
Blockchain Could Help Us Reclaim Control of Our Personal Data - doener
https://hbr.org/2017/10/smart-ledgers-can-help-us-reclaim-control-of-our-personal-data
======
rgejman
I have never understood how blockchain will solve the "I lost my key" problem.
I also don't understand how it will solve the "once I gave them access to my
data, company X saved a record in a traditional database and now that database
was compromised, thereby leaking all my information" problem.

This article does not answer either of these fundamental questions.

~~~
freehunter
I've never understood how blockchain will solve _anything_ it's popularly
claimed to be able to solve. Every week for years now we've heard "we're
betting big on blockchain" and "blockchain will solve everything" and it's
done... what? It's enabled... what? Other than enabling cryptocurrencies and a
specific type of accounting ledger, what good has or will come out of the
massive hype around blockchain?

~~~
na85
I bet that if I wrote a bot to post randomly generated comments to HN in the
vein of "I wonder if blockchain would be a good fit for this application?", I
would be bathing in karma.

------
retox
I'm intersted in knowing how the revocation of access to data at a later time
could be possible. Also it seems likely that any organization you gave access
to could simple store and sell the data.

The biggest problem I can see from the article is that once someone loses
their key their identity is lost forever and they must rebuild the data. The
first few times that happens the public will be turned off to the idea.

~~~
jameslevy
It's very difficult, arguably impossible, to revoke access to data that's
already been accessed. You could try a DRM-type scheme but there's always ways
to get around it.

What you could do, pretty easily, is revoke access to the _latest data_ that
hasn't already been shared, and to have an audit trail of exactly what data
has been accessed and when it was accessed. That would still be a massive
improvement on the status quo.

I wouldn't rule out the eventual possibility of something like Facebook
migrating their Open Graph API to some type of encrypted blockchain. Although
I would be completely shocked if it were more than essentially a publicity
tactic that wasn't actually using any true decentralization.

~~~
noddy1
For medical records - consider a secure reader tablet-like device. It has
encrypted hardware which can be temporarily permissioned to have access to
encrypted data based on blockchain timestamps. It is tamperproof - if you open
it it has some self-destruct mechanism. Data is accessed in chunks, therefore
the owner of the data can see whether data is being accessed in the way a
human might use it, or if it is being downloaded en masse. The organisation
with data access devices gets audited on an annual basis to see where all
their access devices are and to ensure none of them are being tampered with.

Suddenly, we get to a situation where the security of the medical file begins
to resemble that of the paper-based medical records department. If you want to
copy records, you need to physically go to where they are, get access to each
individual file, and go page-by-page photographing each.

~~~
reitanqild
The improvement here is this:

 _a secure reader tablet-like device. It has encrypted hardware which can be
temporarily permissioned to have access to encrypted data_

This part is how it works today and it has been like this for years:

 _Data is accessed in chunks, therefore the owner of the data can see whether
data is being accessed in the way a human might use it, or if it is being
downloaded en masse. The organisation with data access devices gets audited on
an annual basis to see where all their access devices are and to ensure none
of them are being tampered with._

No blockchain is needed to achieve this.

~~~
noddy1
it is if you are working across multiple jurisdictions/regimes and you don't
want a centralized point of failure.

------
bfrog
Blockchain, solution looking for a real problem

------
kirykl
So what they really mean is encryption could help us control our data

------
dogma1138
If your data is public you’ve lost control over it by defintion.

Some one can make a copy, game over.

------
RasShenzyt
anything that comes out is not personal anymore.

