How MPC can solve blockchain’s data privacy conundrum

By Kurt Nielsen[+]

Blockchain improves data protection but not confidentiality. Here’s why multi-party computation can be a solution…

“With the global cryptocurrency market cap now reaching US$2.1 trillion, the industry is experiencing a time of both heightened interest and heightened scrutiny by regulators, consumers, businesses and governments — some warranted, some not. This scrutiny runs parallel to the massive increase in concern directed toward big technology firms that are hoarding consumer data, creating a sense of urgency not seen since the advent of the World Wide Web — and for good reason. 

While blockchain technology has facilitated great strides toward data protection, it, too, has its downfalls. Blockchain technology does not solve for confidentiality and privacy, which greatly hampers its potential as a disruptive platform that facilitates value transfer and, at a time when more and more people seek to join the industry, it is imperative that leaders seek an alternative solution that ensures confidentiality and privacy for all consumers. 

There has been much excitement about blockchain’s potential to replace less secure forms of digital identification and digital collaboration like passwords and emails. In theory, blockchains are able to store personal information in a safe and secure manner due to their immutable ledger format. However, this format also plays a part in limiting privacy for users because it means that information that exists on the ledger can never be removed. This may pose a risk for people who have originally agreed to provide certain information but then wish to remove it from public records, something that becomes especially poignant when you consider that international regulations such as Europe’s GDPR (General Data Protection Regulation) require “the right to erasure” of personal data.

While blockchain may be secure, it does not facilitate total privacy. Users are not given the ability to control what information is collected about them, meaning they are liable to the same potential privacy infringements that have abounded since the advent of Big Tech. Blockchain certainly increases the ability of users to decide who can see their personal information but it doesn’t stop that data from being exposed on an immutable ledger. This becomes problematic when you consider that traditional cryptography is not the solution as re-encryption is not viable when data is persisted on the ledger.

We urgently need to tackle this problem by utilizing a neutral platform or infrastructure that ensures the empowerment of each individual consumer, as the oncoming great differentiator for tech companies will no doubt be how the company handles consumer data. This is even more pertinent as the internet economy is rapidly expanding into multiple areas of value transfer, notably in sectors where data security is an absolute prerequisite, such as banking, insurance, and telemedicine. How can such companies ensure confidentiality and privacy while enjoying the benefits offered by blockchain technology? The answer lies in MPC technology. 

MPC, or multi-party computation, solves for confidentiality by utilizing a network of computation nodes that compute directly on encrypted data while maintaining zero knowledge about the data. For example, an employer may want to find out the average age of each of their employees. For privacy reasons, these employees may not be willing to share their ages, so through secret sharing, the employees can share their age without their age being publicly identifiable to them. The possibilities this technology enables are endless, and one must only think of the benefits such technology could bring to industries such as banking and insurance. 

While MPC solves for privacy, blockchain itself can protect the individual data against data breaches via the decentralization of sensitive information. Alone, blockchain lacks the infrastructure required to ensure data remains private. By pairing the two, consumers can rest easy that their data is secure, confidential, and private; achieving the best of both worlds. 

Not only is the pairing of MPC technology and blockchain a better solution to safeguarding consumer data to those currently in existence, it is one of the most viable solutions that effectively deals with the monumental problem of data security. Especially in the realm of cryptocurrencies, more market participants means that more data is at risk, including sensitive KYC (know-your-customer) information, credit card information, social security numbers and home addresses. The list is endless. The increasing amount of data heightens the risk of data breaches, which in turn heightens the scepticism drawn from the average consumer. Consumers that are aware of the significant risk presented by data and privacy breaches will be less inclined to invest in a market or transact with an e-commerce provider or even interact on a social media platform. Pairing MPC technology with blockchain allows for these concerns to be alleviated, thus encouraging consumers to participate in whichever form of transaction at question with a lower level of concern. 

The very first commercial use of MPC technology occured in January 2008, just one year prior to the advent of Bitcoin. Ever since, our industry has not only seen the maturation of both technologies, but the widespread adoption of Bitcoin and the general acceptance amongst institutional investors that blockchain technology will play a significant role in our future. These two technologies are now converging, presenting immense benefits to industry leaders and consumers alike. The onus lies firmly on the industry to realize the risk it is taking in not doing enough to ensure the privacy and confidentiality of consumer data, and to embrace the most viable option in this groundbreaking convergence before it is too late.