As we become addicted to the connected life, privacy concerns are mounting: could blockchain help?
Thanks to the explosive growth of the Internet of Things (IoT), we now have the option of living in a very “Next Gen” kind of world. It’s futuristic, it’s fun, and it’s happening right now for anyone willing to plop a smart speaker in their living room and download a few apps on their phone.
But in our rush to connect, many of us have glossed over a few important issues.
Chief among them is privacy. The problem is, we’re already too addicted to our Smart lives. It hurts to relinquish the benefits of the connected life in the name of privacy. What we now have is a self-inflicted war against privacy.
But here comes blockchain technology. Proponents claim this will solve a lot of IoT problems. Is privacy one of them?
Here’s a look at how we got to this point where we gladly fork over personal data in order to feed our connected, convenient lifestyle. And for anyone who’s solution-minded, here’s whether blockchain is going to help.
Table of contents
- Part One: How Did We Get This Way?
- Part Two: The 2 Risks of Living the Connected Life
- Part Three: Understanding Blockchain as a Solution
- Part Four: The Problem With Blockchain and Privacy
- Conclusion: We’re Not There Yet
Part One: How Did We Get This Way?
Here’s how we became so enamored with technology that we forgot what we’re sacrificing to get our hands on it.
First, We Got Lulled Into Complacency About Privacy
Our dull sense of online personal privacy protection began at least 15 years ago, right around the time internet commerce really started to off. Privacy concerns didn’t factor heavily in those early days of the Web.
Monetizing content was the chief concern of the cowboys that wrangled the internet of those early years.
In those Wild West days of easy search engine manipulation, online entrepreneurs could make hundreds of thousands of dollars simply by creating websites and filling them with ads. And guess who was among the first generating those ads: the nascent search engine – slash – ad company called Google.
Google AdSense helped make legions of millionaires in those days. Which is why many of the top minds of the era went to e-commerce. Look back a dozen years or so and you’ll find the hot areas of the internet were in developing digital ads. Remember those garish ad banners? Tons of brain power went into figuring out ways to make them more noticeable, more enticing, more profitable.
But the really relevant part of this story, the part that relates to privacy, is when all those digital marketers discovered what they could do when they started gathering information about their targets. That in and of itself became a new industry. There’s even a name for it: AdTech.
Then Adtech Came Along and Really Killed Privacy
As you know, AdTech is the art of making ads better by improving delivery, increasing tracking, and making them as customized as possible. All of that takes data, of course… private data, in many cases.
So as AdTech evolved, so did all the ways in which our privacy can be compromised. This has been going on for over a decade with nary a word from the general public about privacy concerns. Adtech us growing every year, allowing advertisers are able to target consumers with laser-sharp precision. And with the rise of mobile… they have even more access to even more of our private data. Thanks to social media and all the apps we have on our phones, we’re actually granting them access! We’re agreeing to many of these privacy invasions.
So, even with increased awareness over privacy concerns, there’s still increased invasion of our privacy.
That’s on the consumer side. On the flip side, with business, there are operators that consider data privacy to be an obstacle. Companies that are heavily invested in e-commerce, for example, often view privacy concerns as a threat to their digital globalization initiatives.
In their eyes, it’s easy to view privacy measures as protectionist policies that threaten growth. In their world, privacy concerns hamper the free flow of data. Worrying about consumer data privacy amounts to a giant speed bump that not only slows down expansion but also increases costs.
So that’s another hurdle for privacy advocates to get over. When you’re up against Big Business, you’ve got quite a fight ahead of you. That’s why it’s a wonderful thing that someone invented blockchain technology. It may just be the tech development the people need in that fight for privacy against big business and government.
Meanwhile, Privacy Concerns Have Never Kept Pace With Technology
While the best minds have been busy developing apps and the IoT and thinking of ways to apply artificial intelligence (AI) to daily life, there has been no mad rush to ensure consumer privacy along the way.
Our social media, our mobile devices — everything we hold dear in this modern life is trapping us in a haze of convenience and enjoyment. That haze has caused us to lose sight of the fact that privacy is becoming a huge issue.
Now, There’s No Going Back: We’re Addicted to the ‘Smart Life’
If you wanted to, you could spend your entire day moving fluidly from one dazzling, tech-mediated convenience to another. From the moment you wake up to your smart sunrise alarm clock and pour yourself a coffee from a smart brew pot to your upgraded commute back home in an AI-advised mobile cockpit, it’s entirely possible to be living the dream already.
More households are choosing to live that dream, too. Experts believe that over the next five years, installation of smart home devices will rise by 42 percent.
And lest you think smart homes are boring — come on: who really and truly cares about setting the thermostat from work — how about a little slice of life in a connected home? Let’s focus on something very mundane and see how it comes alive with possibility: the onerous act of brushing your teeth.
Smart toothbrushes remind us of when to brush. They give us personalized tips on achieving a better brushing experience. Our dentists develop customized brushing routines and program them into our toothbrush apps. It’s a whole new avenue of possibility for the dentist-patient relationship.
