March 21, 2018 | Written by: Jeff Jonas
Categorized: Blockchain | Think 2018
Share this post:
Data privacy protection is a critical requirement for organizations that store data about people and organizations. A tamper-resistant audit log should be included in every organization’s comprehensive privacy and security architecture.
When immutable audit logs are in place, user interactions are permanently recorded. Even administrators with the highest level of system privileges cannot alter these events.
In 2012, when I was an IBM Fellow and chief scientist of IBM Entity Analytics, I co-authored a paper with Ann Cavoukian, the creator of Privacy by Design. The paper “Privacy by Design in the Age of Big Data” addressed how privacy and responsibility can be advanced in the new era of big data analytics. One of the areas we covered was how to reduce the risk of users misusing the system:
“The question ‘Who will watch the watchmen?’ remains as relevant today as when it was first posed in Latin two thousand years ago. People with access and privileges can, and do, occasionally look at records without a legitimate business purpose, e.g., an employee of a banking system looking up his neighbor’s account. Tamper-resistant logs make it possible to audit user behavior. Implementing them may decrease violations, because where employees know such audits are possible, they may be less likely to succumb to temptation.”
It’s true. When immutable audit logs are in place, corrupt individuals are deterred from engaging in a range of bad behaviors, from peeping to corporate espionage and identity theft.
Enhancing Data Privacy with Blockchain
Data privacy has been a passion of mine for more than two decades. My team and I built Privacy by Design (PbD) into our Senzing ER entity resolution technology from the beginning. The details of how PbD is incorporated into Senzing ER are covered in the paper I wrote with Ann referenced above.
When blockchain came onto the scene a few years ago, I began to investigate how I might be able to use it to further advance our technology’s privacy capabilities. The use of blockchain is increasing rapidly. A recent IBM Institute of Business Value (IBV) study found one-third of nearly 3,000 C-Suite executives surveyed are using or considering blockchain in their business.
On Thursday, on stage at IBM Think, I’ll be sharing for the first time our development progress as we integrate IBM Blockchain into Senzing ER for GDPR Compliance. This combination will reduce the risk of people abusing their search privileges by accessing data they shouldn’t be viewing. By creating an immutable audit log using IBM Blockchain, the system will permanently record how users search our system for personal data about individuals.
Tomorrow will be a momentous event for me and for data privacy as I introduce the world’s first entity search technology with integrated blockchain search accountability. I’m proud to help lead these efforts to use IBM Blockchain to further individual privacy protection.