Privacy and Consent on the Shyft Network
by Kris Coward, Chief Scientist
How Shyft network improves user privacy, without taking it to the extreme of being useless for compliance: Part 2
Hello there! My name is Kristofer Coward, and I’m the Chief Scientist for Shyft Network. I wanted to chime in with a few words about our approach to privacy on the blockchain.
As I mentioned in my previous post, it’s hard to think of a blockchain as a privacy-enhancing technology. However, here at Shyft we have designed out network protocols with privacy in mind from the very start. Here’s how.
Hashing of confidential information
The metadata describing the (identifying) documents attested to on the Shyft chain is encrypted with a symmetric key shared by the trust anchor and the user whose data the attestation references. Not only does this keep this metadata confidential, it adds an additional layer of security. This is because documents in an attestation are referenced by a hash of the (possibly digitized) document, which is extremely difficult to guess without having access to the document itself.
When a data user seeks to demonstrate to a trust anchor that they have permission to access a document, the message that they send to the trust anchor is required to identify the documents whose sharing has been consented to, by this hard-to-guess hash. The hash is part of the data that’s encrypted with a symmetric key before being included with the attestation. This means that a consent message needs data unlocked by the data-owner/user’s key in order to be meaningful, in addition to requiring that the consent message be signed by the user/data-owner in order to be valid. It should be noted that the symmetric key is not included in the signed data; this allows the existence of signed consent to be audited, without having to share this (confidential) key with the auditors.
How end-users remain in control of their data
Furthering our commitment to ensure that our end-users are in control of their data (and working from the principle that if a piece of data is about you, that makes it your data, regardless of who collected, generated, or otherwise has custody of it), the Shyft consent messages include a field where the end-user giving consent can specify exactly what they’re allowing the recipient of the data to do with it. Some example uses include storing (or merely accessing) a copy of the data to comply with regulations (such as Know Your Customer rules), or verifying properties of the identity referenced in the data (e.g. that the person described isn’t a politically exposed person, nor do they count as an insider on any publicly traded company) and, optionally, to post an attestation making the results of that verification available.
We also expect that even where not required by privacy regulations, we will provide strong incentives for application providers (possibly up to the point of being endorsed to offer their applications on the Shyft network at all) not to require users to consent to data uses that are neither necessary for the core functionality of the service being provided, nor for regulatory compliance. After all, consent is all but meaningless when granted under coercion, and this is not a state of affairs that we intend to promote.
Another important feature of consent that we are implementing is the ability for this consent to be revoked. This is a more complicated feature to implement, as it can involve some degree of negotiation to determine whether, for example, data whose consent to store has been revoked can in fact be deleted without forcing an application provider into regulatory non-compliance. Although this is more complicated, and even though we could likely take advantage of broad interpretations of certain existing standards (e.g. the public interest exception in the GDPR) to avoid implementing these negotiations, we’re including them anyway.
This is both a demonstration of our commitment to user privacy, and a challenge to other companies holding private data to comply with as strict an interpretation of the public interest exemption as we are adhering to.
Shyft is building a blockchain-based ecosystem that allows for the secure and private sharing of data for industries, governments, and consumers. Shyft’s ecosystem helps to streamline and reduce the amount of individual records that need to be collected, while allowing for data monetization and the secure transfer of verified, encrypted attested data.
For more information on Shyft, please visit www.shyft.network.