At the TIME 100 summit in New York, Tim Cook called for government regulation to protect data privacy, stating that without regulation, technology has caused “great damage to society”. What are the implications of such statements, and growing pressure on governments to provide sustainable regulation, on emerging technologies such as blockchain?
Expert commentary on what Cook’s commentary means for the blockchain space, from industry leaders.
Mance Harmon, CEO of Hedera Hashgraph, an enterprise-driven distributed network for the creation of fast, fair, and secure decentralised applications, commented:
“Apple CEO, Tim Cook stated, in a thought-provoking interview with Time, that a lack of oversight of technology has led to great societal damage. As large enterprises continue to feature in headlines for data breaches and mismanagement of personal information this sentiment rings true. Leaders of global enterprises, such as Apple, addressing the need for policy change will ideally encourage regulators to focus on supporting emerging technologies, such as Distributed Ledger Technology (DLT). For any emerging technology, including DLT, to reach its full potential, regulation is essential — encouraging innovation within a secure environment.”
Matt Branton, Co-founder and CTO of Neutral, an open financial protocol building a suite of financial products on-chain, commented:
“As Tim Cook correctly indicated at the TIME 100 Summit, a lack of clear regulation is a hindrance to the emerging tech space – affecting blockchain applications such as decentralized finance protocols. Cryptocurrencies have the power to bring new opportunities into the traditional financial sector, for example through the tokenization of assets. Reaping these benefits will require a combined effort from government, industry bodies, and private enterprises. Enterprises within every jurisdiction have a responsibility to support their government, and vice versa, as each party strives to transform industries and facilitate responsible technological growth.”
Kurt Looyens, CEO of the GBX, an institutional-grade, regulated and insured token sale platform and digital asset exchange, said:
“Tim Cook has called out that unregulated technology can be damaging to users, and society as a whole. This statement is extremely applicable to the blockchain and crypto industry. Cross-collaboration between government and the private sector is needed to reduce investor risk in cryptofinance and to encourage growth in the decentralised financial market. It is essential that all parties have clear guidelines through regulatory framework. Through strong, well-considered regulation, the growth of technologies such as blockchain can continue with clear parameters encouraging best practice and good decisions.”
Jonathan Rouach, CEO and Co-Founder of QEDIT, an enterprise solution for preserving data privacy using Zero-Knowledge proofs, said:
“Enterprises have a responsibility to protect consumers and the only way to do this is to implement reliable data-privacy solutions. When it comes to government oversight, the same privacy concerns among citizens must be addressed in order to imbue a real sense of trust in terms of how data is handled. As Tim Cook states, there have been cases where enterprise encryption has been confronted by Government departments, most notably involving Apple in the US. Today, Zero-Knowledge Proof cryptography can be harnessed to ensure this kind of forceable entry to secure data can’t happen, while maintaining the necessary balance with regulation oversight.”
Iain Wilson, Advisor at NEM Ventures, the venture capital and investments arm of the NEM blockchain ecosystem, said:
“Whilst privacy and security are core Apple values, on closer inspection we see that the Apple platform is a walled garden with a central actor that both holds and monetises our data. We envisage a world where Blockchain allows a user to have real control over their own personal data, choosing when and who it’s shared with and ultimately accruing it’s real value.
GDPR is a positive step for individuals but will rely greatly on business compliance. Overall, self sovereign identity solutions put the consumer back in control, which is the ultimate goal.”
Rikesh Thapa, CTO of blockchain ticketing startup Blockparty, said:
“In short Blockchain is the perfect tool to enforce GDPR. With blockchain, anyone can ensure that user data is being handled and stored correctly in a fully secure manner. We need governments to enforce stricter standards on data privacy and security; It is long overdue that governments no longer see blockchain and crypto as the boogie man to their way of functioning (simply because they have not taken the time, or do not have the capacity to understand it). They need to see both these forces as tools to have full transparency into practices of companies on everything related to data. This is the best solution to truly protecting the general public. This is why we chose to have a government in the first place– to enforce in order to protect.”
Lone Fønss Schrøder, CEO of the Concordium Group, the world’s leading ID/KYC-ready business blockchain network, commented:
“We are happy to see Apple move towards the idea of need for better regulation of technology –– in a world increasingly fraught with fake news and illicit activities, consumer protection is becoming increasingly important.
Regulation can provide a framework that helps build common standards for how we engage with each other across multiple platforms and channels. In the blockchain space, where Concordium operates, the lack of regulation is definitely playing a part in holding back rapid adoption of this emerging technology as companies are hesitant about exposing themselves to the potential risk of unregulated, anonymous, blockchain networks.
The EU GDPR rules help protect consumer privacy and it is absolutely possible to create blockchain networks and solutions that adhere to GDPR. The key here is to ensure that the users remain in control of their own personal data –– for instance by storing it in a wallet –– while the immutability of blockchains is used for storing records of transactions and agreements. This way privacy can be respected while the key feature of the decentralised system – blockchain – networks can be promoted.”
Filipe Castro, CIO of UTRUST, the leading cryptocurrency payment platform offering instant transactions, buyer protection, and immediate crypto-to-cash settlements, commented:
“Due to its open and distributed nature, blockchain technology can be a component in a solution to increase data transparency and user control. However, it should be noted that this is highly dependent on the specific implementation, and does not preclude light oversight by a third party regulatory body. When it comes to the regulation of data and technology, effectiveness depends on the specific enforceability. Regulation needs to be granular and focused, therefore regulating something as vague as “technology” would be akin to regulating “general conduct”.
Both blockchain and GDPR can co-exist as they encompass completely different concepts. GDPR is a set of regulations, mutable and abstract; while blockchain is a core technology, a toolset, with its use depending on the specific application. Regulation can best help protect data in applications that collect easily identifiable user data that may be used to impersonate or track an individual (for example: geolocation data, personal document representations, IDs and financial information).
One of the possible uses of blockchain technology would be in a specific application that provides granular and permissioned control to a user over its social security number access (under the form of a pilot program). These forms of regulation could be run in a fully government-validated way (free of charge for citizens), or using private intermediary validators that would charge a small fee for the validation process.”
Jamie Forrester, Chief Operating Officer of PR9 Network, a permissioned blockchain providing ultra-fast, institutional grade trading for assets held in cold storage, commented:
“I do think it is important that we try to reconcile existing regulations with new foundational technologies, such as blockchain. An example of this is implementing KYC and AML, and ensuring that any financial applications using blockchain technology still meet the necessary standards for KYC and AML. Guidance on this has been provided in the updated MLD5 (Money Laundering Directive 5) following consultation with blockchain, crypto, and financial industry experts, which is a step in the right direction. We should, therefore, ensure that existing regulation is updated to encompass the use of blockchain technology or, if incompatible, then further work must be undertaken to remedy this.
I think there are some interesting uses of blockchain (and other technologies) to enable personal data control and help you understand how your data is being used and shared. This would enable better tracking of data breaches and ensure you have control over what information you share and with whom. As the power and value of personal data are increasingly recognised, I think this will become a more important trend for consumers who want to control and monetise their own data, rather than giving it away freely. However, I think we have to be careful that we don’t portray blockchain as the panacea for all problems. It cannot alone solve the issues of data privacy and control, although it does have some interesting properties which could be applied in innovative solutions to help users better manage and control their data. What makes sense is for the industry to continue exploring the benefits and drawbacks of the technology, continue innovating, and then working with and alongside regulators to understand and advise where blockchain can assist in solving some of these issues, and where it can’t and shouldn’t be used.”