Nowadays, there is a transition phase in everything related to the management and control of personal data that is changing the habits of users and how to interact with digital media. We are spectators of a change: just a few years ago, user data were in the hands of companies similar to black boxes, without clarity and transparency regarding their use but now users are aware of the value they have and the need to make a responsible use of them.
Scandals such as the Cambridge Analytica case, a company that used the data of millions of Facebook users to influence them during political campaigns, has brought the problem of data management into the media spotlight. Additionally, the introduction in Europe of a new regulation on data protection, General Data Protection Regulation (GDPR), is intensifying the controls that companies must comply with in order to process personal data.
However, users want to go further, demand transparency and control, and they want to know what is use of their personal data and be able to choose whether or not to transfer them under an untouchable premise, they are the owners of their own data. Today’s users no longer agree to transfer their data so that others exploit them, but instead users want to have full control over them and the final decision on their use and exploitation.
As a consequence, the arrival of blockchain is generating a new paradigm in the field of the management of these valuable assets, the data. This technology allows, in a transparent and totally reliable and auditable manner, to close a data transfer agreement between two parties in case both require it. And in this case, this contract would not depend on a third party certifier, but it could be the technology itself that closes the agreement thanks to the use of “Smart Contracts”.
In this scenario, in which the transfer and control of the data is delegated to the blockchain technology, only two types of agents would be involved, the “sellers” and the “buyers”, that is, the users, who transfer their data in exchange for a certain benefit; and companies, interested in acquiring the data to exploit it for economic purposes. Intervention by third parties would no longer be necessary. Although, another approach would be one in which the companies that contain user data themselves were the promoters of the implementation of a solution like this one in order to market their users’ data with third parties, so that said users could decide whether their data is marketed or not and for what purposes.
Within this blockchain-based solution, it would be necessary to identify the participants unequivocally. This is where the blockchain ID is involved, a unique identifier that cannot be replicated, used to identify users and businesses within the blockchain.
On the other hand, since a user can have different types of data (personal, economic, consumer, leisure, etc.), these could be segmented using category identifiers, so that they are located and interpretable.
As an example, let’s imagine that user data is stored in a multi-volume encyclopedia, where each volume corresponds to a user and each page corresponds to a category. A page could contain the personal data of that user, such as name and surname, age and sex; another would have their economic data, another their travel preferences when flying, their musical tastes, their mobility around the city, their shopping history, etc. Each volume would have as many pages as types of data stored in the company in which the users are registered.
Visualizing the management of the data in this way, within the blockchain the encyclopedia could be a smart contract formed by a data map delimited in sections, that is, in volumes and pages, where the volumes would be identified with the Blockchain ID of each user and the pages with the identifier of the categories.
Let’s go further and put certain rules on the table. The content of the encyclopedia volumes could be encrypted, so that the companies that access cannot interpret their content. Under this approach, if a company A wanted to access certain data that a user has in another company B, they would have to request them from their owner, who would have the key to decipher them. If the user and company A reached an agreement, said user could give him the “key” to decipher only the page of his volume that contains the data that he is willing to share, for example, his financial data. That is, company A could not see the data of any other user of company B (other volumes) or other categories beyond that agreed with the user in question (other pages).
Around this scheme, which is still an approach or use case of so many that would be feasible, you could add as many rules as you want, such as transferring data temporarily and for certain uses, revoke the use under certain conditions , etc.
In this case, company A could access certain data with the consent of the users and use them for their benefit, leaving the trace of their request and use in the form of blockchain contracts in a fully auditable manner. Company B would be making a considerable qualitative leap in terms of customer loyalty, gaining their trust by making available a robust, reliable, transparent and secure data management solution with which only they have the final decision, apart that it could also close agreements with company A by making its users’ data available. Finally, users would have full control of their data, being able to decide what to do with them, who to transfer them to and under what conditions, adding the peace of mind that it means to register in a company B that has a solution like the one that we are discussing.
Around this idea, different economic models can be built to monetize the data. Such data could be sold directly by the users or by the companies that store them, always providing benefit to the users, either in the form of free services or sharing the profits.
In short, the application of blockchain in the area of management, permitting and control of the data is enormous, being the most notable factor that under well-used cases all the parties involved win.
It is relevant to say that this solution could be addressed under different technical approaches (public, private, hybrid blockchain, offchain logic combined with onchain logic, etc.). Everything would depend on the use case that arises, the level of decentralization that you want to give the solution or the possible control that, in this case, companies want to have on a tool of this type. Also, knowing the current blockchain limitations, not all data would have to be stored in it, but an intermediate approach could be found in which data is stored offchain with control, integrity or even onchain encryption logic. However, the purpose of this article is not to delve into the technical aspects or the pros and cons that could have an approach or another, but to raise at a high level a use case demanded by users that, without a doubt, would have a great impact on the current situation, assuming a new paradigm in data management compared to the models used in the past.
In BI Geek we have been fortunate to work on solutions similar to the one shown here, enjoying the experience immensely, delving into the details and considering new use cases around this technology, being fully aware that this is only the beginning.