February 14, 2018 by Carl
Today, on February 14, 2018, the House of Representatives Subcommittee on Oversight and Subcommittee on Research and Technology held a very interesting hearing entitled: “Beyond Bitcoin: Emerging Applications for Blockchain Technology.” The Representatives on the Oversight and R&D Committees asked challenging and interesting questions. Representative Ralf Abraham (R-LA) chairs the oversight subcommittee and Representative Don Beyer (D-VA) is the ranking member. Representative Barbara Comstock (R-VA) chairs the R&D subcommittee and Representative Daniel Lipinski (D-Ill) is the ranking member. Between the Congressional Blockchain Caucus co-chaired by David Schweikert (R-AZ) and Jared Polis (D-CO), there is clearly growing interest in Congress on blockchain. The witnesses were Mr. Chris A. Jaikaran (Congressional Research Service), Dr. Charles H. Romine (National Institute of Standards and Technology – NIST), Mr, Gennaro “Jerry” Cuomo (IBM), Mr. Frank Yianna (Walmart), and Professor Aaron Wright (Benjamin N. Cardozo School of Law).
Consistent with SIIA’s event on January 16, 2018 with the Congressional Blockchain Caucus and the Issue Brief we presented then, there were at least three takeaways from the hearing. First, public policy has a role to play in standards development in the sense of encouraging private sector led standards development. Second, cybersecurity will remain an issue going forward – blockchain is not a panacea – and when quantum computing becomes a reality (still several years away according to NIST’s Dr. Charles H. Romine) there will be a need for quantum computing blockchain resistant cryptography. Third, “permissioned” blockchain systems, at least in the short to medium term, are likely to be the solution of choice for both the private and public sectors.
As I wrote in connection with the Congressional Blockchain Caucus event: “Standards development is an area where government and the private sector can and must work together. Government can promote the creation of voluntary stakeholder-driven standsards as the United States seeks nationally and internationally. There was agreement that there is a role for standards development in areas such as cryptography and data formats, but that it was important not to, in effect, pigeonhole the technology into one standard too early.” This was exactly the point made by Dr. Charles H. Romine and the private sector panelists confirmed that developing one standard too early would be a mistake. Better perhaps to let a “de facto” standard (s) emerge naturally.
There were many questions about whether blockchain technology truly is as secure as its proponents assert or suggest. At present, the key vulnerability (no pun intended) appears to be whether a bad actor can obtain access to the “cyryptographic key(s)” that blockchain participants use to record information that is then “chained” onto “blocks.” There have been instances of cryptographic keys being stolen. There was also some discussion of the possibility that in order to protect personal information, perhaps the transaction, but not the underlying information, could be recorded on the blockchain. For instance, the fact that a patient had a health checkup, but not the results of the checkup, could be recorded on a blockchain. Another example is that one could record that somebody voted, but not the result of the vote. Of course, these examples then beg the question of what practical utility using a blockchain might be – the marketplace will determine this over time. And going forward, quantum computing could render the cryptography underpinning blockchain vulnerable. This is why NIST is currently engaged in developing quantum computing resistant cryptography. All this to say again that blockchain could provide a more secure, but not necessarily totally secure (nothing ever is and nothing ever stays the same as the possibility of quantum computing, however far into the future, signifies) solution in many cases.
Finally, as we discuss extensively in our Issue Brief, “permissioned” blockchain systems, i.e. ones where there is a central administrator that in effect controls access to the cryptographic keys that in turn permit access to the system, are likely to be the solution of choice for many applications. IBM’s Mr. Gennaro “Jerry” Cuomo made this point powerfully. This is because in a permissioned system, members have access to the network in the sense that they can verify that an event or transaction has occurred, but they only have access to certain underlying information on a need to know basis. Cuomo had a number of public policy suggestions SIIA supports. They are:
1) Focus on projects in the identity, payments and supply chain (Walmart’s example of how it can track the provenance of mangoes almost in real time was instructive of blockchain’s potential in this regard) areas. The Congressional Blockchain Caucus has identified these areas as promising.
2) Insert possible blockchain solutions into already funded government programs such as the Small Business Innovation Research Program.
3) Differentiate between regulations directed at cyryptocurrencies and/or securities-style products and other blockchain applications.
These suggestions, plus the recommendations contained in our Issue Brief (above all, technology neutral regulation and cross-border data flows) would go a long way in reinforcing U.S. leadership in this space.
Carl Schonander is Senior Vice President for Global Public Policy.