Cape Town as a Smart and Safe City: Implications for Governance and Data Privacy


Nora Ni Loideain at the Journal of International Data Privacy Law: “Promises abound that ‘smart city’ technologies could play a major role in developing safer, more sustainable, and equitable cities, creating paragons of democracy. However, there are concerns that governance led by ‘Big Data’ processes marks the beginning of a trend of encroachment on the individual’s liberty and privacy, even if such technologies are employed legitimately for the public’s safety and security. There are many ways in which personal data processing for law enforcement and public safety purposes may pose a threat to the privacy and data protection rights of individuals. Furthermore, the risk of such powers being misused is increased by the covert nature of the processing, and the ever-increasing capacity, and pervasiveness, of the retention, sharing, and monitoring of personal data by public authorities and business. The focus of this article concerns the use of these smart city technologies for the purposes of countering crime and ensuring public safety. Specifically, this research examines these policy-making developments, and the key initiatives to date, undertaken by the municipal authorities within the city of Cape Town. Subsequently, the examination then explores the implications of these policies and initiatives for governance, and compliance with the right to data privacy, as guaranteed under international human rights law, the Constitution of South Africa, and the national statutory framework governing data protection. In conclusion, the discussion provides reflections on the findings from this analysis, including some policy recommendations….(More)”.

Reclaiming personal data for the common good


Theo Bass at Nesta: “…The argument of our new report for DECODE is that more of the social value of personal data can be discovered by tools and platforms that give people the power to decide how their data is used. We need to flip the current model on its head, giving people back full control and respecting our data protection and fundamental rights framework.

The report describes how this might pave the way for a fairer distribution of the value generated by data, while opening up new use-cases that are valuable to government, society and individuals themselves. In order to achieve this vision, the DECODE project will develop and test the following:

Flexible rules to give people full control:  There is currently a lack of  technical and legal norms that would allow people to control and share data on their own terms. If this were possible, then people might be able to share their data for the public good, or publish it as anonymised open data under specific conditions, or for specific use-cases (say, non-commercial purposes). DECODE is working with the Making Sense project and Barcelona City Council to assist local communities with new forms of citizen sensing. The pilots will tackle the challenges of collating, storing and sharing data anonymously to influence policy on the city’s digital democracy platform Decidim (part of the D-CENT toolkit).

Trusted platforms to realise the collective value of data: Much of the opportunity will only be realised where individuals are able to pool their data together to leverage its potential economic and social value. Platform cooperatives offer a feasible model, highlighting the potential of digital technologies to help members collectively govern themselves. Effective data sharing has to be underpinned by high levels of user trust, and platform co-ops achieve this by embedding openness, respect for individual users’ privacy, and democratic participation over how decisions are made. DECODE is working with two platform co-ops – a neighbourhood social networking site called Gebied Online; and a democratic alternative to Airbnb in Amsterdam called FairBnB – to test new privacy-preserving features and granular data sharing options….(More)”

A framework for the free flow of non-personal data in the EU


European Commission Press Release: “To unlock the full potential of the EU data economy, the Commission is proposing a new set of rules to govern the free flow of non-personal data in the EU. Together with the already existing rules for personal data, the new measures will enable the storage and processing of non-personal data across the Union to boost the competitiveness of European businesses and to modernise public services in an effective EU single market for data services. Removing data localisation restrictions is considered the most important factor for the data economy to double its value to 4% of GDP in 2020….

The framework proposes:

  1. The principle of free flow of non-personal data across borders: Member States can no longer oblige organisations to locate the storage or processing of data within their borders. Restrictions will only be justified for reasons of public security. Member States will have to notify the Commission of new or existing data localisation requirements. The free flow of non-personal data will make it easier and cheaper for businesses to operate across borders without having to duplicate IT systems or to save the same data in different places.
  2. The principle of data availability for regulatory control: Competent authorities will be able to exercise their rights of access to data wherever it is stored or processed in the EU. The free flow of non-personal data will not affect the obligations for businesses and other organisations to provide certain data for regulatory control purposes.
  3. The development of EU codes of conduct to remove obstacles to switching between service providers of cloud storage and to porting data back to users’ own IT systems…. (Full press release and all documents related to the package)”

Ireland Opens E-Health Open Data Portal


Adi Gaskell at HuffPost: “… an open data portal has been launched by eHealth Ireland.  The portal aims to bring together some 300 different open data sources into one place, making it easier to find data from across the Irish Health Sector.

