Bitcoin’s inventor, Dr. Craig Wright, continued his Bitcoin Masterclasses series with a lecture on the meaning of privacy as related to blockchain and Bitcoin. After covering confidentiality in the first session, this one further explained the concepts and the important differences between privacy, confidentiality, and anonymity.
Breaking down the concept of privacy
In 1992, the United States ratified the United Nations provisions on privacy, making them federal law, Dr. Wright tells us. Therefore, even if they’re not in the U.S. Constitution, they’re law. Europe did the same, and the U.K. ratified them via the Human Rights Act in 1998.
“Privacy is really about who, why, how, and what,” he says. We must think about the individuals involved, what they can do, why they can do it, when, etc. Dr. Wright gives the example of medical records; a doctor may be allowed to access your medical records, but if they then take those and post them online (e.g., because you’re famous), that violates your privacy. The doctor has certain permissions with your information but not others.
Purpose – Dr. Wright then breaks privacy down into different concepts, starting with purpose. Access to information should only serve a specific function linked to one’s role or purpose in an organization.
“We need to limit what people are doing,” he says, explaining that this can be managed with access controls, cryptographic controls, alerts, and other techniques.
Fairness – Elaborating on fairness, Dr. Wright says we must think from both parties’ perspectives. For example, a corporation may be granted fair data usage in exchange for a free service.
Dr. Wright is notorious for his dislike of Google (NASDAQ: GOOGL), Facebook (NASDAQ: META), and other Silicon Valley firms, and he views the inability to pay for the service as opposed to trading data for it as unfair.
“Fairness means you should be able to negotiate between the parties as to what they can and can’t do,” he remarks.
Lawfulness – “Anonymity doesn’t include lawfulness, but privacy does,” Dr. Wright says. “You have no right to privacy if you’re plotting the overthrow of the government,” he rightly explains.
How would lawfulness operate in a global context, given that most countries don’t operate under Common Law? Dr. Wright explains we’ll have to monitor the location and source of activity, and governments will have to start acting to control some of this.
Some of the controls can be implemented by ISPs, for example blocking access to some kinds of illicit information. Furthermore, criminal lawsuits can be started civilly, with companies building cases first and then handing them over to governments.
The concept of lawfulness will always depend on the society you’re in, Dr. Wright explains, reiterating that lawfulness is one of the key differentiators between privacy and anonymity. Fundamentally, identity needs to be tied to activity so that someone can be held accountable if illegal activity occurs.
Transparency/Translucency – Transparency is making what occurs visible and holding those involved accountable, but it doesn’t necessarily mean everyone knows who everybody is.
For example, open communication requires identity. Dr. Wright gives the example of coffee shops and how people debated political concepts in an open way, building the foundations of Western society. Unlike on Twitter, you can’t be ten people in a coffee shop; you can only be one, and what you say is linked to your identity. There’s a level of transparency as to who people are and what they’re saying.
Storage Limits – Dr. Wright explains that, under EU laws, there are data storage limits such as the right to be forgotten, how long a company can keep information on you, etc.
“We have this thing called a blockchain now, and it can make it hard to get rid of data,” he says. How do we know it’s gone? That’s where pruning comes in.
Dr. Wright challenges us to think about the big picture; when Bitcoin gets to tens of billions of transactions per second, we’re talking about petabytes of data stores every year. At that level, people aren’t running nodes at home; they will have SPV and selected data related to their corporations. “If you’re Amazon, you want data related to Amazon,” he says.
The requirements about how long an entity is obligated to keep information can be problematic for blockchains like Ethereum, too. For example, the copyright information must be kept for 95 years in some places. How will this be possible when Ethereum developers change the protocol so often? It won’t.
Data Minimization – Speaking of petabytes of data, Dr. Wright points out that in the future, people aren’t going to want to keep everything. Likewise, not all data is relevant to a given organization. For example, a database of British homeownership won’t need to keep records on motor vehicles in New Zealand.
Even if the data host prunes a record, a user can still utilize SPV and Merkle proofs to prove their record is valid. It will be possible to link transactions to the data in block headers (which are only 80 bytes each), making records absolutely provable.
Using public and private key pairs, data on the blockchain can be private and only accessible by the parties with the keys.
Watch: The Bitcoin Masterclasses Highlights: Identity & Privacy
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.