Some time ago I had the time and the inclination to look into blockchain technology. The more I learned the more I saw that it presented a huge potential for collecting and managing data across a broad spectrum of activities. I also saw some difficulties in its deployment, especially in Vietnam. Issues of confidentiality and data privacy are central to my concerns. As such, I decided to write on the issue. This article first examines blockchain technology and the concomitant deployment of smart contracts before looking at how confidentiality can be ensured on a blockchain. Finally, I dig down into Vietnam’s data protection laws and examine how they would be applied to blockchain technology.
Blockchains Are What?
Blockchains distribute data entries to ensure that no one tries to alter the ledger illegitimately. Each block contains a transaction. When the blockchain began, the first block recorded data regarding that block’s transaction. When a second transaction occurred, a second block was added and a link to the data from the first block was copied along with the data from the second transaction to make up the second block. With each new block, a link back to the previous block with a link back to the previous block is included so that the transaction recorded in each new block can access every previous transaction recorded on the blockchain in a continuously updated ledger. Anyone with access to the blockchain can use what is called a block explorer to examine the blockchain for information about any transaction that is recorded in any block in the blockchain. This is how cryptocurrencies ensure that one owner doesn’t spend his Bitcoin or Ethereum more than once. No matter how many transactions occur, so long as they link back to the previous block in the blockchain, the entire ledger of all transactions is accessible. It is an elegant way to decentralize the accounting, eliminate middlemen, and distribute the performance of transactional obligations.
What is a Smart Contract?
While blockchains may be used for other purposes, many currently in existence utilize some form of smart contract or code that will automatically perform a certain act by one party upon the completion of a counteract by another party. Take, for instance, Ethereum. While a block is obtained by a process of computational work called mining, Ethereum’s blockchain also contains a smart contract that allows someone to pay physical currency to purchase the cryptocurrency. When the smart contract detects that sufficient currency has been paid to a specific account it automatically transfers a correlating amount of Ethereum as consideration.
Another example would be a travel insurance company that deployed a blockchain with a smart contract to pay $200 if the subscriber’s flight was delayed by two hours. Say, then, that I own such an insurance policy and that I am scheduled to board a Vietjet plane from SGN to LAX but two hours after the flight is scheduled I’m still sitting in the terminal waiting for the uniformed gate attendants to announce boarding. As soon as that second hand ticks over on the second hour, the smart contract will execute and automatically transfer money from the insurance company’s accounts into my personal account. By automating a contractual relationship the parties eliminate the need for third-party decision-makers and the expense of processing each claim individually.
But the insurance company, unlike a cryptocurrency, faces an additional challenge with its usage of blockchain. Under traditional blockchain architecture, remember, the ledger containing each block’s data is linked to every successive block. This very distribution, by its nature, means that the information collected through each transaction is public and not confidential between the parties. Without some form of security, Jay in Arkansas, USA, can access the data of Nguyen in Vietnam. That creates a problem for enterprises or governments seeking to deploy private blockchains as both are likely restricted by rules and legislation requiring that the data of transaction parties be kept confidential. This is a problem that would seem to limit the potential for blockchain usage.
Confidentiality Issues on a Blockchain
Confidentiality isn’t a real problem for cryptocurrencies. As an owner of a specific cryptocurrency, I keep my Bitcoin in a digital wallet. That wallet has a specific digital address that is, in theory, unconnected with any personal data regarding myself (such as name, address, email, bank acount number, etc.). The information recorded in the Bitcoin ledger that is distributed down the blockchain is the digital address of my wallet and the amount of currency I possess. Thus, in theory, I am protected from the disclosure of the fact of my ownership of Bitcoin and any abuse of my data. Aside from the fact that the public nature of my account size opens the potential of digital attacks for wallets with large amounts of Bitcoin, information about me is secure so long as I am careful not to endow my wallet with any identifiable data. So, in theory, the blockchain ledger of a cryptocurrency is–if not confidential–at least anonymous. The same cannot be said for other applications of blockchain technology.
