Category

Posts

Blockchain-based Value Chain

By | Posts

Consumer awareness of matters such as the sourcing, authenticity and the value chain of specific products is constantly growing and evolving. We are in particular witnessing a change in consumers habits driven primarily by two cohorts: Millennials and Generation Z. These days, topics such as corporate social responsibility and corporate ethics are on everyone’s lips – a reflection of the widespread desire to consume more responsibly and more ethically. So much so, in fact, that these notions have begun to seem very relevant to a company’s bottom line. As Millennials and Generation Z become an ever more influential consumer group and employee demographic, the demand for environmental and social sustainability is likely to increase.

 

It sometimes happens that discrepancies appear between the product information that is made available to consumers, and the producers’ own knowledge of the supply chain or the manufacturing process. When this kind of mismatch occurs, economic and legal (or even technological) developments do not always improve the transparency of the market. The fundamental information asymmetry between producer and consumer remains, and it leaves the responsible consumer reliant only on traditional, indirect methods to value a given product. The responsible consumer has little power to control the process behind a product and might, for instance, purchase a fancy garment completely unaware of the labour exploitation involved in the upstream process to produce that garment.

 

Any technology that ensures more reliable and more transparent information will accelerate consumer awareness around responsible consumption. Indeed, blockchain has a prime opportunity to position itself as a new technological infrastructure on top of which the new age of responsible consumption can flourish.

 

Although blockchain-based systems can differ in their architectural configurations, at their core they offer the means to store information in a shared registry called a “ledger”, with the right to read or update that ledger being distributed among a network of users rather than being controlled by a single entity.

 

Records are transparent because they are auditable by a predefined group of participants. That group can be more or less open, or even completely public as is the case, for instance, with Bitcoin. In this way, anyone with an Internet connection and with access rights to a given blockchain can inspect the ledger at any time without the need for an intermediary service provider. Once stored on the ledger, records are immutable: they cannot be changed, and can be overwritten or cancelled only if the majority of users agree. Moreover, to add new records to the ledger, users must use a personal private key, this being used to generate a unique cryptographically-protected signature for each new transaction.

 

At the beginning of the 20th century, the two major innovations in the supply chain were the container and the barcode. These two extremely simple yet effective standards were highly complementary, and enabled the growth of global supply chains across different industries. Where global supply/value chains are primarily concerned with data (as opposed to goods), new requirements will need to determine what standards must be met by a smart (data) container, or data facility.

 

In this sense, some 80% of total value creation still waits on the qualities of independence and interoperability which the combination of the container and the bar code has already made possible for physical goods. Blockchain may be the technology to provide those qualities for smart (data) containers.

Despite recent hype, blockchain should not be seen as a solution to all problems. But it can bring significantly greater transparency to the consumer market along the whole supply chain.

 

Crucially, blockchain provides:

  • Decentralisation, taking control of data out of the hands of one single administrator, which often becomes a single point of failure or corruption;
  • Auditability and Traceability, guaranteeing that each step in a supply chain can be verified for the benefit of end consumers or to ensure the integrity of agreements between supply chain participants. Moreover, traceability enables provenance detection and a full transaction history to be established based on a single source of truth;
  • Transparency, allowing all suppliers and other stake holders to monitor in real-time goods stored in the ledger, the records for which are updated at each subsequent step along the supply chain;
  • Immutability, preventing any user taking part to the supply chain to backward manipulate the data. The history of each product record in the ledger is visible and immutable.

Blockchain and the GDPR: an overview

By | Posts

Blockchain can be described as a secure, distributed database. It presents certain key features that make it potentially compliant with a strict interpretation of GDPR, such as transparency, anonymity, digital verification and the irreversibility of records.

However, some parts of the GDPR may be difficult or even impossible to comply with in the crypto-space. Take for instance the right of rectification and the right of erasure. These seem to be incompatible with the core function of a blockchain, namely that of keeping within the system an immutable copy of all previous transactions. Indeed, this problem extends to all blockchain systems, including (perhaps especially) to those specific to the field of data storage.

If we consider GDPR as a whole, many of its other requirements seem to be a perfect match for blockchain. For example, blockchain data secured by cryptographic techniques are very well suited to ensuring a high level of (data) security in accordance with Article 32 of the Regulation.

Blockchain’s various different configurations offer new ways of analysing GDPR. With regard to data storage, fragmenting documents across different hard drives enhances individuals’ control over their data, by making it impossible for a single node to access its contents as there is no one single point of control and, consequently, no data controllers. This is a strong argument against a strict interpretation of GDPR in the crypto space. The alternative would be to apply GDPR to blockchain in a strict way that views all participating nodes as data controllers, and any distributed data processing by them as non-compliant with GDPR and therefore (presumably) unlawful. But that would be nonsensical given that the aims of blockchain and GDPR are closely aligned: giving people back control over their data. It is for this reason that EU institutions will surely soon be urging further clarification on this point.

GDPR compliance is therefore a significant question mark for many existing procedures and frameworks. Nevertheless, blockchain technologies have a significant advantage in the fact that, absent a dominant protocol, the quick pace of ongoing research will allow for the development of future solutions. The lack of any tailored legislative intervention in this dynamic and rapidly evolving space may therefore allow for a solution to the regulatory dilemma to emerge from the technology itself. Even though it isn’t yet clear to what extent blockchain technologies will need to comply with data protection law, many have already begun to explore technical solutions to GDPR compliance. In particular, it has been proposed to store personal data off-chain, while storing on the blockchain only a hashed reference to these data and metadata.

Off-chain storage of personal data will surely make blockchain systems compliant with GDPR, but in turn this raises some new issues. In fact, it will introduce an additional layer of complexity, making systems increasingly prone to potential breaches, while at the same time reducing individuals’ control over their data.

By Paolo Tasca