The portal includes data from a range of sources, including statistics on hospital day and inpatient cases, waiting list statistics and information around key new digital initiatives.

Open data

The resource features datasets from both the Department of Health and HealthLink, so the team believe that the data is of the highest quality, and also compliant with the Open Health Data Policy.  This ensures that the approach taken with the release of data is consistent and in accordance with national and international guidelines.

“I am delighted to welcome the launch of the eHealth Ireland Open Data Portal today. The aim of Open Data is twofold; on the one hand facilitating transparency of the Public Sector and on the other providing a valuable resource that can drive innovation. The availability of Open Data can empower citizens and support clinicians, care providers, and researchers make better decisions, spur new innovations and identify efficiencies while ensuring that personal data remains confidential,” Richard Corbridge, CIO at the Health Service Executive says.

Data from both HealthLink and the National Treatment Purchase Fund (NTPF) will be uploaded to the portal each month, with new datasets due to be added on a regular basis….

The project follows a number of clearly defined Open Health Data Principles that are designed to support the health service in the provision of better patient care and in the support of new innovations in the sector, all whilst ensuring that patient data is secured and governed appropriately…(More)”.

Opportunities and risks in emerging technologies


White Paper Series at the WebFoundation: “To achieve our vision of digital equality, we need to understand how new technologies are shaping society; where they present opportunities to make people’s lives better, and indeed where they threaten to create harm. To this end, we have commissioned a series of white papers examining three key digital trends: artificial intelligence, algorithms and control of personal data. The papers focus on low and middle-income countries, which are all too often overlooked in debates around the impacts of emerging technologies.

The series addresses each of these three digital issues, looking at how they are impacting people’s lives and identifying steps that governments, companies and civil society organisations can take to limit the harms, and maximise benefits, for citizens.

Download the white papers

We will use these white papers to refine our thinking and set our work agenda on digital equality in the years ahead. We are sharing them openly with the hope they benefit others working towards our goals and to amplify the limited research currently available on digital issues in low and middle-income countries. We intend the papers to foster discussion about the steps we can take together to ensure emerging digital technologies are used in ways that benefit people’s lives, whether they are in Los Angeles or Lagos….(More)”.

China seeks glimpse of citizens’ future with crime-predicting AI


, Yingzhi Yang and Sherry Fei Ju in the Financial Times: “China, a surveillance state where authorities have unchecked access to citizens’ histories, is seeking to look into their future with technology designed to predict and prevent crime. Companies are helping police develop artificial intelligence they say will help them identify and apprehend suspects before criminal acts are committed. “If we use our smart systems and smart facilities well, we can know beforehand . . . who might be a terrorist, who might do something bad,” Li Meng, vice-minister of science and technology, said on Friday.

Facial recognition company Cloud Walk has been trialling a system that uses data on individuals’ movements and behaviour — for instance visits to shops where weapons are sold — to assess their chances of committing a crime. Its software warns police when a citizen’s crime risk becomes dangerously high, allowing the police to intervene. “The police are using a big-data rating system to rate highly suspicious groups of people based on where they go and what they do,” a company spokesperson told the Financial Times. Risks rise if the individual “frequently visits transport hubs and goes to suspicious places like a knife store”, the spokesperson added. China’s authoritarian government has always amassed personal data to monitor and control its citizens — whether they are criminals or suspected of politically sensitive activity. But new technology, from phones and computers to fast-developing AI software, is amplifying its capabilities. These are being used to crack down on even the most minor of infractions — facial recognition cameras, for instance, are also being used to identify and shame jaywalkers, according to state media. Mr Li said crime prediction would become an important use for AI technology in the government sphere.

China’s crime-prediction technology relies on several AI techniques, including facial recognition and gait analysis, to identify people from surveillance footage. In addition, “crowd analysis” can be used to detect “suspicious” patterns of behaviour in crowds, for example to single out thieves from normal passengers at a train stations. As well as tracking people with a criminal history, Cloud Walk’s technology is being used to monitor “high-risk” places such as hardware stores…(More)”

Blockchains, personal data and the challenge of governance


Theo Bass at NESTA: “…There are a number of dominant internet platforms (Google, Facebook, Amazon, etc.) that hoard, analyse and sell information about their users in the name of a more personalised and efficient service. This has become a problem.

