From the recent push to bring innovation into the civil service, to Matt Hancock’s insistence that technology is key to building a sustainable NHS, the UK undoubtedly has a technophile government. But, people are rightly concerned about the government’s intrusion into their lives and their privacy.
From the failure of a coronavirus-tracking app, to the 2017 NHS data breach that leaked the medical records of 26 million people, Britons’ trust of the government with their data is at an all-time low.
A recent YouGov report shows that only 38% of people trust their local MP and 34% trust civil servants. So, if the public sector is to digitise — and it should — we need a system of data control that sits with the individuals that own the data, rather than the government. The only way to do this is through a decentralised network.
Blockchain is a viable alternative to these traditional centralised digital databases, and the technology exists today to be used by governments, health agencies and tech firms building Covid-19 response solutions and systems that support other critical public services.
While traditional public blockchain models such as bitcoin and Ethereum share all data with all parties on the network, a purpose-built enterprise blockchain platform can tackle this privacy challenge by using sophisticated encryption techniques, revealing the data only to those who have a need to know.
Taking this concept one step further, decentralised identifiers or DIDs make it possible to store public information only, securing the users’ privacy and control of their own data.
For example, an individual’s data — such as their immunity status to Covid-19 or the network of people they have been in contact with during the past 14 days — may need to be used by several different parties in the healthcare ecosystem. Uploading this data to a centralised digital database is essentially to relinquish control of it forever and introduces all manner of data security risks.
However, using decentralised identifiers and verifiable credentials enables the data to be separated from direct identifiers so that linkage to a specific individual is not possible without additional information that is held independently. The correlation can be made only by those parties to which the user provides full access, while still allowing anonymised data to be used as necessary, for example in tracking the total number of Covid-19 infections in a country or town.
User cases from the private sector demonstrate how, if deployed by governments, this type of technology could transform the way that individuals own and control their own digital identity. For example, digital security provider Gemalto has launched a blockchain-based identity verification system for mobile devices, putting users in control of their identities via a mobile app.
Using Gemalto, only attestations issued by trusted parties are stored on the blockchain, keeping personal data under the sole control of users. This could have wide-ranging potential in the public sector, in healthcare and beyond.
While some governments are already exploring blockchain’s power to transform the way data is held and aid them in digital transformation, many are not using cutting-edge identity technology to the same extent as firms such as Gemalto.
There are, however, indications that we are moving closer to true individualised data ownership through blockchain. Last year, for example, Her Majesty’s Land Registry announced its blockchain prototype had been used in the sale of a house as part of its ‘Digital Street’ initiative. The approach used digital identity verification technology from tech firm Yoti to give the buyer and seller a safe and convenient way to prove their identity and credentials.
Other notable government projects that are using self-sovereign identity technology include VonX in Canada, Lissi in Germany and Findy in Finland.
Distributed platforms aren’t a catch-all solution for every challenge in them public sector, but data privacy is undoubtedly a use-case for which they are perfectly suited. With confidence and trust in the government at an all-time low, the option to continue to put our data in the hands of a single entity seems unlikely.
In the coming months, the blockchain community must help public administrations understand the options they have in developing solutions to policy areas that have proved a hindrance during this crisis. Temporary solutions have been implemented but permanent ones can be found in digitalisation, and only those that place data privacy front and centre will win the backing of UK citizens. Blockchain and self-sovereign identity will be an essential component of that new world.
David E Rutter is chief executive of R3, a software company that sells blockchain technology to large businesses such as banks
