iStock / Laurence Dutton
The slogan less trust, more truth is becoming a rallying cry in the fight to preserve personal liberty online. In the face of myriad privacy breaches as a result of the ownership of our data by big corporations,Web 3.0 – otherwise known as a decentralised internet based on true peer-to-peer interaction – represents a beacon of hope to enable individuals to take back control from the current generation of internet behemoths.
Personal data is being mined on an industrial scale and extracted to create profiles that commoditise us as consumer objects. The leading social media platforms and search engines that take ownership of our data to assemble digital profiles know our wants and needs better than we do. While each piece of data may seem innocuous enough, these data chunks create a blueprint to be targeted by algorithms that pitch products and services based upon our unique preferences.
The electronic ID-card system and blockchain technology are used to ensure health data integrity and mitigate internal threats to data.” As of 2018, according to the e-Estonia Guide, 99 per cent of all prescriptions filed in the country are digital and 97 per cent of patients have digital health records that are accessible to authorised users nationwide.
Tim Cook, the CEO of Apple, gave warning at an international privacy conference earlier this year that consumers need to be protected from technological advances that have led to the development of “a data industrial complex.” He spoke about the potential benefits of the General Data Protection Regulation, or GDPR, a piece of EU legislation that came into force in May 2018 to provide consumers with more control over personal data collected by technology companies. Cook urged the US to follow the EU’s lead in protecting consumers’ data from infringements – “each one harmless enough on its own” – that are “carefully assembled, synthesized, traded, and sold.” Cook said: “Our own information, from the everyday to the deeply personal, is being weaponised against us with military efficiency.”
Web3 technologies can enable people to freely exchange personal data while evading the hidden data servers of powerful intermediaries. The stratospheric rise of Bitcoin and Ethereum into the mass consciousness demonstrates the latent power within these technologies. The world’s biggest cryptocurrency skyrocketed in value from being a worthless form of digital cash to $20,000 in December 2017. Cryptocurrency has evolved independently of the central banks and large institutions at the centre of financial markets. They have empowered people to make monetary transactions outside the confines of the financial system. In a similar vein, I believe these same technologies can enable people to exchange personal data free from the prying eyes of major corporations.
Emerging privacy-preserving technology can help provide a win-win solution, offering unprecedented user privacy protections while enabling new applications for data. Privacy-preserving techniques combined with blockchain can enable new decentralized applications that protect data while providing users with transparency and control over how data is used.
These technologies are at a very early stage in their development, and the work required to shift past these Web 2.0 giants is tremendous. Still, we have seen a great deal of progress already.
For example, about a year ago, some of the first prototype decentralised data storage systems started to come out. Under this model, users’ data was not put in the hands of any single party but rather managed on a consensus blockchain. This provides everyone with access permission rights, providing users with the assurance of being able to see who has access to their personal data. We believe that such a provable system with strong cryptography can counter the threat of our personal data being exploited by large corporations.
A complete guide to Internet privacy
Zero-knowledge proofs – which function as a mathematical means of proving the possession of information without disclosing it – are being deployed as a means of protecting privacy in decentralised ledger technologies. For example, given the hash of a random number, the prover could convince the verifier that a number exists with this hash value without actually revealing what the number is. Furthermore, the prover can convince the verifier not only that the number exists, but that he or she knows the number, without revealing any information about the number.
Zero-knowledge proofs provide an additional layer of privacy to public blockchains, and do not reveal the transaction or behaviour histories of those transacting, as public blockchains do at the moment. For example, Zcash, a privacy-protecting digital currency, implements zero-knowledge cryptography that shields transactions made in the cryptocurrency. Holders of Zcash can make transactions in Zcash that can be fully encrypted on the blockchain, yet still be verified as valid under the network’s consensus rules.
In a three-part series, we’ll describe the way private companies, like Apple, both properly and improperly use differential privacy tools. In a globally private system, one trusted party, whom we’ll call the curator — like Alice, above — has access to raw, private data from lots of different people.
Those developing Web3 are now also delivering advanced tools that will let users create customized blockchains for decentralised applications more easily. These new off-the-shelf solutions will provide the most updated technology and have the potential to be deployed in many applications that empower individuals or corporations.
Thousands of our best and brightest engineers and researchers are hard at work building an Internet that is resilient to the threat of major corporations’ abusing their power by means of the huge rafts of data currently held under their possession. This technology will create important backstops that will empower consumers to share data freely without having to compromise their own data privacy.
This ensures that regulations to manage and protect sensitive information can be complied with while services can continue to leverage the strengths of blockchain. The General Data Protection Regulation (GDPR) and the revised Payment Service Directive (PSD2) are, for the most part, incompatible with blockchain-powered startups and businesses.
Of course, there will be significant challenges along the way. How we govern these protocols is a major issue we are working to tackle as a community, and it will take a lot of iterations to find a system that works. Consumer adoption will likely also take time – we are at a very early stage in the development of this technology and end-user-facing products are far from ready – we are still building the infrastructure those applications will be built on.
Still, those pursuing Web3 foresee a technology that has the potential to lead to an almost hard-coded regulation, where a system can only behave in certain ways, according to the rules of the system encoded in the blockchain. As Juan Benet from Protocol Labs said recently, we are moving from “don’t be evil” to “can’t be evil,” which is the way the Internet should be.