People feel they are losing control over how their data is used and reused on the web. 500 million adblocker downloads is a symptom of a market which isn’t working well for people. As Irene Ng mentions in a recent guest blog on the Nesta website, the secondary data market is thriving (online advertising is a major player), as companies benefit from the opacity and lack of transparency about where profit is made from personal data.

It’s said that blockchain’s key characteristics could provide a foundational protocol for a fairer digital identity system on the web. Beyond its application as digital currency, blockchain could provide a new set of technical standards for transparency, openness, and user consent, on top of which a whole new generation of services might be built.

While the aim is ambitious, a handful of projects are rising to the challenge.

Blockstack is creating a global system of digital IDs, which are written into the bitcoin blockchain. Nobody can touch them other than the owner of that ID. Blockstack are building a new generation of applications on top of this infrastructure which promises to provide “a new decentralized internet where users own their data and apps run locally”.

Sovrin attempts to provide users with “self-sovereign identity”. The argument is that “centralized” systems for storing personal data make it a “treasure chest for attackers”. Sovrin argues that users should more easily be able to have “ownership” over their data, and the exchange of data should be made possible through a decentralised, tamper-proof ledger of transactions between users.

Our own DECODE project is piloting a set of collaboratively owned, local sharing economy platforms in Barcelona and Amsterdam. The blockchain aims to provide a public record of entitlements over where people’s data is stored, who can access it and for what purpose (with some additional help from new techniques in zero-knowledge cryptography to preserve people’s privacy).

There’s no doubt this is an exciting field of innovation. But the debate is characterised by a lot of hype. The following sections therefore discuss some of the challenges thrown up when we start thinking about implementations beyond bitcoin.

Blockchains and the challenge of governance

As mentioned above, bitcoin is a “bearer asset”. This is a necessary feature of decentralisation — all users maintain sole ownership over the digital money they hold on the network. If users get hacked (digital wallets sometimes do), or if a password gets lost, the money is irretrievable.

While the example of losing a password might seem trivial, it highlights some difficult questions for proponents of blockchain’s wider uses. What happens if there’s a dispute over an online transaction, but no intermediary to settle it? What happens if a someone’s digital assets or their digital identity is breached and sensitive data falls into the wrong hands? It might be necessary to assign responsibility to a governing actor to help resolve the issue, but of course this would require the introduction of a trusted middleman.

Bitcoin doesn’t try to answer these questions; its anonymous creators deliberately tried to avoid implementing a clear model of governance over the network, probably because they knew that bitcoin would be used by people as a method for subverting the law. Bitcoin still sees a lot of use in gray economies, including for the sale of drugs and gambling.

But if blockchains are set to enter the mainstream, providing for businesses, governments and nonprofits, then they won’t be able to function irrespective of the law. They will need to find use-cases that can operate alongside legal frameworks and jurisdictional boundaries. They will need to demonstrate regulatory compliance, create systems of rules and provide accountability when things go awry. This cannot just be solved through increasingly sophisticated coding.

All of this raises a potential paradox recently elaborated in a post by Vili Lehdonvirta of the Oxford Internet Institute: is it possible to successfully govern blockchains without undermining their entire purpose?….

If blockchain advocates only work towards purely technical solutions and ignore real-world challenges of trying to implement decentralisation, then we’ll only ever see flawed implementations of the technology. This is already happening in the form of centrally administered, proprietary or ‘half-baked’ blockchains, which don’t offer much more value than traditional databases….(More)”.

Teaching machines to understand – and summarize – text


 and  in The Conversation: “We humans are swamped with text. It’s not just news and other timely information: Regular people are drowning in legal documents. The problem is so bad we mostly ignore it. Every time a person uses a store’s loyalty rewards card or connects to an online service, his or her activities are governed by the equivalent of hundreds of pages of legalese. Most people pay no attention to these massive documents, often labeled “terms of service,” “user agreement” or “privacy policy.”

These are just part of a much wider societal problem of information overload. There is so much data stored – exabytes of it, as much stored as has ever been spoken by people in all of human history – that it’s humanly impossible to read and interpret everything. Often, we narrow down our pool of information by choosing particular topics or issues to pay attention to. But it’s important to actually know the meaning and contents of the legal documents that govern how our data is stored and who can see it.

As computer science researchers, we are working on ways artificial intelligence algorithms could digest these massive texts and extract their meaning, presenting it in terms regular people can understand….

