It Is Time for Databases to Get Fully Decentralized

Published at: June 13, 2020

Across Europe, a privacy row has been brewing over various efforts to use coronavirus contact tracing technology. Contact tracing is the cornerstone of the efforts to track the spread of COVID-19 in an attempt to prevent a second wave by quarantining those exposed to the infection. After all, it proved to be successful in China and South Korea.

However, the contact tracing efforts in China and South Korea are generally considered to breach user privacy to an extent that’s culturally and legally unacceptable across much of Europe. Nevertheless, it seems that many governments are now prepared to compromise on their citizen’s fundamental right to privacy.

Related: Decentralization: Preserving Personal Privacy While Fighting COVID-19

Lack of alignment on the correct approach

One significant problem is that governments in Europe have been unable to agree on a single, unified approach. Privacy advocates had been pushing for an app that doesn’t store data centrally but on the individual’s device. However, governments, including those in France and the United Kingdom, have shunned this approach in favor of developing their own solutions.

In France, this has resulted in an app where data is collected and stored on government-run servers. In the U.K., where Brexit already means citizens have lost the protection of the European Union’s General Data Protection Regulation, the government has engaged a controversial artificial intelligence firm to help with track-and-trace efforts. Yet both the government and the firm itself are holding back from explaining why the AI contractor needs to process far-reaching data, including credit scores and utility bills.

A risk-filled strategy

The way that these governments are handling the track-and-trace requirements leaves a lot to be desired from both a security and privacy perspective.

Data held on centralized government or corporate servers is vulnerable to attack. If personal data of this scope and sensitivity gets into the public domain, it could be used for fraud or identity theft.

This isn’t a theoretical risk — data breaches happen all the time. One recent study estimated that nearly 80% of companies experienced a cloud data breach in the last 18 months alone, while EasyJet and Bank of America have both admitted to hacks over recent weeks. If governments are collecting far-reaching data on a national level, it will create a virtual honeypot for attackers.

Citizens are also being asked to take the risk that their data will be used for purposes beyond that which they originally consented. While a government can harvest data under the auspices of tracking and tracing the virus, it could potentially be put to use for any other purpose. It essentially amounts to a sacrifice of rights to data privacy and sovereignty. Particularly in the case of the U.K., intelligence agency Government Communications Headquarters, commonly known as GCHQ, was heavily implicated in the Edward Snowden revelations, meaning the nation’s citizens have grounds for concern.

Crypto isn’t immune

Many people are attracted to cryptocurrencies and blockchain technology because they hold fundamental beliefs that government surveillance, censorship and a lack of privacy are intrusions on our civil liberties. Blockchain offers the benefits of decentralized control, censorship resistance and privacy through pseudonymity. 

But the fact is that the blockchain and crypto space remains far more centralized than we’d like to think.

Firstly, we have little choice but to enter the crypto space through centralized gateways — exchanges. Crypto exchanges have become every bit as enticing for hackers as centralized data servers. The latest to be hit was Canadian exchange Coinsquare. It has been revealed that attackers obtained 5,000 email addresses from the company’s database with the intent to use them for SIM-swapping.

Secondly, most blockchain DApps are using centralized cloud providers to manage their data storage. This is purely because blockchains such as Ethereum aren’t able to store data efficiently or at a cost that would be realistic for a DApp developer. So, while the decentralized security of blockchain applies to our digital assets, the data of any given DApp user is no more private than it is when they send it to a centralized company that uses Amazon Web Services to store data.

So far, there haven’t been any major hacks targeting DApp user data. However, it’s likely that this speaks more to the size of the DApp space than the fact that the vulnerabilities exist.

How decentralized databases help

Swarm computing involves harnessing the power of a distributed network. Data can be sharded, stored and replicated across the network, meaning it’s always accessible when needed. Using a model similar to Airbnb, developers would only need to pay for their storage, along with reads and writes to the database.

Such a model overcomes many of the drawbacks of centralized data collection and storage. The data is secure because decentralization removes the single point of weakness. It’s tamper-proof because each write action is verified by the network. It also offers users an assurance of privacy, and they can also determine how their data is used by offering or withdrawing their consent.

