I had the honor participate in a September 27 panel discussion in NYC organized by Markets & Markets. See this agenda for the Markets & Markets “AI & Blockchain Fintech Confex” event. SIIA views blockchain as part of a continuum of technologies that are and will continue to change the world. Technologies such as the internet of things (IOT), cloud computing, data-driven innovation, and artificial intelligence are all topics SIIA has provided thought leadership on. This is why in January this year, we released an Issue Brief on blockchain and hosted an event with the Congressional Blockchain Caucus.
Many of our Member companies are experimenting with blockchain-based products.
Dun & Bradstreet, for instance, provides a unique blockchain identifying number that corresponds to the Data Universal Numbering System (DUNS) number that it offers for companies. This allows companies that do not know each other greater certainty that companies are who they are if they conduct a check.
Intuit recently received a patent for processing bitcoin payments with text messages. Intuit QuickBooks customers can send international payments via blockchain payment provider Veem as an alternative to traditional wire transfers.
Red Hat focusses on providing products for enterprise and cloud-based solutions. The company offers the Red Hat Open Shift Blockchain Initiative application platform that enables blockchain application and service developments from ISVs, Startups, Financial Services Firms, and individual developers. Red Hat is of course also an active participant in open source blockchain projects such as Hyperledger to help with one of the biggest challenges associated with blockchain, namely scalability. Red Hat helps cultivate vibrant blockchain communities following open source principles.
Thomson Reuters announced on June 14, 2017 that it was making “a smart oracle available in the blockchain ecosystem for lean experimentation purposes.” The oracle is called BlockOne IQ and enables Thomson Reuters customers that are developing blockchain proof of concepts to include market data within their applications with cryptographic proof that Thomson Reuters is the source.
Google is working on creating its own blockchain technology that customers can use to post and verify transactions. GV, which is Alphabet’s venture capital arm, has invested in wallet service Blockchain Luxembourg, financial transactions network Ripple, cryptocurrency asset management platform Ledger X, and international payments provider Veem. Arguably, Google’s most interesting blockchain initiative involves a non-financial venture. The company’s DeepMind is working with the UK’s National Health Service (NHS) to create a secure permissioned system for health data using blockchains. The idea is that once a record of data use is added, it cannot be erased, demonstrating blockchain’s immutability element. It will also be possible for third parties to verify that nobody has tampered with any of the entries, again a key part of what most people associate with blockchains. However, there is no need for multiple participants to carry out the costly transactions we typically associate with blockchains as the British National Health Service verifies the integrity of ledgers.
With respect to policy, again blockchain is a continuum of technologies that could all benefit from technological neutrality, regulatory sandboxes, and regulatory guidance on how blockchains can be consistent with privacy legislation, cross-border data flow obligations, cross-border data flow interoperability agreements, respect for intellectual property, stakeholder-driven standards development, and more.
We see the opportunities more than the threats. And our general policy recommendations are very applicable to the blockchain space. For example, “distributed ledger technology” often entails cross-border data flows. Cross-border data flows are not synonymous with the “Wild West.” Our members engage in responsible cross-border data flows often governed by interoperability mechanisms such as the APEC Cross-Border Privacy Rules or the EU-US Privacy Shield. And, of course, the protection of financial data is governed by a plethora of different additional rules, for instance in the United States the Gramm-Leach-Bliley Act.
In this context, it is important to be clear that we are agnostic as to whether blockchains should be “permissioned” or “permissionless.” Blockchain enthusiasts tend to favor the latter because they are arguably more secure and because they are said to dispense with central validators – this is where blockchain’s long-promised “disruptive” element comes in. However, the permissionless systems are also hard to scale up and may have governance problems associated with them.
Some say that blockchain with its immutability feature is inconsistent with the EU’s right-to-be forgotten which could pose a “threat” to blockchain adoption. Actually, there are all kinds of ingenious technical fixes around this issue such as, for example, storing PII data “off-chain” and registering transactions (so viewers are confident that they are correct) “on-chain.” Oracle’s Patrick McLaughlin has another intriguing proposal. He notes that blockchains store data in so-called hash tables, which apply complex mathematical formulas into strings of numbers that are more readily searchable later. McLaughlin suggests data considered personal should generate a key for encryption before storage. Then both the data controller and the data subject should have encryption keys. If a data erasure request is accepted, then the encryption keys should be thrown away to make the data anonymous and unrecoverable.
Another related, but distinct, problem that is directly of interest to the financial services industry is how to handle the use of public records. Accurate public records are essential for the provision of societally important services such as credit scores. A lot of innovative work is being done in developing alternative credit scoring models. But accurate data is needed. Blockchains are likely to be more and more used by the public sector for public records purposes. However, blockchains cannot by themselves deal with the “garbage in garbage out problem.” So that means that, for example, that new federal privacy legislation should preserve the integrity of public records and not allow, unless under very carved out and understood circumstances, them to be changed. And companies should have access to those records and be permitted to use them to develop new products and services.
There are initiatives like the Commerce Department National Institute of Standards (NIST) developing a definition along the lines that was done a few years ago with respect to cloud computing that might be helpful. Representatives Brett Guthrie (R-KY-2) and Doris Matsui (D-CA-6) are proposing the “Blockchain Promotion Act of 2018” that SIIA supports and welcomes. Blockchain can help financial and other industries by enhancing security, authentication, and regulatory compliance. A technical definition for blockchain will help set up a common framework for businesses, researchers, and policymakers and guide research and applications development. Indeed, this what happened when the Commerce Department National Institute of Standards (NIST) set a definition for cloud computing.
From a U.S. international competitiveness standpoint, SIIA recently wrote that that there are things that can be done to promote blockchain adoption such as the following:
- Encourage U.S. Financial Regulatory Agencies to Ensure that U.S. Fintechs and Companies offering innovative financial operate under a competitive regulatory environment.
- Include protection for blockchain in future trade agreements.
- Intensify Customs Work on Blockchain.
- Monitor blockchain standards development and encourage multi-stakeholder developed standards.
Much remains to be done, but we believe that the right policy environment can push blockchain into a much more widely used technology in the foreseeable future, just as it did with cloud computing.