And the most important thing here: this and other smart, futuristic benefits are provided via apps that are meant to be downloaded to our phones. Thanks to the data collection that occurs when you make full use of all the connected features. That means powerful analysis, tracking, and historical data is yours to enjoy.
So yes, there are advantages galore because of the Internet of Things and data collection. And for every advantage of, let’s say the connected toothbrush, there’s an equally impressive set of advantages we’re experiencing in other aspects of our modern lives. Thanks to the data we provide via our connected devices…
- Our physical fitness improves because we wear fitness watches.
- Our shopping is more pleasurable because of better User Experience and tailored shopping experiences
- Our finances get better because we use robo-advisors to help us make investing decisions.
- Our leisure time is better because our streaming video service analyzes our favorites and makes spot-on suggestions for future viewing.
How could anyone resist all this fun?
Part Two: The 2 Risks of Living the Connected Life
It’s all so tempting, this convenient, IoT world. Most people find it very easy to ignore the risks that accompany the connected life.
There Are Some Risks That Come With Living in a World Of Convenience
IoT poses risks that come primarily in two forms:
Experts disagree on what poses the biggest risk to a connected society. Is it security or privacy?
Security. The Internet of Things is certainly a security risk. Just look at how much larger the attack surface becomes once you expand the connected world beyond PCs, laptops, tablet, and phones. Now that we’ve got coffee makers, toothbrushes, door locks, fitness watches and even smart beds in the mix, there’s so much more that can become corrupted. Add in self-driving cars and the security situation is looking very shaky.
Privacy. Privacy is a deep concern, too. The game-changing effects of connectivity and big data have been working behind the scenes to change our lives but also to put our privacy increasingly at risk. Most of us no longer feel that we control the way our own personal data is collected and stored. Wariness over threats to our privacy is growing, thank goodness, but we still have a long way to go before everyone understands what’s at stake — and even longer until privacy regulation with any real teeth gets underway.
As you’re about to see, blockchain addresses security issues — but how about privacy concerns?
Part Three: Understanding Blockchain as a Solution
Could blockchain technology solve our privacy problems? To answer that, it helps to understand this new technology by examining its roots.
Roots of a Solution: the Tech World’s Version of a People’s Revolution
It’s been a decade since the Great Recession, but most of us can remember the terrifying aspects of the global downturn in the economy that took place starting in 2008. Lots of people lost a lot of money in the stock market. Banks failed. The real estate bubble had burst and all those subprime mortgages were wreaking havoc in every corner of the financial world.
A lot of people stopped trusting banks. One positive thing to come out of all this, however, was blockchain. Blockchain technology was invented as a way to circumvent banks when making payments. Payers and payees are able to transfer money without the necessity of a third-party mediator such as a bank. It essentially takes banking out of the hands of big institutions and puts it into the hands of the people (hence the ‘people’s revolution’).
As you can see, blockchain and Bitcoin were developed with an eye toward security. Satoshi Nakamoto, the inventor of both, was trying to remove banks from the equation. Banks help us trust the financial transactions we make with strangers. They provide assurances that we’ll get our money and they protect us from fraud.
Bitcoin, the Darling of Blockchain Technology
Of course, uses for blockchain have since expanded beyond payment systems. Now we have ‘smart contracts’, where there’s no need for a third party mediator like a notary. Only the concerned parties who sign the contracts need access to the document.
Soon, we can expect blockchain to handle data from our connected devices for healthcare as well as other verticals. To understand whether that will become a solution for privacy concerns, it might help to take a closer look at Bitcoin.
The most famous application of blockchain technology is cryptocurrency. Of the various cryptocurrencies out there today, Bitcoin was the first. Bitcoin transactions are recorded on a distributed ledger, a shared database that’s synced across all the members of its blockchain network. Nobody owns it. It’s just out there,
The benefits of this shared ledger will prep you for understanding how blockchain may be the answer to our privacy problems with the Internet of Things.
- The ledger is shared and replicated across a network of participants
- There is no central authority nor is there a third-party mediator: every participant is equal
- Every transaction in a distributed ledger has a timestamp
- Every transaction also has a unique signature
- Every copy of the ledger across the network is synced
- The blockchain is tamper-evident because of the timestamps and signatures
- Members can see only the parts of the blockchain that concern them
- No one entity owns the whole blockchain, leading to increased trust among participants
Sticking with the example of Bitcoin, all this makes it possible for payers and payees make their financial transactions without having to reveal their identity to one another… or anyone else, for that matter. But that doesn’t necessarily address privacy concerns.
Don’t be Misled About Privacy: Blockchain is Not Actually ‘Anonymous’
Before you get the wrong idea about blockchain, as many people already have, it’s not really anonymous.
This was proven by BitFury Group, whose members were able to de-anonymize over 15% of the Bitcoin network by performing deep analysis on Bitcoin addresses.