Examining privacy policies

A modern internet-enabled life today more or less requires trusting for-profit companies with private information (like physical and email addresses, credit card numbers and bank account details) and personal data (photos and videos, email messages and location information).

These companies’ cloud-based systems typically keep multiple copies of users’ data as part of backup plans to prevent service outages. That means there are more potential targets – each data center must be securely protected both physically and electronically. Of course, internet companies recognize customers’ concerns and employ security teams to protect users’ data. But the specific and detailed legal obligations they undertake to do that are found in their impenetrable privacy policies. No regular human – and perhaps even no single attorney – can truly understand them.

In our study, we ask computers to summarize the terms and conditions regular users say they agree to when they click “Accept” or “Agree” buttons for online services. We downloaded the publicly available privacy policies of various internet companies, including Amazon AWS, Facebook, Google, HP, Oracle, PayPal, Salesforce, Snapchat, Twitter and WhatsApp….

Our software examines the text and uses information extraction techniques to identify key information specifying the legal rights, obligations and prohibitions identified in the document. It also uses linguistic analysis to identify whether each rule applies to the service provider, the user or a third-party entity, such as advertisers and marketing companies. Then it presents that information in clear, direct, human-readable statements….(More)”

Selected Readings on Blockchain Technology and Its Potential for Transforming Governance


By Prianka Srinivasan, Robert Montano, Andrew Young, and Stefaan G. Verhulst

The Living Library’s Selected Readings series seeks to build a knowledge base on innovative approaches for improving the effectiveness and legitimacy of governance. This curated and annotated collection of recommended works on the topic of blockchain and governance was originally published in 2017.

Introduction

In 2008, an unknown source calling itself Satoshi Nakamoto released a paper named Bitcoin: A Peer-to-Peer Electronic Cash System which introduced blockchain technology. Blockchain is a novel system that uses a distributed ledger to record transactions and ensure compliance. Blockchain technology relies on an ability to act as a vast, transparent, and secure public database.

It has since gained recognition as a tool to transform governance by creating a decentralized system to

  • manage and protect identity,
  • trace and track; and
  • incentivize smarter social and business contracts.

These applications cast blockchain as a tool to confront certain public problems in the digital age.

The readings below represent selected readings on the applications for governance. They have been categorized by theme – Governance Applications, Identity Protection and ManagementTracing and Tracking, and Smart Contracts.

Selected Reading List

Governance Applications

  • Atzori, Marcella – The Center for Blockchain Technologies (2015) Blockchain Technology and Decentralized Governance: Is the State Still Necessary?  Aims to investigate the political applications of blockchain, particularly in encouraging government decentralization by considering to what extent blockchain can be viewed as “hyper-political tools.” The paper suggests that the domination of private bodies in blockchain systems highlights the continued need for the State to remain as a central point of coordination.
  • Boucher, Philip. – European Parliamentary Research Service (2017) How blockchain technology could change our lives  This report commissioned by the European Parliamentary Research Service provides a deep introduction to blockchain theory and its applications to society and political systems, providing 2 page briefings on currencies, digital content, patents, e-voting, smart contracts, supply chains, and blockchain states.
  • Boucher, Philip. – Euroscientist (2017) Are Blockchain Applications Guided by Social Values?  This report by a policy analyst at the European Parliament’s Scientific foresight unit, evaluates the social and moral contours of blockchain technology, arguing that “all technologies have value and politics,” and blockchain is no exception. Calls for greater scrutiny on the possibility for blockchain to act as a truly distributed and transparent system without a “middleman.”
  • Cheng, Steve;  Daub, Matthew; Domeyer, Axel; and Lundqvist, Martin –McKinsey & Company (2017)  Using Blockchain to Improve Data Management in the Public SectorThis essay considers the potential uses of blockchain technology for the public sector to improve the security of sensitive information collected by governments and as a way to simplify communication with specialists.
  • De Filippi, Primavera; and Wright, Aaron –Paris University & Cordoza School of Law (2015)  Decentralized Blockchain Technology and the Rise of Lex Cryptographia – Looks at how to regulate blockchain technology, particularly given its implications on governance and society. Argues that a new legal framework needs to emerge to take into account the applications of self-executing blockchain technology.
  • Liebenau, Jonathan and Elaluf-Calderwood, Silvia Monica. – London School of Economics & Florida International University (2016) Blockchain Innovation Beyond Bitcoin and Banking. A paper that explores the potential of blockchain technology in financial services and in broader digital applications, considers regulatory possibility and frameworks, and highlights the innovative potential of blockchain.
  • Prpić, John – Lulea University of Technology (2017) Unpacking Blockchains – This short paper provides a brief introduction to the use of Blockchain outside monetary purposes, breaking down its function as a digital ledger and transaction platform.
  • Stark, Josh – Ledger Labs (2016) Making Sense of Blockchain Governance Applications This CoinDesk article discusses, in simple terms, how blockchain technology can be used to accomplish what is called “the three basic functions of governance.”
  • UK Government Chief Scientific Adviser (2016)  Distributed Ledger Technology: Beyond Blockchain – A report from the UK Government that investigates the use of blockchain’s “distributed leger” as a database for governments and other institutions to adopt.

