In our first Tech Talks article, we’ve introduced private and public blockchains and focused on their main differences. In this second article, we’ll discuss the main reason why people use private blockchains and the hybrid solution.
In our previous article, we’ve highlighted private blockchains’ features and especially its tighter joining requirements: that’s what makes them ‘private’. When choosing between private and public blockchains, people tend to go towards private blockchains if they want to keep their data private because they believe in the following misconception:
‘All my data is private on the private blockchain’
Not necessarily: again, this depends on how you store data on the blockchain. Sure, on the private blockchain you can decide to allow certain parties to join the network. However, once access is granted (i.e. permission to run a node) it is not possible to set permissions as to which pieces of data can be accessed.
What does that mean?
It means that you must be aware that giving permission to access a private blockchain to somebody is an all-or-nothing bargain: once they’re in, they can see everything stored on that blockchain. As a matter of fact, the Wolf and the Seven Little Goats’ moral of the story has never been so fit: ‘You have to be careful who you let in’.
Blockchain and Privacy Laws compliance
In addition to that, another issue has arisen in recent months regarding privacy and blockchains: privacy law enforcement. Nowadays, everything we do on the Internet – every website we visit, every research we make on a browser, every IP address we use – can be digitally stored and associated with you. In order to protect personal information, authorities have created privacy laws such as General Data Protection Laws (GDPR).
But how are privacy laws related to blockchain?
Privacy laws and blockchain technology have a similarity: they are meant to enhance data protection. However, there are two main aspects to privacy laws: the right to keep your data private and the right to erasure i.e the right to erase personal data on the Internet.
Yet, storing data on a blockchain makes it immutable by nature… which makes blockchain technology non-compliant to privacy laws.
Hybrid to the rescue?
A hybrid solution is a combination of a conventional database and public/private blockchains to prove the existence and the immutability of data. A way to build a hybrid solution is to split the data into two parts—data off-chain, and a hash of the data on-chain. The first part consists of the real data being stored on a private database, and the second is a hash of this data that is put on a blockchain.
In case a person would like to erase data, it is possible to erase it on the private database but keep the hash on the blockchain. Hence, using this hybrid solution gives the possibility to build a blockchain solution that is compliant to a country’s privacy laws.
All in all, blockchain is a disruptive technology that offers many benefits regardless of its private or public nature. People choose private blockchains because of its restricted access but it doesn’t necessarily mean the stored data is completely private. Data privacy is something everybody should pay attention to, whether it is for personal reasons or in compliance with privacy laws.
In the next article of this tech talk series, we’ll look into other ways we can build hybrid solutions.