Europe’s Virus Tracking Privacy Row Shows Why Databases Need to Be Decentralized

As governments across Europe weigh up the best options for exiting the weeks-long lockdowns resulting from the coronavirus pandemic, a privacy row has been brewing. There seems to be a general consensus that a core component of any exit strategy should involve contact tracing. Anyone who’s come into contact with a known virus carrier will be alerted so they can go into quarantine. However, the privacy argument focuses on how this should be done. 

The argument hinges on the way that the data gathered by contact tracing smartphone apps are stored and used. Initially, several European countries, including the UK and Germany, decided to adopt an app that uses a centralized approach to data gathering. With this approach, a user’s location data is sent to a centralized database, with a server matching individuals who have spent time in the same location as virus carriers so they can be alerted. 

An Unpopular Approach

Privacy advocates quickly flagged their discontent. Centralized data storage leaves the user with no assurance that their data won’t be harvested and repurposed for other uses. Centralized servers are also highly prone to external attacks, and a server holding weeks, or even months, worth of location data for an entire country would be a desirable target for hackers. 

These concerns are entirely justified. The Edward Snowden revelations uncovered how governments are all too willing to harvest citizen’s data. Some of the most serious data breaches of the last decade illustrate the risk that centralized servers leak data into the hands of malicious parties. The Yahoo breach alone saw three billion user accounts compromised. 

Therefore, it’s apparent why a centralized approach has proven so worrying to citizens in Europe. Campaigners have been pushing for an alternative solution, which takes a more decentralized approach to data collection and storage. In this approach, personal or location data never leaves the user’s phone. 

Instead, an anonymized ID is the only piece of data that enters a centralized database, and the app downloads this database so that contact tracing can be performed. 

 

Why Not Blockchain? 

 

 

Until now, decentralized data storage hasn’t been one of the most often-touted use cases of blockchain technology. Decentralized file storage solutions such as Siacoin or Storj gained a lot of early traction, but the COVID-19 track-and-trace imperative creates a clear argument for a decentralized database solution. 

 

Bluzelle has been building the kind of decentralized database that could well prove to be a satisfactory solution for Europe’s privacy campaigners. From the developer perspective, it works as a kind of “Airbnb” solution for decentralized application data storage. A developer simply pays for the storage and reads/writes that they need to run their application. It’s potentially infinitely scalable, and because data is replicated as part of Bluzelle’s decentralized storage model, it can offer significant cost savings over centralized equivalents. 

 

Bluzelle’s validator network provides the storage. Each validator offers its hardware for rent and participates in a proof-of-stake consensus for changes to the database. Validators are paid a percentage of the rent charged by Bluzelle for storage space on the network. 

 

To ensure that data is accessible around the clock, validators are grouped into so-called “database zones” comprising 13 or more nodes. Each node in the database zone has to keep its own copy of the database, and changes are only permitted with a consensus of two-thirds of the zone. In this way, data is tamper-proof and resistant to censorship. 

Data Self-Sovereignty 

 

Bluzelle also takes a self-sovereign approach to personal data that would lend itself well to the kind of track-and-trace applications currently being debated across Europe. A blog post from the company explains how it designed the platform to provide individuals with an encryption key for locking and unlocking their data. 

 

The only way that an external party can view or use the data is if the individual consents, by unlocking their data using the key. In a further step, the user can also specify how and where the data is being used, including the timespan for accessing it. 

 

So, for example, in a virus tracking application, they could specify that only the government can use the data, and only within the confines of the virus-tracing app itself. This could apply for a fixed period of, say, three months, after which consent must be renewed, or access to the data is withdrawn.

 

Other platforms have also purported to be developing blockchain-based solutions for COVID-19 tracing. However, it’s not currently clear how they intend to overcome the issue that data cannot be efficiently stored on most blockchains. Many dApp developers resort to using centralized database providers simply because storing data on a blockchain such as Ethereum would end up being prohibitive in terms of cost and speed. 

Therefore, for apps to be managed in a truly decentralized way, an appropriate data storage solution is evidently very much needed.