Are Some Blockchain for Good Projects Fooling Us?
Blockchain is at the center of one of the largest hype cycles of the decade, and it seems like technology and global development researchers and practitioners are starting to be expected to have some sort of opinion related to it. These opinions tend to range from “this is the ultimate key to individual empowerment, autonomy, and freedom” to “here we go again, another overhyped technology to experiment with on the poor”.
Organizations are already starting to build blockchain into their pilots. IFC and the World Bank opened up a blockchain research initiative, various UN agencies are putting some projects out in the wild, and there are already hundreds of “blockchain for good” type projects. With more and more projects with noble causes coming out and being piloted, I’ve been seeing more and more highly publicized implementations of blockchain that may not be what they seem at first glance to those that may not have a base level architectural understanding of some key components on what people are referring to as blockchain.
Blockchain… but why?
Bitcoin, Ethereum (mainnet), Litecoin, and many other blockchain-based technologies you may be familiar with are what are considered to be on public blockchains. Public blockchains are very powerful because essentially they allows anyone to validate the blockchain, making it decentralized and more secure. This is one of the cornerstone principles that allow systems like Bitcoin to be considered have “trustless consensus” which means you don’t have to trust any specific individual or corporation to safely use. This attribute is one of the very main reasons many people are excited about blockchain. If someone is talking to you about why they love blockchain, and they mention it’s censorship resistant properties, deeper transparency that allows for public auditing, the democratization blockchain brings, etc, they are probably referring to public blockchains.
One misunderstanding that people have when they hear “public blockchain” is that all the data published to that gets added is publicly readable. That isn’t the case necessarily. It just means it is anyone can validate the blockchain, and with different methods of encryption, it’s possible to validate a blockchain without reading contents. This can be implemented in a number of ways and can vary from blockchain implementation to blockchain implementation.
Private Chains
However, there are a number of higher-profile projects in the global development space that are building private blockchains into their solutions. In public blockchains, anyone in theory can become a validator, while in private blockchain implementations only certain entities have that ability. This means there is no “trustless” system among all the users of the blockchain, and all users must trust the organizations or individuals who have been chosen to be validators. Why does this matter? Assume a theoretical government is corrupt. (Hard to believe, right? Just use your imagination.) They implement a private blockchain solution to collect votes, and they have a bunch of machines distributed across their country that are validators to make sure everything is correct. Now let’s assume an unwanted outcome in the eyes of the government has occurred in this election. Said government then could change data on the machines in their possession. At this point you may be asking “what’s the difference between this solution compared to a standard, common database implementation?”. In this case, it’s not different in its benefits, and just carries all of the inefficiencies and burdens of the blockchain.
So are private blockchains useless? Perhaps not in some cases. Perhaps there are a multitude of partner organizations, let’s say an insurance company, a hospital, and local doctors offices all decided to use the same blockchain for their patients. All three entities want to trust each other that they have the same data, and still keep copies of the data locally. Blockchain can help, potentially. All three organizations can verify amongst themselves that the data is correct, so the three organizations establish some degrees of trust amongst themselves. Patients cannot verify any of the data and perhaps can only add in data amongst themselves. They have to trust the blockchain owners (the three validators) that their data is correct and safe. This is a pivotal distinction, however, and gives the blockchain a different set of benefits and usecases that need to be outlined in public documentation.
A lot of organizations in the global development space are using private blockchains to ride the hype train when a centralized solution can do the same thing, but better.
Blockchains, in the most simplistic of ways, are bascially a special kind of database. They are inherently inefficient compared to a traditional database, but that is viewed as a sacrifice to gain security, transparency, censorship resistance, and even exciting things like giving users the ability to even own their own data. Private blockchains do not offer these benefits, or at least not as clearly as public chains. They basically perform the same function as a standard database, with the exception of sharing ownership amongst the entities in power.
For example, when I heard about the World Food Programme piloting Building Blocks, I was really excited. At the end of the day they make claims like:
The blockchain is a digital ledger technology used as a trusted way to track the ownership of assets without the need for a central authority, which could speed up transactions while lowering the chance of fraud or data mismanagement.
-World Food Programme (from http://innovation.wfp.org/project/building-blocks)
After looking into the project and learning that it is a private chain that utilizes Proof-of-Authority, I can’t help but ask, why not just use standard tools from Amazon Web Services that will be cheaper, easier, and much more efficient? There is no magic dust here, and if authority notes are going to comprise of people that the WFP controls or has the influence of, there seems to be no difference functionally relating to security. The authority itself is centralized and there’s no real reduction in fraud or data management unless the WFP is giving authority to other entities they have no power over, and even then, is it really worth it? I am remarkably skeptical when organizations describe benefits of a public blockchain to describe their privately held solution.
They go on to say things like:
As of January 2018, more than 100,000 people residing in camps redeem their WFP-provided assistance through the blockchain-based system. Thanks to the technology, WFP has a full, in-house record of every transaction that occurs at that retailer, ensuring greater security and privacy for the Syrian refugees.
-World Food Programme (from http://innovation.wfp.org/project/building-blocks)
WFP has a full, in-house record of every transaction? Sounds awfully familiar… very much like a traditional database. To be fair, it is feasible that this implementation would have some value if the WFP adds partner organizations to form digital trust between WFP and said organization, but even then, was trust a major issue between partner organizations?
To be clear, I love that WFP is looking into this technology in an active way. I am happy they partnered with some industry leading companies like ParityTech. My concern regarding projects like WFP’s Building Blocks is two fold: 1) there is understandable confusion between benefits of public and private blockchains and the lack of clarity adds to that confusion, and 2) will this continue to cause critical global development researchers and practitioners to roll their eyes any time they hear the word “blockchain” because it’s not actually offering anything new, and overcomplicating something unnecessarily?
There are seemingly countless projects that are private chain-based that are disguised as having benefits of the public chain, and even more concerning are projects that don’t publish information at all on their technical implementations that affect vulnerable people. Aid:Tech, an organization that has won major awards and grants, been featured in dozens of major media outlets, and is partnering with organizations like the Irish Red Cross and the United Nations Development Programme (UNDP) seems to be doing just that. The programs they are running seem very exciting that use “blockchain” with digital identity and a financial payments implementation that seems cutting edge while promoting their implementation of blockchain as providing more security and transparency. As an advocate of the Principles for Digital Development, I feel uncomfortable when organizations like Aid:Tech are not being transparent with their system designs or at the least, not making that information easily accessible. At the time of writing, for example, they have a section entitled “Case Studies” which has a link to an area of their website that consists of two short paragraphs with very basic information on the project, and a handful of photos, and a graphic that presents benefits of the program in 8 bullet points. I have also reached out to Aid:Tech about more information about their implementation and received no response. We need to cultivate a culture of forthrightness and transparency about a technology that is billed as being for transparency and security.
In fairness, public chains might seem scary to organizations. They are available to be validated by anyone, and privacy and security protections need to be thought through thoroughly, but to be honest, we came here for the benefits of the public chain, not an overly complicated, inefficient database disguised as innovation.