Identity Protection and Management

  • Baars, D.S. – University of Twente (2016Towards Self-Sovereign Identity Using Blockchain Technology.  A study exploring self-sovereign identity – i.e. the ability of users to control their own digital identity – that led to the creation of a new architecture designed for users to manage their digital ID. Called the Decentralized Identity Management System, it is built on blockchain technology and is based on the concept of claim-based identity.
  • Burger, Eric and Sullivan, Clare Linda. – Georgetown University (2016) E-Residency and Blockchain. A case study focused on an Estonian commercial initiative that allows for citizens of any nation to become an “Estonian E-Resident.” This paper explores the legal, policy, and technical implications of the program and considers its impact on the way identity information is controlled and authenticated.
  • Nathan, Oz; Pentland, Alex ‘Sandy’; and Zyskind, Guy – Security and Privacy Workshops (2015) Decentralizing Privacy: Using Blockchain to Protect Personal Data Describes the potential of blockchain technology to create a decentralized personal data management system, making third-party personal data collection redundant.
  • De Filippi, Primavera – Paris University (2016) The Interplay Between Decentralization and Privacy: The Case of Blockchain Technologies  A journal entry that weighs the radical transparency of blockchain technology against privacy concerns for its users, finding that the apparent dichotomy is not as at conflict with itself as it may first appear.

Tracing and Tracking

  • Barnes, Andrew; Brake, Christopher; and Perry, Thomas – Plymouth University (2016) Digital Voting with the use of Blockchain Technology – A report investigating the potential of blockchain technology to overcome issues surrounding digital voting, from voter fraud, data security and defense against cyber attacks. Proposes a blockchain voting system that can safely and robustly manage these challenges for digital voting.
  • The Economist (2015), “Blockchains The Great Chain of Being Sure About Things.”  An exploratory article that explores the potential usefulness of a blockchain-based land registry in places like Honduras and Greece, transaction registries for trading stock, and the creation of smart contracts.
  • Lin, Wendy; McDonnell, Colin; and Yuan, Ben – Massachusetts Institute of Technology (2015)  Blockchains and electronic health records. – Suggests the “durable transaction ledger” fundamental to blockchain has wide applicability in electronic medical record management. Also, evaluates some of the practical shortcomings in implementing the system across the US health industry.

Smart Contracts

  • Iansiti, Marco; and Lakhani, Karim R. – Harvard Business Review (2017) The Truth about Blockchain – A Harvard Business Review article exploring how blockchain technology can create secure and transparent digital contracts, and what effect this may have on the economy and businesses.
  • Levy, Karen E.C. – Engaging Science, Technology, and Society (2017) Book-Smart, Not Street-Smart: Blockchain-Based Smart Contracts and The Social Workings of Law. Article exploring the concept of blockchain-based “smart contracts” – contracts that securely automate and execute obligations without a centralized authority – and discusses the tension between law, social norms, and contracts with an eye toward social equality and fairness.

