Integrity is doing the right thing, even when no one’s looking – C.S. Lewis.
When the Cambridge Analytica scandal broke back in 2018, the lights on the internet grew a little dimmer. Data harvesting was nothing new. Data-extracting bots and scripts had been roaming the web for years. But the factors that differentiated the Cambridge Analytica affair from any previous data harvesting issues were the sheer scale of it, and the sinister political ramifications of what’s arguably one of the greatest data-related scandals of the past decade.
An estimated 50 million Facebook accounts were compromised. Speaking on CNN, Mark Zuckerberg, referred to the Cambridge Analytica debacle as a ‘mistake’ and a ‘breach of trust.’ In March 2018, he published a letter apologizing on behalf of his company. By April, Facebook finally implemented the EU-mandated General Data Protection Regulation (GDPR) framework in all geographical areas where Facebook operates.
The fallout from the Cambridge Analytica shady dealings (and the equally dramatic Equifax hack that became known about a year later) threw personal data into the spotlight. Many people, rightly, began to ask themselves how secure is our data, while in the hands of large corporations? How can these companies guarantee the security and integrity of our data? Who’s looking at our personal information?
Blockchain as a framework to improve data security and integrity
Defining integrity, in the context of information, can be tricky. A simple web search on the matter will yield multiple results, but for clarity’s sake we’ll pick one of the briefest: Integrity refers to the reliability and trustworthiness of the data. A simple explanation, for sure, but in the real world, the issue is slightly more complicated.
When it comes to data interpretation, the questions has this data been manipulated, or tampered with? Where does this data come from? Can I trust the institution that holds my personal information? are very much relevant. Cambridge Analytica, Equifax, and other similar high-profile events confirmed that, when it comes to data, there is no ironclad security.
Or is there?
A brief history of blockchain
The answer to what blockchain is lies in its very name. It is a chain of blocks that stores transactional data. All existing nodes in the network validate the transaction, which becomes immutable, i.e., once validated, the transaction cannot be altered.
A block is a piece of data that contains certain information, such as header, transaction data, and other technical stuff. Each block has a body, which can be imagined as the empty space in a train. The block’s body -the next available train car- is filled with confirmed transactions. If these transactions are validated by all the nodes (devices on the network), the block is deemed valid and is appended to the chain. Hence, block-chain.
You can think of a block as an entry in a ledger book, only the ledger is digital and decentralized, where all the blocks are linked to each other via cryptographic means -the hash-.
Distributed security and transparency: The aces up blockchain’s sleeve
Each transaction that occurs on the blockchain is logged and timestamped, which prevents anyone from sending the same transaction more than once. The chain maintains a verifiable, immutable, and time-stamped record of every single transaction that was ever made.
But a bank database also maintains verifiable, time-stamped records of every transaction ever made, you might argue. Yes, it does. But where a bank (or Government, educational institution, etc.) database falls short is that its records are not immutable. They can be altered, quite easily. And furthermore, a bank database is highly centralized. Its control and management are in the hands of a single entity (the bank). Two, maybe three people will maintain it. This raises immediate and obvious concerns, particularly concerning the ease with which a database can be compromised.
Blockchain represents the polar opposite of a bank database. Blockchain -or distributed ledger technology– does not hold its data in a single, easy to tamper with database. Instead, an exact copy of the dataset exists in every node, and when a new block is added, every node knows about it. This poses an obvious advantage in terms of data security. In a Proof-of-work environment, for example. Let’s say 30,000 nodes are validating transactions. How would 30,000 individual nodes ever coordinate together and conspire to do something dishonest? The very distribution of the validating nodes is what gives blockchain its inherent stability. At least half the nodes would have to behave dishonestly for the system to break, but the notion that 15,000 nodes would coordinate to do something dishonest is rather absurd. Compare that notion with the example of the bank database, where two, maybe three people are in control, the conspiratorial odds suddenly rise.
The other aspect of blockchain’s second-to-none approach to data security and integrity is transparency. Taking the example of the bank, or any other centralized database, any changes, alterations, or amendments to your data are very much a closely-guarded secret. You, the user, the very element who’s directly affected by these changes, are certainly kept out. You cannot see what’s being done with your data, you cannot control where your personal information goes, who looks at it, or what a third party might do with it. One could argue that, had Facebook’s data been kept on the blockchain, Cambridge Analytica would never have happened. In a blockchain environment, every single transaction (including the value, the address or addresses that the assets are sent from/to, etc.) is visible to everyone. Blockchain’s transparency is a feature that had hitherto been unthinkable in banking, for example. And while, at first glance, it might sound like a monumental invasion of privacy to have this sensitive information openly viewable by everyone in the network, consider that the information is hashed (encrypted) and that the data cannot be altered without a record of the change also existing. And of course, every node in the network would know about it. Consider this analogy: Think of a bank’s safe with transparent walls, and with hundreds, or thousands of people watching every time someone opens it to add more money into it.
Furthermore, the use of blockchain technology for data integrity also creates opportunities for enterprises. Through the use of enterprise blockchain technology and various digital identity solutions, such as My.D, enterprises no longer have to worry about dealing with personal data. After all, personal data is as much of a liability as it is an asset these days.
The use of blockchain technology clearly supports the concepts of data integrity and security, particularly when it comes to sensitive data such as financial or commercial records. But that’s far from the only areas of business and industry where blockchain can make a transformative difference in the way personal data is handled, and by whom.
So one could say that blockchain is doing the right thing. Even when everyone’s watching.