The technology of the moment called Blockchain is the set of a series of consolidated solutions, assembled in an architecture “philosophically” born from a democratic vision – we could define it anarchic – of exchange of money without intermediaries.
In 2009, a paper entitled A Peer-to-Peer Electronic Cash System appeared on a cryptographic mailing list. The document describes “a peer-to-peer version of electronic money [which] would allow online payments to be sent directly from one entity to another without going through a financial institution.” This electronic money is Bitcoin. Although the concept of “technological anarchism” is rooted in the IT underground, the great revolution of Bitcoin was, in the paper that decreed its birth, the detailed description of an infrastructure built on the distributed trust which, in the following years, would have attracted the attention of all economic sectors.
The idea behind Bitcoin is the possibility of exchanging cryptocurrency within a network based on the trust distributed among all participating nodes, without the need for intermediaries. The intuition of the concept of distributed trust, guaranteed and strengthened by a series of technical solutions, which we will describe later, has introduced a new infrastructural paradigm that we will call, for simplicity, Blockchain.
Let’s imagine extending the concept of cryptocurrency exchange with a more generic concept of asset exchange or, even better, transaction. The flow of this transaction within the Blockchain can be summarized as follows: A transaction between two actors is recorded and digitally signed.
It is written inside a block, which, once approved by the rest of the network, is “chained” to the previous one through appropriate cryptographic algorithms. The resulting “chain” is inserted inside a distributed ledger, of which each participating node receives a copy. The introduction of an infrastructural scheme such as the one described allows us to highlight some characteristics that make this technology of great interest for present and future business applications.
The Blockchain is:
Each participant in the network receives a copy of the entire transaction log (Distributed Ledger). The decentralization of data and resources allows the entire infrastructure to guarantee the integrity of the data managed, the availability of resources (distributed equally on all nodes), and resilience in the event of the unavailability of one or more nodes.
The data contained in the distributed ledger cannot be modified. The immutability feature of the Blockchain content guarantees the integrity of the information and the “non-repudiation” of the transactions saved within it.
The data is encrypted, the transactions are digitally signed and time-stamped, and each block is linked with the previous and the next. To obtain a high level of trust, Blockchain adopts various technological solutions to guarantee the identity of the actors (digital signature), the security of the information saved (public key encryption), and the consistency of the data concerning changes (one-way encryption, hash) and the timestamp of the data.
Each participant can access the transaction history. Distributing a copy of the Blockchain to all participating nodes allows everyone to have access to the transaction details.
Can we consider Blockchain technology compatible with the GDPR? The answer is yes. Contrary to what we have read or heard in some contexts unbalanced towards a hyper-conservative and inelastic approach, we can re-read some characteristics of the Blockchain as enabling full compliance with the GDPR, particularly with the principle of the right to be forgotten. The most common observations are the following: The identity of the actor of a blockchain transaction is associated with the public key. Can the public key be considered personal data? No, there is no direct association between a natural person and a public key.
In the case of essential private transfer, the public key would be associated with another identity, another person. How can including personal data in a transaction guarantee the right to be forgotten? The transaction can be encrypted with public key cryptography. Eliminating the public / private key pair makes it impossible to trace the plaintext. Evidently, in this context, the correct design of a Blockchain and its adaptation in obtaining full regulatory compliance are delegated to those who decide to implement a solution of this type. The tools are there. They must be used correctly.
The technological and philosophical evolution of the Blockchain leads to the introduction of the concept of a Smart Contract. Based on the distributed trust paradigm, a Smart Contract can be considered an actual contract guaranteed, validated, and stored within each network node. The Smart Contract is code executed within the nodes participating in the Blockchain. The advantages deriving from the provision of consumable services in a safe, distributed, and guaranteed manner across the entire network are evident. The concept of a Smart Contract allows us to introduce some practical applications of the Blockchain.
Once the features underlying blockchain technology have been introduced, the questions are:
The answer to these three questions is: yes. Some sectors have already understood the opportunity of the improvements introduced by using the Blockchain.