Last August, MIT reported just how easy it is to de-anonymize Bitcoins. Their findings? “We find that unique linkage is possible in over 60% of cases”. They even found privacy concerns with CoinJoin, which was invented to be. In their words: “If the victim employs 3 rounds of CoinJoin and the adversary observes two of the victim’s payments, he can link them back to her wallet (despite mixing) with 98% accuracy.”
People should have reservations about having their data published in a public database. Blockchains decentralize the data but they don’t ensure its privacy. Blockchain data can be read by anyone with determination: family members, your government, foreign governments, your boss, or your competitors.
Right now, there are companies who will do that snooping for you. For a fee, they’ll investigate and match Bitcoin users’ identities to addresses on the Bitcoin blockchain. They’ll be able to do that for your device data that are housed on blockchain applications, too.
Once your personal IoT data is stored on blockchain applications, your privacy may be seriously compromised.
Blockchain Wasn’t Even Meant to be Anonymous!
So here we have the world’s most well-known application of blockchain, cryptocurrency. And it’s not anonymous, as everyone seems to think it is. But it never was meant to be anonymous, was it? Satoshi Nakamoto, the inventor of blockchain and bitcoin, said:
“We define an electronic coin as a chain of digital signatures.”
A chain of digital signatures: this means Bitcoin is fully traceable and not at all anonymous, for all practical purposes. And the same goes for every other application of blockchain, including smart homes and mobile app data.
So, blockchain databases are not anonymous… but we don’t need them to be! We do, however, need privacy to become a top concern among blockchain developers. That’s especially true now that many are viewing biometrics as a security solution.
Part Four: The Problem With Blockchain and Privacy
Blockchain technology has quite a few security concerns, many of which are concentrated in the so-called ‘last mile’ of each transaction. One proposed solution is the use of biometrics.
Biometrics: Great for Security But a Big Red Flag for Privacy
How do end users interact with the blockchain? How do they access the applications?
These are some of the pressing questions being asked by blockchain security experts right now. A very serious blockchain security issue does indeed occur during the ‘last mile’, where end users access data. How do they sign on? How are identities authenticated? The answer is: they use a password. If the application or website is more secure, maybe there’s multi-factor authentication.
But the problem is, passwords can be stolen and people can even be robbed of their multi-factor authentication factors.
Likewise, the victim’s private key (PK), used to access a particular blockchain, can be stolen, too. And guess what- those passwords, multi-factor tokens, and PKs can be given away under duress, leaving the door wide open for all kinds of criminal activity to take place.
That’s how blockchain fraud can propagate. The entire blockchain may be secure, but at the last mile, where users access the system, there is a very bad security problem.
And the solution? One possible and very obvious answer is biometrics. A fingerprint, a retina scan, an iris… these can secure blockchain technology in a way that’s far more powerful and secure than passwords and multi-factor authentication. However: privacy advocates should be nervous about the use of biometrics with blockchain tech.
The Problem: Biometrics Pose a Privacy Concern
Privacy concerns in any system are often rooted in security concerns. In other words, to solve security issues, privacy often goes right out the window.
That’s the case with biometrics. Biometrics are presented as a security solution but as far as privacy goes, this area of development needs… more development.
The problem is, the data involved with biometrics is even more personal than a password. Many people are not at all ready to have their unique biological identifying factors accessed by government, business, or anyone else for that matter.
Having your very personal biometric data stored in blockchains all over the place? For public viewing? Not a chance. Having users submit their fingerprints, for example, solves a lot of security issues. But how would you feel about having your fingerprints all over a public database? Or any other biometric data like your iris or your retina pattern? And keep in mind that once it’s up there, it’s up there for good. Because another beauty of blockchain is that no historical data can be altered.
It’s one thing for people to accept biometric technology on their phones, with fingerprint scanners. But expand that type of data to blockchains and it begins to feel an awful lot like a Big Brother scenario.
There’s also the matter of consent. Before you use something like facial recognition, another biometric, you’ll need consent. Right now, it’s legal in many places to use images of someone, taken in public without their consent, and use software to identify who they are. It’s legal for law enforcement in a lot of places, too.
And we’re still in the early phases of trying to regulate that sort of thing.
The same techniques used by law enforcement to connect your identity to your face could be used by people with access to blockchain data. That means your identity could be linked to your shopping habits, for example. Your pharmacy purchases, ready to be linked to your name- are we ready for that?
Conclusion: We’re Not There Yet
We all have a lot of work to do if the IoT is going to offer the kind of privacy protections we need.
Solve Biometrics to Solve Privacy Problems
Biometrics, if they’re going to help us solve security issues of the blockchain, need some top brains working on improvements so privacy is no longer an issue. We’ll need lots of top-level regulation, too, if our privacy concerns are going to be addressed by blockchain.
If we’re going to trust our IoT data to blockchain technology, we’ll definitely need to be moving a few mountains. Privacy issues still seem to lag behind other concerns. We’ve come a long way in the past 25 years on the internet. Now it’s time to make headway on privacy so the next 25 years of our (connected) lives are as safe, profitable, useful and delightful as the last.