A research paper from the University of South Australia suggests blockchain technology needs to be refined so it can better protect privacy.
Described in a university blog post on Thursday, the research findings show the very features that make blockchain secure are also problematic for personal privacy, particularly under European standards.
The work was conducted by emerging technologies doctoral researcher Kirsten Wahlstrom in collaboration with Anwaar Ulhaq and Oliver Burmeister of Charles Sturt University, also in Australia.
The team found emerging technologies such as blockchain and the internet of things possess the potential to compromise people’s privacy in the way they immutably store data.
That's because blockchains use details of previous transactions, including data that can be used to identify participants, to verify future transactions.
“Once someone’s details are embedded in a blockchain, the system never forgets," Wahlstrom said. "Yes, those details might be encrypted, but they are also part of an irreversible ledger, and one that’s on the cloud."
The paper references recent legal developments in the European Union meaning citizens possess the "right to be forgotten" in relation to their internet-hosted data.
So, as long as a blockchain exists it conflicts with the European ruling that people have the right to retract their data, Wahlstrom said.
In August, digital rights group the Electronic Frontier Foundation raised similar concerns over a proposed California law allowing medical records to be stored on a blockchain.
Standards need to be cemented now in order develop a clear distinction on what privacy is, as well as what governments and organizations are trying to protect and why, Wahlstrom noted.
"The main problem is, we’re still struggling to understand what 'privacy' actually means in an online world," she added.
The research cited Holochain as an example of technology that might address the privacy issue.
The project uses distributed hash tables, a form of a distributed database that can record data associated with a key on a network of peer nodes, and avoids the all-encompassing "ledger" of a blockchain.
“This allows individuals to verify data without disclosing all its details or permanently storing it in the cloud," Wahlstrom said, "but there are also still a lot of questions to answer about how this affects the long-term viability of the chain and how it obtains verifications.”
Originally published by
Sebastian Sinclair | September 10, 2020