The era of big data brings convenience and annoyance to people. Our daily life will produce a lot of data, which is an important asset for enterprises or individuals.
In recent years, there have been many problems related to information security, so personal privacy has gradually become a hot topic. Blockchain, with its characteristics of traceability and unforgeability, provides another open idea for privacy protection.
On March 3, Dr. Yan Qiang, a blockchain security scientist of Weizhong bank, visited the 01 live studio to share how the blockchain balances information transparency and privacy security on the theme of “science and technology focusing on human nature and privacy returning to the owner”. Dr. Yan Qiang pointed out that blockchain technology and privacy protection are very compatible. The application of blockchain technology can effectively solve some problems existing in the field of privacy protection, and improve the overall practicability of privacy protection technical solutions.
The following is the record of sharing:
01 there is no zero sum game between information transparency and privacy protection
The definition of privacy protection and information transparency and the relationship between them.
First of all, we can discuss the concept of privacy protection in a broad sense. A very important feature of privacy is that when some data that is not willing to be disclosed to others is disclosed, it will have adverse effects on enterprises, institutions or individuals. In this process, privacy is more often expressed in the form of some business data, such as financial data, financial data, trade data, etc. The privacy protection technology can protect the enterprise as well as the individual.
The other demand in the game is information transparency. In a literal sense, information transparency means making information public so that more people can know it. Information transparency can be regarded as a kind of data freedom, but as we all know, there is no absolute freedom in the world, and absolute freedom often means absolute non freedom. Similarly, absolute information transparency may eventually lead to absolute data transparency. Therefore, information transparency should be a kind of directional transparency. For example, users need to provide some information in the process of financial services. At this time, users only want the information to be owned by the financial service providers, and they do not want the financial service providers to share the information.
Since information transparency is a directional process, privacy protection happens to be a process of controlling the flow of data. They can actually follow the same path with the same goal. But there is another related problem, that is, who should have more initiative in the process of information circulation? Is it a user or an enterprise?
We can look at this issue from a different perspective, and perhaps we can draw different conclusions. For example, the value of 100 users is converted into the value of the enterprise. The user gets 20 yuan, and the enterprise gets the remaining 80 yuan; when the user’s bargaining power rises, the user gets 40 yuan. At this time, with traditional thinking, the enterprise’s income will be reduced to 60 yuan, so the enterprise is likely to have negative emotions and want to give up the business. This is to look at this problem in a way of value acquisition. When there is a 100 yuan cake, everyone wants to strive for greater value for themselves.
If we think from another angle, from the perspective of creating greater value through interaction and cooperation, maybe things will be different. In fact, it is possible to make this cake bigger. After better communication between all parties, it may be possible to develop a cake of 100 yuan to 1000 yuan. Even if the user gets 100 yuan, the remaining 900 yuan will still be given to the enterprise. In this process, more commercial value will be created.
Therefore, information transparency and privacy protection are not completely in conflict, and the only balance between them is the issue of interests. When we make the cake bigger together, we can get more benefits.
02 blockchain is a natural ecological balancer of privacy protection
In the process of privacy protection, blockchain has many advantages.
First of all, blockchain itself has certain particularity. The goal of blockchain and privacy protection is very consistent, and its biggest application scenario is in a weak trust, multi-party cooperation and game environment.
In many cooperation scenarios, many participants can not achieve full trust, but all parties need to work together to create new value. At this time, the application of blockchain can deliver value or provide a channel of trust.
In addition, in modern commercial society, the cost of trust is higher. Most of the time, companies spend a lot of resources doing background checks. Blockchain can solve the problem of high trust cost. Most of the time, what we call privacy protection is not a simple concept of protection, but to generate value in this process, we need to give data a certain degree of credibility.
However, there are also many non-technical factors affecting privacy protection relying on blockchain. For example, in the promotion of a new business, sometimes encounter greater resistance. It takes a certain time for the market to accept new things, and customers will have a lot of doubts about certain new technologies.
At present, we have understood some capabilities of blockchain technology, and the combination of blockchain technology and privacy protection can be carried out more smoothly.
03 the implementation of privacy protection needs to be deeply combined with business scenarios
At present, there are some challenges in the practice of privacy protection.
1. Different businesses have different needs for privacy protection
The business needs of different fields are different, and the protection of personal privacy is also different. In general, we can combine the traditional B2B, B2G, B2C to analyze.
For B2C business, first of all, performance is the point that needs to be paid attention to. Business must be able to deal with massive data (24.080, 0.72, 3.08%) and pay attention to user experience. In practice, once the program is a little more complicated, it may lose some customers. Therefore, there are many things that need special consideration in this regard. For B2B, B2G business, the current performance, application requirements are relatively low. This kind of business pays more attention to the confidentiality of data, including the controllability of private data flow.
2. Trusted third party role selection
In the design of the scheme, sometimes some trusted coordinator is needed to summarize the intermediate data or results. This kind of trusted third party is not an omniscient and omnipotent third party. It may only handle a part of the data and have more privileges than others. At this time, the choice of trusted third party becomes a problem. Generally, some public organizations will be invited to act as trusted third parties, but in some business scenarios, this problem is still difficult to solve.
3. Legal benefits of technical solutions
After all, we are talking about commerce, which inevitably leads to some unsatisfactory aspects. If we find that there is not a good performance of our own agreement, how to introduce the algorithm module with legal effect to solve the problem of accountability. In fact, this is not a purely technical problem, there are also governance and other related issues. The current technology has some limitations, such as slow calculation, data error can not be verified and accountability.
It is particularly important to note that technology is not a bottleneck in the business requirements we are facing. For example, in order to ensure the fairness of the bidding business, we will have a public bidding process after bidding. In this process, we will play the role of notary public, and open and read out the bidding documents. In this scenario, although the bidding document is associated with many trade secrets, it only requires that the key information be protected before the bid opening. In this way, we can design and use more efficient scenarios, in-depth optimization schemes, combined with the technical advantages of blockchain, to effectively support the privacy protection requirements in this scenario.
04 closed loop of industrial ecology is the key to the popularization of privacy protection
Privacy protection is often mentioned together with security. In many company departments, privacy and security are also linked together. But they are essentially different. Privacy protection itself contains a lot of personalized and customized needs, which can create new market opportunities or business models. Different from the business objectives of information security, in privacy protection, in many cases, we need to respect everyone’s choice, including when doing to B business, the needs of each customer are also very different, and the scheme needs to be adjusted and optimized. Therefore, privacy protection itself has certain potential to form a horizontal, cross domain and cross industry market.
In view of the overall situation of the current market, it is necessary to realize closed-loop. For privacy protection, it is still in the initial stage of drainage and experience, so we need to increase investment. Most of the time, customers don’t know their exact privacy protection requirements. They just want to add privacy protection features to their product solutions. In addition, the market may prefer a demand driven development model. Therefore, in my opinion, the urgent task at this stage is to strengthen user education and promote privacy protection technology to truly form an ecological closed loop with positive feedback.
Editor in charge: CT