Blockchains are touted as subsequent era databases that promise to facilitate safe and environment friendly transactions between unknown events. Nevertheless, one of many major pillars of a blockchain’s safety is the truth that folks with entry to the blockchain can see the complete historical past of transactions executed on the blockchain – the end result being that every get together has an equal alternative to confirm the accuracy of knowledge saved. But when all the knowledge saved on the blockchain might be seen by anybody with entry to the blockchain, what occurs when that info qualifies as “private info” beneath Canadian privateness legal guidelines? Organizations that gather use or disclose “private info” are topic to quite a lot of compliance obligations, which as we set out beneath, might be troublesome to reconcile with sure blockchain fundamentals.
What’s private info?
In Gordon v Canada, the Federal Court docket defined that non-public info is info that can be utilized to establish a person if the knowledge “permits” or “leads” to the doable identification of the person, whether or not on the premise of that info alone, or when the knowledge is mixed with different info from different accessible sources. Accordingly, an organization that merely “de-identifies” or “pseudonymizes” information should be topic to Canadian privateness legislation necessities as a result of there’s a risk that such information might be “re-identified”. This poses a singular problem to the builders of blockchain infrastructure, and the companies that function atop blockchain infrastructure, when the metadata that’s essentially ingrained in blockchain transactions could also be re-identifiable. Such metadata might represent private info when it reveals the place transactions are despatched from, who they’re despatched to (not essentially the title of the recipient, however the handle of the recipient), how a lot cash was despatched, and at what time.
Take decentralized functions (DApps) for instance, that are constructed from software program deployed on the blockchain (e.g., good contracts) which are usually designed to execute enterprise operations for firms. The operations of the good contracts that successfully facilitate the performance of the DApps are sometimes made publicly accessible to each node within the blockchain community as “bytecode”, which might be reverse engineered to disclose the identical transactional info as metadata in peer-to-peer transactions.
So, what does it imply if such information, saved and processed on public blockchain networks, qualifies as private info? The result’s considerably of a paradox.
The blockchain – privateness paradox
Data printed to a blockchain can’t be deleted, however most fashionable privateness laws grant people a “proper to be forgotten”. How can a person or information topic train their proper to be forgotten when the knowledge recorded on a blockchain’s ledger is everlasting?
The very foundation of belief in decentralized networks outcomes from the transparency of the ledger. All members in public blockchain networks belief within the sanctity of the knowledge as a result of they will all see and analyze that info equally and in actual time. But when all the knowledge is clear, it turns into accessible to anybody and should, theoretically, be utilized by unknown actors for unknown functions. Accordingly, how can an entity that leverages blockchain expertise to execute transactions and/or retailer info present the suitable protections for information topics round how their info could also be used or disclosed?
Public blockchains are deliberately decentralized so that there’s not one accountable entity. Furthermore, the networks composed via public blockchains usually span jurisdictions, and should encompass tons of, 1000’s, or tens of millions of people that all technically have the power to tell updates to the blockchain (a capability akin to managerial determination making). Beneath these circumstances, how can a regulator implement actions in opposition to the supporters of a public blockchain, when duties round repairs, administration, and ongoing improvement are unfold throughout a group of unassociated people?
Finest practices for managing private info within the blockchain context
No official suggestions or interpretations of how you can course of private information on public or non-public blockchains have been printed in Canada. Nevertheless, a broad interpretation of private info, which is customary beneath Canadian legal guidelines, might deter blockchain stakeholders from processing private information on public blockchains, as a result of information on a blockchain is accessible by anybody with entry to that blockchain, and distributed/saved amongst all nodes within the public blockchain community.
Within the non-public blockchain context, administration of particular person rights over private info is feasible as a result of there are designated and accountable entities that management the variety of stakeholders with entry to the blockchain. Beneath such circumstances, stakeholders might require compliance with privateness laws as a way of accessing the non-public blockchain and its related software(s). Stakeholders may be faraway from the community for failures to conform, and a sufficiently centralized non-public blockchain could also be overwritten by members via collaboration to reply to sure privateness infringing incidents.
The stakeholders behind DApps in both public or non-public blockchain contexts even have the power to proactively mitigate privateness legislation dangers by designing applicable privateness insurance policies and implementing greatest practices that contain:
- Combining on-chain and off-chain information
The blockchain software ought to keep away from storing private information as a payload on the blockchain (i.e., together with figuring out info within the message accompanying the fee itself), and as an alternative have blockchain transactions function mere pointers or an entry management mechanism to extra readily managed storage options off-chain.
- Using privateness centric applied sciences and cryptographic strategies
Encryption strategies at present being utilized by privacy-centric chains embrace ZK-SNARKS, Ring Confidential Transactions, and mixing strategies, all of that are meant to masks the id of the sender or recipient and/or permit members to substantiate transactional legitimacy by cryptographically proving that they know one thing with out revealing the character and id of the knowledge.
- Conducting information transformations
Different privateness enhancing encryption and destruction strategies could also be used to guard a person’s privateness rights, corresponding to hashing information or making use of different information transformation strategies to non-public info, and revocation of entry rights to a blockchain software (or whole blockchain in a personal blockchain community). Nevertheless, Canadian regulators haven’t addressed whether or not such measures are enough to fulfill the calls for of Canadian privateness laws.
Organizations leveraging blockchain expertise to gather, use or disclose private info should take care to stay knowledgeable and compliant to necessities beneath Canadian privateness legal guidelines.
- Workplace of the Privateness Commissioner of Canada, Metadata and Privateness: A Technical and Authorized Overview (October 2014) at 6↩
- Di Filippi, “The Interaction Between Decentralization and Privateness” The Case of Blockchain Applied sciences” (2016) n. 7 Journal of Peer Manufacturing: Different Internets 5 (SSRN) at 8. ↩