From the developer’s perspective, there are other benefits. They would pay less for the data than to a centralized provider like AWS because replication is an inherent part of a decentralized database, whereas AWS charges extra for it. This also means that decentralized data storage can be easily scaled up as a DApp grows.

Decentralized data storage offers the opportunity for blockchain DApps to become more truly decentralized by removing the dependency on centralized companies like AWS. But perhaps more importantly, they can help to overcome the issue of governments harvesting data at a time when citizens are already being asked to sacrifice so many other elements of their civil liberties in the name of preventing the virus’s spread.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Pavel Bains is the CEO of Bluzelle — the decentralized database for the new internet. Pavel is an expert in digital media, having worked with Disney, Microsoft, Warners Bros and DreamWorks. Pavel is also a frequent contributor to Forbes, Huffington Post and Fast Company, writing articles in the areas of finance and digital media. He has been named Technology Pioneer by the World Economic Forum.

Tags
Related Posts
Blockchains Are an Excellent Solution for Privacy, Part 3
Some entrepreneurs have been trying to increase data privacy by combining encryption and blockchain technology. There are projects like Oasis Labs and Enigma that focus entirely on preserving users’ privacy. Meanwhile, others have been focusing on preventing data retention by companies. Thus, there is no way to guarantee that personal data is deleted in a company’s data system. Blockchain technology’s reliable consensus ensures that people’s data is used correctly. Protection against software and hardware attacks Companies like Oasis Labs, which designed the Ekiden system, run smart contracts outside the blockchain within a Trusted Execution Environment, or TEE, node to enable …
Blockchain / June 22, 2020
Blockchains Are an Excellent Solution for Privacy, Part 2
From a technical viewpoint, blockchain is a growing records list that is cryptographically tied to and managed by a peer-to-peer network. At the same time, they join a protocol of communication among nodes to validate new blocks. Essentially, a blockchain is a way of validating data transactions in a permanent and immutable manner to guarantee that the transaction: Has not been corrupted. Avoids double-spending. May transfer value. We can also say that blockchain technology is a decentralized network where all the records are engraved in a distributed way and shared in several devices spread throughout the world. The records are …
Blockchain / June 21, 2020
Blockchains Are an Excellent Solution for Privacy, Part 1
Several data violations, like the Cambridge Analytica scandal, have brought forth questions regarding how companies and governments should deal with the data entrusted to them, and they have also increased the search for the development of new technologies to preserve the privacy of companies and users. Consequently, countries and regulators have rushed to set new compliance requirements to deal with user privacy and data collection — like the General Data Protection Regulation in Europe or the General Data Protection Law in Brazil, to name a couple. Parallel to that, there has been a new trend to seek new technologies like …
Blockchain / June 20, 2020
Self-custody, control and identity: How regulators got it wrong
The recent European Union proposal requiring centralized crypto exchanges and custodial wallet providers to collect and verify personal information about self-custodial wallet holders shows the dangers of recycling traditional finance (TradFi) rules and applying them to crypto without appreciating the conceptual differences. We can expect to see more of this as countries look to implement the Financial Action Task Force (FATF) Travel Rule, initially designed for wire transfers, to transfers of crypto assets. The (missing) link between self-custody, control and identity The aim of the proposed EU rules is “to ensure crypto-assets can be traced in the same way as …
Adoption / May 1, 2022
Decentralization: Preserving Personal Privacy While Fighting COVID-19
In an effort to keep citizens safe, state authorities have rapidly implemented various emergency plans to curb the spread of COVID-19. In South Korea, the movements of infected citizens are being broadcasted via public text message. In Israel, the government has approved a law to track smartphones belonging to those suspected of being infected. In the United States, the government is in talks with Google and Facebook to access location data, and in the United Kingdom, data giant Palantir is merging data for the National Health Service to inform the nation’s response. The extent to which governments can leverage technology …
Decentralization / June 7, 2020