Considering that data is the gas in the tank of the Web2 business model, Web2 has proven to be woefully poor at controlling and protecting the very fuel on which it depends. Over recent years, leaks and hacks on centralized servers have become almost an everyday occurrence – and it’s getting worse. Once the pandemic hit, the sudden shift to working from home created multiple new attack vectors. The pressure on hospitals and healthcare systems made them particularly vulnerable, with cybersecurity breaches up by ten percent in 2021.
Then there’s the challenge of data harvesting and surveillance – a shadow we’ve all had to live with since the Snowden revelations in 2014. Legislation like the European General Data Protection Regulation (GDPR) aims to address this imbalance, but in reality, it simply ends up in long, drawn-out legal battles. The latest twist in a GDPR dispute between the EU and Meta Platforms is that the firm has threatened to pull Facebook and Instagram entirely – hardly a desirable outcome for millions of users.
Furthermore, there’s a severe lack of transparency with how data is used across the board. Once we hand over our data to a third party, we have no way of knowing how it may be passed on, sold, transferred, or otherwise misused.
Is Blockchain the Answer?
Blockchain is purported to offer a solution to many of these problems, and it’s true that from the individual perspective, there’s plenty of promise. Encrypted, self-sovereign identities could allow us to regain some control over how our personal data is distributed and used.
However, personal data is just one part of the equation. Companies also hold a vast amount of data that doesn’t necessarily just relate to people, and that’s just as sensitive, if not more so, from the corporate perspective. Consider data such as trade secrets and intellectual property, the prices paid to suppliers, financial data, and more. Self-sovereign identities wouldn’t have protected Nvidia from its most recent hack, which resulted in the leak of proprietary information about the firm’s latest GPU driver.
There are often too many compromises for enterprises to consider blockchain a viable solution in terms of protecting this kind of data. Legacy platforms like Ethereum are the most secure thanks to being heavily decentralized, but they’re slow and expensive to run. What’s more, they’re also too transparent for most firms wanting to keep a degree of privacy over their enterprise data.
Then there’s the control element. Firms generally balk at the idea of putting data on a decentralized network that anyone can join. Permissioned or private implementations of distributed ledgers are a compromise, acting as a walled garden for data. However, private blockchains also mean compromising trust because it creates a centralized point of control.
There’s also the inherent tension between blockchain records and the terms of the GDPR. The regulation stipulates a “right to be forgotten,” which allows any data owner to request the deletion of their data – a right that blockchain’s iron-clad transaction immutability cannot reconcile.
Tackling the Blockers
Over recent years, blockchain innovators have been working to solve some of these tradeoffs, with the positive result that some firms are now beginning to embrace blockchain to support business-critical processes. Most recently, BNY Mellon partnered with Chainalysis to take advantage of its suite of risk management solutions when onboarding clients who wish to transact in crypto.
However, while challenges like scalability and fees are selling points for almost every non-Ethereum platform these days, only one project has managed to solve the GDPR conflict, and seemingly, only one has managed to create a permissioned or private instance of blockchain that doesn’t compromise on trust. In both cases, the answer is ParallelChain.
ParallelChain introduces a unique feature called “proof of immutability”, which stores blockchain metadata. It allows participants in a blockchain network to verify the trustworthiness of each others’ data by proving its immutability.
Why would you need proof of immutability, though, if it’s a feature inherent to blockchain transactions? Because ParallelChain recognizes the issue that in smaller blockchain networks, or private or permissioned networks, the risk of manipulation exists. The evident vulnerability of smaller chains like Ethereum Classic to 51% attacks explains why entities may wish to add an extra layer of verification to attest to the quality of their data.
ParallelChain has also found a solution to the “right to be forgotten” clause of the GDPR, having established a proprietary solution that would ensure compliance. The project has a patent application pending for the method.
Reclaiming Control Over Our Data
With these solutions, a firm can operate an instance of ParallelPrivate with an assurance of compliance data integrity and on a platform that can handle 120,000 transactions per second with a 0.003-second average latency. It’s also compatible with Hyperledger-powered apps, allowing easy portability.
The problem of data control is quite literally out of control in the Web2 model. But as more blockchain and Web3 solutions emerge, we can hope that enterprises and individuals alike can begin to find better ways to manage the challenges, achieving a more optimal balance of privacy and integrity.