Architecting for Privacy and Data Protection on Hedera
Nov 11, 2021
by Debra Farber
Privacy Strategist

I am excited to share with you my Hedera whitepaper: How Distributed Ledger Technology (DLT) Serves as Web 3 Privacy Architecture, a labor of love.

When I first dove into the world of distributed ledger technology at the beginning of 2020, having 16+ years of operational privacy expertise, I was surprised by how stakeholders in the crypto space discussed and framed the topic of “privacy.” I saw many posts claiming “there is no privacy without anonymity.” Of course, those who typically make such an assertion really intend it to mean anonymity of financial transactions via “privacy coins” and skip over the many other uses of personal data collected or processed by organizations. This paper aims to start filling that very wide gap.

Anonymity is actually an edge case. As social creatures, humans don’t typically move around in public spaces with their faces obscured (with exceptions for religious preferences, mask-wearing during a pandemic, etc.). Shrouding ourselves in anonymity is an edge case we typically deploy when we want our voices heard without attribution, thus avoiding blowback for one’s opinion. Unfortunately, some in the crypto world conflate unfettered speech with privacy. While both free speech and privacy may be necessary to achieve the aims of “freedom,” they are, in fact, completely different concepts. The EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), India’s pending Personal Data Protection Bill (PDPB), and other similar pieces of legislation around the world have outlined a framework for the collection and processing of personal data within various countries’ jurisdictions. I plan to write more about anonymity vs. privacy in an upcoming blog post. For now, I simply want to introduce you to why I was inspired to draft this whitepaper.

After spending the past several years evangelizing the frameworks for “Privacy by Design and Default,” which companies must embed into their product and service offerings via “Privacy Engineering” methodologies, practices, and tools, I saw an opportunity to educate those endeavoring to build on DLT, especially for companies who want to earn and keep trust. Since Hedera’s founders built an enterprise-grade public DLT with the vision to create a 100-year+ company, I knew Hedera was the organization with which I wanted to partner on privacy, as those who seek to build on Hedera Consensus Service or Hedera Token Service are those who can benefit most from better understanding their privacy and data protection obligations. This is part of the great “shift left” that the security industry has been championing for years, to address risks (including privacy risks) earlier in the software development lifecycle. We finally have strong, global data protection laws in major markets that require organizations to “shift left” for privacy.

My intent with writing this whitepaper is to level-set what privacy and data protection actually means in today’s highly-regulated world and apply it to DLT. I start with a crash course in data protection rights and obligations. I then flesh out the privacy characteristics of Hedera’s services. Lastly, I highlight privacy pitfalls to avoid. Note, however, that this is not a full overview of all things data protection. There are many concepts I chose not to include in this paper in order to strip the legalese and leave only brevity and clarity; so, do seek advice from your privacy and data protection counsel and consultants to understand your company’s actual legal risks.

To build upon concepts and serve as a guide for DLT architects and developers, the paper is separated into three sections.

Section 1: Global Privacy Requirements

Understand essential privacy and data protection requirements of which architects and developers should be aware. It describes critical global data protection rights afforded to individuals and organizational obligations to respect and facilitate those rights, data minimization, accountability, security, and privacy by design and default.

Section 2: Architectural Considerations

This section describes emerging architectural patterns for deploying decentralized applications and three privacy and data protection pitfalls to avoid: 1) who is accountable for compliance, 2) deletion of personal data from the blockchain or hashgraph, and 3) the finality of smart contracts made in error.

Section 3: Inheriting Trust via Hedera

Hedera offers a variety of network services to interact with the public ledger. For each network service, there are relevant privacy considerations based on how the data flows through the network and its deployment options.

I see this whitepaper as the foundational document for a broader privacy platform, and I anticipate making updates to it as I receive feedback from the Hedera community and as the ecosystem evolves. However, now that it has been published, I am excited to bring to you additional educational content on specific areas of privacy and data protection. Up next on my list are deep dives into data minimization, NFTs for consent and assurances around digital rights, and accountability. Of course, I also plan to give my fuller perspectives on anonymization and decentralization, some hotly debated issues in DLT! Hello Future.