How blockchain can help with privacy concerns

Posted on Wednesday, April 10, 2019 by User Not Found

By Rebecca Kerr, OSCPA communications intern

Recently, I saw a commercial where two men are chatting at a table in a diner, then abruptly pause their conversation and look up when the waitress steps up to their table to clear their plates. Once she steps away, they quickly go back to their lively discussion. It is followed by a tagline along the lines of, “you expect privacy in your personal life, so why not online and on your devices?”

In the era of Facebook’s privacy fiascos, frequent data breaches of consumer information and the rise of online hackers is a highly discussed and debated topic. In a recent Forbes article, writer Alastair Johnson outlined ways in which burgeoning technology like blockchain can help counter these problems when dealing with sensitive personal data.

“European anti-money laundering legislation means customers and businesses are required to provide potentially sensitive documentation to prove their identities,” Johnson writes. The issue with this, he said, is this kind of system gives customers no alternative to offer up their personal, identifying data to be stored in more than one place and among many different services.

The solution?

Johnson says, “we need a system that enables individuals to stay in control of their personal documents, so they can use them to verify their identities when required without having to store them in vulnerable, third-party locations.”

Using what?

“Technologies like blockchain, zero-knowledge cryptography and biometrics are proving themselves as powerful components in vastly more secure systems than anything available today. It won’t be long before these technologies are rolled out, enabling individuals to own and store their own, KYC [Know Your Customer] documents, and keep them updated,” he continued.


Johnson said this system would allow people who wish to use a platform that requires a KYC bypass the opportunity to “present their information with read-only access – and ideally only as an attestation.”

He said, “this can be achieved using key pair cryptographic signatures, or a multi-signature smart contract in conjunction with the service provider and/or regulator’s digital identity. When the individual signs that request with their own digital identity, the service provider and/or regulator will have access to a timestamped KYC document for the individual. This document will only be accessible by the specific service or regulator, for the regulatory period required.”

How else do you think blockchain and other new technologies will change processes such as this? Let us know in the comments below.

Leave a comment