April 28,

Blockchain technology solutions as a righteous shield against privacy attacks

Does the goal always justify the means? When freedom and democratic values are endangered, this should definitely not be the case. But, due to covid-19 crisis, we are witnessing questionable practices that are interfering with civil rights in several countries. However, if the governments would apply advanced technology solutions such as Self Sovereign Identity (SSI) on the blockchain, the invasion of the privacy could be prevented and the exchange of information done in a fairer and secure manner.

Since the COVID-19 outbreak, 10 European countries have introduced digital tracking measures. Among them are Italy, which was affected the most,  Iceland, Switzerland, Belgium, Germany, Poland, United Kingdom and Spain which is, according to covid-19 digital rights tracker, using this type of surveillance in Madrid and Catalonia.

The digital tracking measures were implemented with the intent to monitor the citizens who might have been affected by the virus and therefore need to abide to the decrees for isolation and social distancing as instructed by the authorities.

Even more, there are many other European countries that are also considering the possibility of digital tracking, whether by developing their own version of a dedicated digital-tracking app or by using one of those that are already available. And there are many out there: according to covid-19 digital rights tracker mentioned before, 43 contact tracing apps are available globally, whilst 28% among them have no privacy policy stated at all.

Given the persistence of the virus, the intention of governments to keep track of those who need to be quarantined and thereby prevent the possibility of further infections is somehow understandable. But what happens after the threat of virus spread is curbed? Can we really blindly believe that this kind of targeted and purposeful tracking will stop?

There is no such guarantee. The citizens will have no physical proof about it; as there will be no possibility to check that their government has really stopped the tracking.

And yet, we could change that! With the use of Self-Sovereign Identity, powered by blockchain technology, the citizens could receive the power to own, control and manage their personal data!

Self-Sovereign Identity (SSI) is a term that describes a form of identity that can be applied and used in a digital realm. It is about each user owning their data and arbitrarily sharing it with other people or services online. Appropriate technology, however, is one that ensures that the data is credible and trustworthy, and above all that it is visible to the person or company organization only for as long as we allow it. The ultimate result of the SSI used in the digital space would bring upon the equalisation of our digital and physical identity.

For this purpose, our company Netis has developed AceID, a simple, secure and widely-applicable authentication protocol that gives the users the ability to decide who, why and for how long they share their data with when interacting online. This is made possible by combining the following concepts: Self-Sovereign Identity (SSI), data access management controlled and recorded via blockchain, end-to-end encryption and verification. 

How does it work? In the case of AceID, the user’s data is stored locally on their mobile device, and remotely on the AceSpace storage, where all the content is encrypted. What AceID saves on the blockchain is only the reference to the data, and all of the permission actions related to them.

Onboarding is straightforward; a person simply has to fill the required data fields in the mobile app (serving as their own mobile digital wallet). Once this process has been completed, entering data is no longer required, and only a QR code authentication will suffice to interact with a service.

How would the app work in the case of digital tracking during the covid-19? Using it, a citizen would simply allow the authorities to access the GPS signal and revoke the access when monitoring is no longer necessary. Furthermore, the AceID can also be connected with smart devices, such as thermometer which can monitor the individual’s temperature.

Covid-19 pandemics and governments’ interference in citizens privacy also resulted in the formation of various privacy protection initiatives. For example, COVID Credentials Initiative, which  is a collaboration of several dozens of organisations, including ours, that are working to deploy verifiable credential solutions to help stop the spread of covid-19. Their goal is to enable society to return to previous (before the covid-19 state) in a controlled, measurable, and privacy-preserving way.

With AceBlock blockchain framework we at Netis strongly welcome and support such initiatives, as we believe privacy is one of the most critical issues that must be addressed. Otherwise, our society might suffer a severe attack on democracy and freedom of speech, especially in those countries where the level of democracy is already questionable.

The issues of privacy-breaching therefore need to be discussed and questioned, and especially in the times of distress, meaning the pandemics must in no way serve as an excuse for citizens to lose their rights.