The Personal Data Service (PDS) is an abstract concept for an isolated piece of digital real estate fully owned by an individual. It aims to grant a user with dynamic functionality of their data, allowing the owner to be in full control of any modification or sharing, enabling delegation to other individuals, etc. Blockchain networks have this functionality built in, since any state is controlled by the owner of a key pair. At Cambridge Blockchain we make the concept of the PDS more concrete by utilizing Ethereum for a fully dynamic user controlled state management system with a smart contract. The power of blockchains combined with a sophisticated traditional application layer allows different stakeholders to interact in a secure and privacy-protecting way, without losing functionality.
Privacy and Data Ownership
As the internet has become ubiquitous to everyday life both for personal and business use, a handful of technology giants have managed to capture a disproportionate amount of market share. In so doing they have become some of the most profitable and powerful companies ever. Some of these giants have balance sheets that surpass nation state budgets, and for a company like Facebook for example with over 2 billion monthly active users, has a larger population in some ways than any country.
The product for companies like Facebook is its user data and the analogy to it being the oil of the new century. The general population is becoming more aware and better informed on how their data is used in their interaction with internet services every year. With this, comes increasing market and regulatory demand for the ability for users to control their own data, while still having the ability to consume cloud based services. The prediction is that this market demand will continue to grow and the personal data service can be an ideal fit to provide the product functionality to meet these demands!
The public sentiment for social media and other SaaS tech giants has taken a downturn in the past few years, as users become consistently more aware of how their data is being misused. This has drawn out a considerable amount of well justified outrage from the public, and motivated much broader regulatory compliance rules with Europe leading the way via their General Data Protection Regulation (GDPR), and momentum picking up starting on the west coast in the United States. Such regulatory requirements can be a benefit for individuals and a deterrent for criminals if implemented correctly. The downside of these regulations is the introduction of friction into the internal business processes of these companies.
This is a challenge that Cambridge Blockchain has realized early on and where our PDS implementation provides a solution that can bridge the gap between internal objectives and regulatory requirements. We provide easily consumable APIs and cryptographic protected data access for minimal interruption of current business processes, while at the same time facilitating regulatory compliance and market demands for stricter privacy protection.
Challenges and Overhead
Blockchain networks combine the latest in state of the art technology in distributed computing, cryptography, and more, which is why it was the technology of choice for the bedrock data layer for the PDS implementation built at Cambridge Blockchain. However, this revolutionary technology does not come without its own set of challenges and overhead that needs to be overcome in order to see the benefits of the personal data service to be usable by any individual and/or business.
Some challenges that blockchain technology adds to a traditional web stack is the reliance on advanced cryptography, asynchronicity, and depending on the use case some fairly abstract economics, just to name a few. As such, for a user to interact with a network like Bitcoin directly they have to be fairly technical. This has eased up a lot in the past few years, yet still, in order to have the benefits of full data (money alternatives in the early blockchain use cases) ownership a network like Bitcoin offers, a user must understand the workings of their wallet, what it means to have the keys, how to manage them securely, etc. The same challenges pertain to a business that would like to interface with such a network.
For broader adoption of blockchain networks any user should be able to interface with these networks by requiring only the technical know how needed to consume any other service on the internet (e.g. authorization via easy to understand web interfaces). Also, since many people (most of them are not programmers) are fairly technical and care about the full ownership of their data, any personal data service should also provide functionality that enables just that!
The figure below outlines an example of an interaction of two entities, to illustrate the comparison between an individual in full control of their PDS (hard) and another that delegates the key management to a third party service (easy).
A Bridge to Self Sovereignty
To enable the best user experience as related to the discussion in the previous section, at Cambridge Blockchain we aim to offer a personal data service that supports all users of varying technical expertise. In future versions of the product we hope to provide a set of steps to transition between different degrees of data ownership.
Initially, when a user signs up through our flagship product Confidare, the functionality of their PDS is directly managed by keys internal to the platform. However, depending on the needs of the individual user or corporate entity, they may request to be given full control to their PDS within the platform.
The figure below illustrates how such functionality to facilitate such a request could be implemented.
This kind of functionality could be thought of as an identity bridge (or IDBridge 😉, the name of our API-based backend used by Confidare and usable by third-party applications and platforms) to the blockchain network. Also, as mentioned in a previous article, Cambridge Blockchain would provide a custodial key management service that would make this transition even easier for any customers that choose to use it.
As described here, the personal data service does not have to be limited to any one individual. Currently, supported within the Cambridge Blockchain platform a corporation or organization can have its representation within the Ethereum network using a PDS. Using this technology can democratize and improve corporate structure and governance. In fact, the DAO was a PDS! Maybe not the best example to encourage adoption given the result: https://www.wired.com/2016/06/50-million-hack-just-showed-dao-human, but the technical innovation that project aimed for is undeniable.
Some of the most recent innovations coming into the blockchain space are in fintech. Specifically with decentralized finance or DeFi. Here participants aim to lend, leverage, and bet on different cryptocurrencies for personal profit, but as a service to the market, assist in providing liquidity and price discovery (or so the theory goes). As is tradition with new blockchain tech, it is not without its fair share of exploits and quarks (like greater than 100% collateral for loans, go figure). But, experiments like these are always healthy and exciting! No one can predict their potential, and adoption in traditional finance could quickly lead to incredible opportunities and growth.
Currently the ecosystem seems quite fragmented with many different services coming online with their own protocols, pegged currencies, and the like. In order to participate in these platforms user’s are required to control their own keys, so it’s really an ideal ecosystem for adoption for a personal data service. This in conjunction with traditional organizations integrating their user base with distributed ledger technology could really accelerate the adoption of this new technology to solve a lot of business and societal problems together!
It is fair to say, that no matter what use cases companies in the blockchain and identity space are adopting, the Cambridge Blockchain data management solution is a fundamental building block that removes friction and at the same time facilitates regulatory compliance. Even more importantly Cambridge Blockchain’s offering is a value add for any company that manages user data, e.g. data from customers, vendors, suppliers, etc.