Meetup Recap: Privacy by Design?

Martin Schäffner

26 March 2019

Privacy is one of most central topics of this internet connected era. People want their private data to be protected from third parties which, for instance, resell the collected information to promote personalised advertisements or worse to do things like manipulate elections with what amounts to weaponised data science. In the past it was often the case that privacy was a mere afterthought when designing an online application. That's not the case anymore. In the wake of scandals such as Cambridge Analytica, it has become increasingly clear that system design needs to put privacy front and center if we want to avoid dystopian outcomes in our society. Thus, "Privacy by Design” was the topic of our meetup on on March 19, 2019.

Our audience at the meetup "Privacy by Design?"

The first person we invited to give some insights about this topic was Andrew Tobin, Managing Director of Evernym. Evernym is a US-based software company which develops decentralised, self-sovereign identity applications. Andrew talked about how Evernym developed and open sourced the Sovrin protocol to manage the secure and private issuance, holding and verification of digital credentials in a decentralised manner.

By using Sovrin, anyone can verify claims made by identity owners including the following four aspects of data validity without any contact with the credential issuer. This eliminates the risk that anyone can draw a correlation about private activities of credential holders based on the claims they make to verifiers.

  1. Who issued the data to the holder?
  2. Was it issued only to the holder, and not to anyone else?
  3. Has the data been tampered with between issuance and time of claim?
  4. Has the issuer revoked the credential?

He also pointed out that Sovrin is not limited to human credentials making highly useful for the M2M economy. It can also be used to issue and verify credentials for organisations and things empowering proofs for stuff like part numbers of machine components, company records or tax returns.

Sovrin enables the storage of verifiable credentials in a digital wallet. Compared to a physical wallet, there are a number of additional benefits. Backup- and recovery functionality, the ability to revoke credentials remotely and a selective disclosure functionality for the individual data points making up your identity are all made possible using this technology. The trouble with paper credentials is that they're pretty stupid.  Passports can get lost or stolen, if you show your drivers license to someone you have to show them the entire document, not just the relevant details, and if an issuer wants to revoke a credential they're pretty much out of luck when using a traditional paper identity document. With self- sovereign identity all of these scenarios are no longer problematic.

If you want to learn more about Evernym, their solutions and tools behind it, check their website or Andy's slides here and here.

Andrew Tobin presenting Sovrin, a self-sovereign identity solution

The second speaker of the event was Kevin Leuthardt the new Steward of Governance Working Group of the European Blockchain Association (EBA). He briefly presented the founding of the Working Group Governance in the EBA and explained how decentralised organisations can rely on a suitable governance model.

If you are interested in governance in decentralised organisations and have a law background we would appreciate if you could take a couple of minutes to fill out this survey. Thank you very much in advance.

Pan-European Survey on Decentralised Semi-Autonomous Organisation (DSAO) Governance

Kevin Leuthard presenting an update on the EBA Working Group Governance

As the final speaker of the day, we invited Dr. Elad Verbin to the stage. Elad is a Berlin-based computer scientist specialising in blockchain technologies, algorithm engineering, and predictive modelling. In blockchain space, he works on blockchain filesystems, governance, and macro-cryptoeconomics. At this meetup Elad shared some insights about  “Privacy on the Blockchain - Zero Knowledge Proofs and their Future Use”.

First of all he explained why people should care about privacy on the blockchain.

The first reason to do so is that privacy on the blockchain is broken. In the early bitcoin days people were buying pizza online with the same addresses they used to buy drugs on Silk Road. Even if it wasn't clear to the users at the time, what is clear now is that the buyer of the pizza is also the buyer of the drugs. There's a whole industry of players such as Chainalysis and BitCluster cropping up with products dedicated to tracing these transactions out there "in the clear".

The second reason to care about privacy of the blockchain is that private computation is necessary for Web3. It is not desirable to for all transactions made on the blockchain to be public. That notwithstanding we still want the benefits that data availability provides. As a result we're increasingly turning to computation on encrypted data, for example homomorphic encryption, to restore privacy while maintaining the availability of data sets for computational tasks.

The third reason is that more privacy establishes more trust in the system which automatically leads to more shared information and therefore more value all around for everyone.

The second aspect, Elad pointed out is the so called Secure Multiparty Computation (SMPC).

In SMPC, every player in the system learns only about their own input into the system and the output of the system without knowing the input of the other players so that privacy comes first. The special thing about SMPC is that it can be done for any function given enough time for computation and every task that can be computed can also be computed securely.

In an ideal world there would be a trusted middleman who could compute those functions. The middleman could collect all the input of the players and simply publish the result back to the players. We all know however that the trusted middle man approach usually fails due to the untrustworthiness of the "man in the middle". SMPC protocols functionally simulate the trusted middleman scenario without actually requiring any trusted party.

As a third point he introduced applications of private computation.

Private computation has been used in a number of productive contexts already and it is starting to seep into consumer applications like such as the chat platform Telegram. The same goes for Zero Knowledge Proofs nowadays.

As a first practical example, Elad presented a case study about Sugar Beet Auctions in Denmark from 2008. The problem there was, that the participating parties in sugar beet auctions needed a secure technical means of simulating a "trusted middleman" without actually having such a party and also without revealing private bids or the demand curve of the commodities purchasers. After deploying a SMPC-protocol-based auction system, the parties only knew how much they each sold without learning anything about the overall auction results while still arriving at an efficient market clearing price at the market level.

Based on this success governments started using private computation for radio frequency spectrum auctions resulting in more efficient and more fair auctions for these public goods. Telecommunication companies didn't have to make the prices paid for spectrum rights public and simultaneously the state received an efficient economic outcome from the auction.

Another potential use case is for private computation would be an algorithmic redistribution of wealth whereby individuals could make their finances and demographic information available in an encrypted format for algorithmic analysis. The idea here is that if the data were made available due to the advent of widespread trust in private computation, algorithmic design including reinforcement learning, control theory and optimisation theory could give us substantially better results and public policy than is available today. In the future, there will be more and more libraries available for private computation. Compared to today, the computation will also be cheaper and faster.

The last major point in Elad’s presentation was regarding practical issues in adopting this technology.

  • The first issue is the challenge of replacing the trusted middleman with a protocol. How is the function f defined and how to keep the privacy over time?
  • The second issue is the speed of SMPC. The speed of SMPC is pretty slow right now. But compared to some years ago it became significant faster.
  • The third issue is the current general lack of trust in SMPC. It's a big challenge for a new innovation to gain trust of the users. It takes some time for people to trust innovations and adapt to new technology.

Dr. Elad Verbin presenting Zero Knowledge Proofs and their future use

You can check out Elad's slides here.

We want to thank the speakers for their very interesting presentations at this Meetup about “Privacy by Design?”. We also want to thank Deloitte for hosting our event at their facilities and of course we want to thank our guests for coming to our meetup and asking high quality questions.

We would appreciate seeing you again at our next meetup about “The State of Secutity Token Offerings” on May 21st, 2019.