Time for a privacy reckoning on blockchain
Security experts from the University of South Australia (UniSA) are calling on the ICT industry to consider developing variations of blockchain technology that take privacy seriously.
New research from the university, produced in collaboration with Charles Sturt University, suggests that the next generation of connected software and hardware could be the breaking point for issues around privacy and data protection.
According to UniSA emerging technologies researcher Dr Kirsten Wahlstrom, societies and economies are increasingly being organised around data, and that has huge implications for privacy.
“The main problem is, we’re still struggling to understand what ‘privacy’ actually means in an online world. It’s not the same as data security and protection; it’s about how individuals control their whole online identity, and expectations around that change from person to person and situation to situation,” she said.
“By now we should have smarter technologies that recognise those changing contexts and preferences, but so far that hasn’t been a priority so, in fact, emerging technologies like blockchain and the Internet of Things have the potential to further compromise people’s privacy.”
Dr Wahlstrom noted that the same features that make blockchain robust in terms of preventing fraud and manipulation also make it a privacy minefield — as well as a regulatory nightmare.
“The European Court of Justice ruled European citizens have the right to be forgotten,” Dr Wahlstrom explained, “but once someone’s details are embedded in a blockchain, the system never forgets — yes, those details might be encrypted, but they are also part of an irreversible ledger, and one that’s on the cloud.”
Alternatives being explored include a system known as Holochain, which uses a distributed hash table to break the blockchain up. This chain, instead of being stored on the cloud, sits where end users want it to sit.
“This allows individuals to verify data without disclosing all its details or permanently storing it in the cloud, but there are also still a lot of questions to answer about how this affects the long-term viability of the chain and how it obtains verifications,” Dr Wahlstrom said.
Research from Bitdefender has highlighted the disconnect between how business leaders and infosec...
A survey by Gartner has found that cybersecurity analysts are concerned about the rapidly...
The US Department of Justice has issued warrants for five alleged members of the APT41 cybercrime...