There are a few possible solutions to this issue of confidentiality on the blockchain. First is the deployment of private blockchains. A private blockchain is a blockchain for which access is controlled by either a single entity or by rules coded into the blockchain by a single entity. That means that only those users who are permitted by the owner of the blockchain may have access to the data in the blockchain. This is a start and allows organizations to internalize functions that may be proprietary but not sensitive such as origin location and progress in a given supply chain or work schedules and attendance records of a very large organization such as a transnational manufacturer or government. But this solution does little to protect more sensitive data between tiers of access in a single organization. Billy, for instance, does not want the mail clerk to know his salary and compensation scheme as manager of the marketing department, information that would be available on a private network in the absence of additional protections.
The second solution, or at least an element of it, is encryption. The owner of data can deposit information on a block in the blockchain only after it has been encrypted. The owner of the data will have a private key to the data and therefore only those with the private key will be able to access the encrypted data. This would allow an HR department to deposit personnel records on the blockchain and, as new information is obtained with every passing month, a new block could be added with appropriate encryption to update the blockchain ledger and maintain the records in time. This information, if encrypted, would be accessible only to those with the private key. In theory, they could create different keys for different levels of data and distribute them according to security levels and need. Thus upper management could have access to all personnel records with a wallet full of private keys while individual employees could have access to only their own records given a single private key. Unfortunately, with encryption alone, the benefits of blockchain are limited beyond a basic database with permissions. In order to truly take advantage of blockchain technology, there need to be more complex rules encoded into the blockchain allowing permissions and usage of data in the blockchain’s ledger.
The third element of the solution is smart contracts. As discussed above, a smart contract is an action coded into the blockchain that automatically performs upon the fulfillment of a given condition precedent. Using IF/THEN statements, the coding can contain a number of conditions that must be fulfilled and a number of actions that can be taken automatically upon their fulfillment. This would allow owners of encrypted data on a private blockchain to create a smart contract specifying that only users with a certain security clearance can access the encrypted data. Once a user proved their clearance by inputting a security password, then the specified encrypted data would be made available to them. This obviates the need for creating, storing, managing, and transmitting numerous private keys as the owner of the data can be satisfied that only those users who meet their specified criteria can access their data. The same idea could be used to allow for the entry of new data or change tracking by a limited subset of users, or to allow researchers access to only certain elements of data inscribed on the blockchain.
Perhaps an example. BurstIQ, a Medtech company, has deployed a blockchain solution for the collection, storage, and use of individual medical records. BurstIQ’s blockchain is a private blockchain though data, if permitted, can be added to the blockchain by medical professionals, medical devices such as a Fitbit or other sensors, and the individual being monitored. Information is encrypted thus preventing everyone with access to the blockchain from viewing all the rest of the data on the ledger. The blockchain contains a series of smart contracts which the subject of the medical records can control to allow certain individuals or devices to enter data, access data, or use data. Thus, for instance, the user can allow their endocrinologist to know about their vasectomy but not their neurosurgeon. And they could in turn allow researchers access to their exercise history and documented EKGs but not their blood sugar and cholesterol levels. Using a combination of all three solutions: private blockchains, encryption, and smart contracts the blockchain is capable of collecting, storing, and keeping confidential private users’ data.
By limiting access, encrypting data, and creating a permissions system using smart contracts the blockchain can be used for many more situations than the original use of a public blockchain suggested. The confidentiality of data subjects can thus be protected from disclosure or abuse and companies and governments can deploy blockchains without worrying about violating confidentiality laws as they can ensure–as much as is possible without relying on the sequestering of data in a physical silo–client’s data privacy. Blockchain, then, can be used not only for public purposes such as cryptocurrency, but for much more sensitive sectors such as government, medicine, legal representation, and any other business that requires confidentiality and data security.
