way of exchanging data that is much more transparent than what we have in place.

Conclusion

Blockchain could revolutionize how organizations manage private data. It can enable a higher level of accountability and more easily enforce privacy by design. The data flow is managed through a distributed ledger and not controlled centrally by one organization. Creating a data marketplace opens new opportunities with strict access rules enforced through Blockchain and a trusted data flow, but it is yet to be seen whether the major identity players will join in with the open ecosystem. The biggest beneficiary may be the consumer, who would have much more oversight of, and even compensation for, their data. All of this bodes well for the development of TV analytics.

Need help? Get in touch...

Sign up below and one of our data consultants will get right back to you

Other articles about TV data


Dativa is a global consulting firm providing data consulting and engineering services to companies that want to build and implement strategies to put data to work. We work with primary data generators, businesses harvesting their own internal data, data-centric service providers, data brokers, agencies, media buyers and media sellers.

145 Marina Boulevard
San Rafael
California
94901

Registered in Delaware

Thames Tower
Station Road
Reading
RG1 1LX

Registered in England & Wales, number 10202531