Annotated Selected Reading List

Cheng, Steve, Matthias Daub, Axel Domeyer, and Martin Lundqvist. “Using blockchain to improve data management in the public sector.” McKinsey & Company. Web. 03 Apr. 2017. http://bit.ly/2nWgomw

  • An essay arguing that blockchain is useful outside of financial institutions for government agencies, particularly those that store sensitive information such as birth and death dates or information about marital status, business licensing, property transfers, and criminal activity.
  • Blockchain technology would maintain the security of such sensitive information while also making it easier for agencies to use and access critical public-sector information.
  • Despite its potential, a significant drawback for use by government agencies is the speed with which blockchain has developed – there are no accepted standards for blockchain technologies or the networks that operate them; and because many providers are start-ups, agencies might struggle to find partners that will have lasting power. Additionally, government agencies will have to remain vigilant to ensure the security of data.
  • Although best practices will take some time to develop, this piece argues that the time is now for experimentation – and that governments would be wise to include blockchain in their strategies to learn what methods work best and uncover how to best unlock the potential of blockchain.

“The Great Chain of Being Sure About Things.” The Economist. The Economist Newspaper, 31 Oct. 2015. Web. 03 Apr. 2017. http://econ.st/1M3kLnr

  • This is an exploratory article written in The Economist that examines the various potential uses of blockchain technology beyond its initial focus on bitcoin:
    • It highlights the potential of blockchain-based land registries as a way to curb human rights abuses and insecurity in much of the world (it specifically cites examples in Greece and Honduras);
    • It also highlights the relative security of blockchain while noting its openness;
    • It is useful as a primer for how blockchain functions as tool for a non-specialist;
    • Discusses “smart contracts” (about which we have linked more research above);
    • Analyzes potential risks;
    • And considers the potential future unlocked by blockchain
  • This article is particularly useful as a primer into the various capabilities and potential of blockchain for interested researchers who may not have a detailed knowledge of the technology or for those seeking for an introduction.

Iansiti, Marco and Lakhani, Karim R. “The Truth About Blockchain.” Harvard Business Review. N.p., 17 Feb. 2017. Web. 06 Apr. 2017. http://bit.ly/2hqo3FU

  • This entry into the Harvard Business Review discusses blockchain’s ability to solve the gap between emerging technological progress and the outdated ways in which bureaucracies handle and record contracts and transactions.
  • Blockchain, the authors argue, allows us to imagine a world in which “contracts are embedded in digital code and stored in transparent, shared databases, where they are protected from deletion, tampering, and revision”, allowing for the removal of intermediaries and facilitating direct interactions between individuals and institutions.
  • The authors compare the emergence of blockchain to other technologies that have had transformative power, such as TCP/IP, and consider the speed with which they have proliferated and become mainstream.
    • They argue that like TCP/IP, blockchain is likely decades away from maximizing its potential and offer frameworks for the adoption of the technology involving both single-use, localization, substitution, and transformation.
    • Using these frameworks and comparisons, the authors present an investment strategy for those interested in blockchain.

IBM Global Business Services Public Sector Team. “Blockchain: The Chain of Trust and its Potential to Transform Healthcare – Our Point of View.” IBM. 2016. http://bit.ly/2oBJDLw

  • This enthusiastic business report from IBM suggests that blockchain technology can be adopted by the healthcare industry to “solve” challenges healthcare professionals face. This is primarily achieved by blockchain’s ability to streamline transactions by establishing trust, accountability, and transparency.
  • Structured around so-called “pain-points” in the healthcare industry, and how blockchain can confront them, the paper looks at 3 concepts and their application in the healthcare industry:
    • Bit-string cryptography: Improves privacy and security concerns in healthcare, by supporting data encryption and enforces complex data permission systems. This allows healthcare professionals to share data without risking the privacy of patients. It also streamlines data management systems, saving money and improving efficiency.
    • Transaction Validity: This feature promotes the use of electronic prescriptions by allowing transactional trust and authenticated data exchange. Abuse is reduced, and abusers are more easily identified.
    • Smart contracts: This streamlines the procurement and contracting qualms in healthcare by reducing intermediaries. Creates a more efficient and transparent healthcare system.
  • The paper goes on to signal the limitations of blockchain in certain use cases (particularly in low-value, high-volume transactions) but highlights 3 use cases where blockchain can help address a business problem in the healthcare industry.
  • Important to keep in mind that, since this paper is geared toward business applications of blockchain through the lens of IBM’s investments, the problems are drafted as business/transactional problems, where blockchain primarily improves efficiency than supporting patient outcomes.