Vietnam’s Data Protection Laws and Blockchain
Unfortunately, many of the new data protection laws proliferating around the globe require vendors to do more than simply prevent the unauthorized disclosure of users’ data. Many of them, including Vietnam, require the ability to amend or completely remove the data from the possession of the data collector as well as a number of other rights. Specifically, referencing my previous article on Individual Data Privacy Rights, data processors must create mechanisms that allow users to exercise the following rights:
- To protect their own personal data when using the internet;
- To give or withhold permission for the collection, processing, and storage of personal data;
- To be informed of the purpose and scope of the collection of their personal data and the use to which such personal data will be put;
- To give or withhold permission for the sharing of personal data with third parties;
- To request that the sharing of personal data with a third party cease even if they had previously provided permission for such sharing;
- To access their personal data that an organization has collected or stores;
- To update, amend, rectify, or delete the personal data that the organization has collected or stores and to receive notification from the organization when such a request is completed;
- To receive compensation for any damages caused by the organization’s violation of legal obligations when processing personal data.
Many of these rights can be easily handled on the blockchain by utilizing privacy policies and smart contracts. Notification of uses for and sharing of data and several other rights are handles through publication prior to accessing a blockchain. Limiting or changing who has access to data on a blockchain can be handled using smart contracts as discussed above as it is easy to give users the right to identify who has access to their data using this method. Changes to permissions can also be allowed using a more sophisticated smart contract that would allow for subsequent encoding by the user. Access to a user’s own data on a blockchain is easily allowed and can be sequestered from other user’s data using encryption methods discussed above. Updates can be made by simply adding another block of data to the chain that references the original block on which the user’s data was inscribed. And while Vietnam does not specifically allow for liquidated damages, it is possible to define specific damages that might be caused by violations of data protection laws and program smart contracts to automatically compensate users upon foreseeable breaches that might cause damage.
The problem for blockchains under Vietnamese law comes with the requirements of allowing for the amendment, rectification, and deletion of the user’s data. The nature of a blockchain is such that data, once inscribed on a block and buried beneath subsequent blocks, cannot be changed without breaking the chain. Because each block contains a link to the previous block in its then current state, to change a block would change the link and, in effect, remove the block from communication with the next block. If one block is removed, all the blocks before it will no longer be in communication with all of the blocks after it, and access to all of the data on the chain will be lost. Thus, changing–or even removing–a block destroys the blockchain. This is further complicated when one takes into consideration the duplication of the blockchain that occurs when there are a large number of users and the adding of blocks is automated (an element of blockchain I did not discuss above and that is not necessarily relevant to the discussion of confidentiality and data privacy here).
While it may be arguable that inscribing data on a subsequent block that is different than that inscribed on the original block with instructions to ignore the original version of the data could be viewed as an amendment under Vietnam’s data privacy laws, this does not address the requirement for allowing the user to be able to delete her data. Here, again, it is arguable that a subsequently encoded block could bear instructions to essentially skip the original data block and thus the user’s data would be effectively deleted. Enforcement authorities in Vietnam, unfortunately, tend to interpret legislature literally, and thus a failure to actually delete the data despite effectively erecting a wall against access to it would likely be considered a failure to comply with the law. This is a basic and seemingly immovable obstacle to the broad adoption of blockchain technologies by Vietnam, a contradiction to the country’s stated desire to encourage the development of blockchain.
This, of course, is based on the now existing data protection laws. Just last week the government issued the first draft data protection law it is considering to update the country’s data protection regime. I have not read the draft law yet, but a few comments from my colleagues that I have seen suggest that it does not effectively address this apparent conflict as it maintains the requirement of deleting data without defining the effective act of deletion. This is also in conflict with the contemplated Fintech regulatory sandbox that will allow for the adaptation of regulation to individual new technologies and includes blockchain among its subjects. Whether an applicant to this sandbox would be allowed to escape or modify this requirement upon review by authorities is unclear as the sandbox program is still merely a proposal. However Vietnam decides to proceed with the legislation of blockchain, it will have to reconcile its data protection laws with the realities of the blockchain if it desires to utilize the same for advancing technological management of a large number of sectors.