Researchers from the University of South Australia have concluded that blockchain technology needs to be improved to improve user privacy.
The research results, described in a blog post from the University of South Australia, show that the features that make the blockchain secure pose privacy concerns for users, especially in line with new European standards.
The study was conducted by advanced technology researcher Dr. Kirsten Wahlstrom in collaboration with Dr. Anwaar Ulhaq and Professor Oliver Burmeister from Charles Sturt University.
The research team found that new technologies such as blockchain and the Internet of Things can compromise people’s privacy because they are immutable and store data. This is due to the fact that blockchains use the details of previous transactions, including data that can be used to identify participants, to verify future transactions.
“When someone’s data enters the blockchain, the system never forgets it,” Walstrom said. “Yes, this data can be encrypted, but it is also part of an immutable ledger that is stored in the cloud.”
The document mentions recent legal changes in EU legislation, meaning that citizens have a “right to be forgotten” in relation to their data posted on the Internet. Thus, as long as the blockchain exists, the technology is contrary to European regulation that people have the right to revoke their data, Walstrom said.
In August, the not-for-profit Electronic Frontier Foundation (EFF) raised similar concerns about a proposed California law allowing medical records to be stored on the blockchain.
“Standards need to be consolidated now to clearly delineate the concept of confidentiality and what governments and organizations are trying to protect and why,” Walstrom said. “The main problem is that we are still trying to understand what privacy really means in the online world.”
Holochain is an example of technology that can solve the privacy problem, according to the study. The project uses distributed hash tables, a form of a distributed database that can record data associated with a key in a P2P network of nodes, and avoids the need to create a comprehensive “ledger” of the blockchain.
“This allows people to verify data without revealing all of its details or storing it permanently in the cloud,” Walstrom said. “But there are still many questions about how this affects the long-term viability of the chain and how it gets validated.”
Many projects in the blockchain industry are implementing privacy solutions. The Secret Network recently announced that it will deploy “secret contracts” on its blockchain on September 15th. These smart contracts allow the use of confidential data in dApps without disclosing the original information.