Nathan, Oz; Pentland, Alex ‘Sandy’; and Zyskind, Guy “Decentralizing Privacy: Using Blockchain to Protect Personal Data” Security and Privacy Workshops (SPW). 2015. http://bit.ly/2nPo4r6

  • This technical paper suggests that anonymization and centralized systems can never provide complete security for personal data, and only blockchain technology, by creating a decentralized data management system, can overcome these privacy issues.
  • The authors identify 3 common privacy concerns that blockchain technology can address:
    • Data ownership: users want to own and control their personal data, and data management systems must acknowledge this.
    • Data transparency and auditability: users want to know what data is been collected and for what purpose.
    • Fine-grained access control: users want to be able to easily update and adapt their permission settings to control how and when third-party organizations access their data.
  • The authors propose their own system designed for mobile phones which integrates blockchain technology to store data in a reliable way. The entire system uses blockchain to store data, verify users through a digital signature when they want to access data, and creates a user interface that individuals  can access to view their personal data.
  • Though much of the body of this paper includes technical details on the setup of this blockchain data management system, it provides a strong case for how blockchain technology can be practically implemented to assuage privacy concerns among the public. The authors highlight that by using blockchain “laws and regulations could be programmed into the blockchain itself, so that they are enforced automatically.” They ultimately conclude that using blockchain in such a data protection system such as the one they propose is easier, safer, and more accountable.

Wright, Aaron, and Primavera De Filippi. “Decentralized blockchain technology and the rise of lex cryptographia.” 2015. Available at SSRN http://bit.ly/2oujvoG

  • This paper proposes that the emergence of blockchain technology, and its various applications (decentralized currencies, self-executing contracts, smart property etc.), will necessitate the creation of a new subset of laws, termed by the authors as “Lex Cryptographia.”
  • Considering the ability for blockchain to “cut out the middleman” there exist concrete challenges to law enforcement faced by the coming digital revolution brought by the technology. These encompass the very benefits of blockchain; for instance, the authors posit that the decentralized, autonomous nature of blockchain systems can act much like “a biological virus or an uncontrollable force of nature” if the system was ill-intentioned. Though this same system can regulate the problems of corruption and hierarchy associated with traditional, centralized systems, their autonomy poses an obvious obstacle for law-enforcement.
  • The paper goes on to details all the possible benefits and societal impacts of various applications of blockchain, finally suggesting there exists a need to “rethink” traditional models of regulating society and individuals. They predict a rise in Lex Cryptographia “characterized by a set of rules administered through self-executing smart contracts and decentralized (and potentially autonomous) organizations.” Much of these regulations depend upon the need to supervise restrictions placed upon blockchain technology that may chill its application, for instance corporations who may choose to purposefully avoid including any blockchain-based applications in their search engines so as to stymie the adoption of this technology.

Big Data for Achievement of the 2030 Agenda: Data Privacy, Ethics and Protection


UNDG Guidance Note: “This document sets out general guidance on data privacy, data protection and data ethics for the United Nations Development Group (UNDG) concerning the use of big data, collected in real time by private sector entities as part of their business offerings1 , and shared with UNDG members for the purposes of strengthening operational implementation of their programmes to support the achievement of the 2030 Agenda.

The Guidance Note is designed to:

• Establish common principles across UNDG to support the operational use of big data for achievement of the Sustainable Development Goals (SDGs);

• Serve as a risk-management tool taking into account fundamental human rights; and

• Set principles for obtaining, retention, use and quality control for data from the private sector. The data revolution was recognized as an enabler of the Sustainable Development Goals, not only to monitor progress but also to inclusively engage stakeholders at all levels to advance evidence-based policies and programmes and to reach the most vulnerable.

The 2030 Agenda asserts that “Quality, accessible, timely and reliable disaggregates data will be needed to help with the measurement of progress (SGDs) and to ensure that no one is left behind. Such data is key to decision making.” At the same time, there are legitimate concerns regarding risks associated with handling and processing of big data, particularly in light of the current fragmented regulatory landscape and in the absence of a common set of principles on data privacy, ethics and protection. These concerns continue to complicate efforts to develop standardized and scalable approaches to risk management and data access. A coordinated approach is required to ensure the emergence of frameworks for safe and responsible use of big data for the achievement of the 2030 Agenda.

The guidance described in this document acknowledges and is based on the UN Guidelines for the Regulation of Computerized Personal Data Files, adopted by the UN General Assembly resolution 45/95, and takes into account both existing international instruments and relevant regulations, rules and policies of UNDG member organizations concerning data privacy and data protection. This Guidance Note is based on standards that have withstood the test of time, reflecting the strength of their core values….(More)”.