A step closer to protecting individual privacy
In April 2021, Russian hackers gained access to Colonial Pipeline’s computer network and shut it down. They demanded $4.4 million in bitcoin to turn it back on, and the company quickly paid the ransom.
Within months, the FBI found and seized the hackers’ bitcoins. Because bitcoin’s blockchain records every transaction, agents could track down the wallet holding the hackers’ funds and the server that the hackers stored the wallet on. Once they had that information, they simply told the server’s hosts to transfer control of the wallet to the authorities.
While the bitcoins were recovered, the hackers remain at large.
How could law enforcement recover funds from hackers it still can’t find—or even identify? How could a server host criminal funds without even knowing it?
After all, because cryptocurrency transactions are not linked to any identity.
Instead, they use computer protocols to link transactions pseudonymously, with a long string of seemingly random characters. Nobody can see a user’s identity, even though the transaction itself is public and verifiable.
This feature makes it an ideal tool for data exchange. Observers know what’s going on, but not who’s doing it. With a little engineering, they can create platforms to save data privately in encrypted files, then send it anywhere without ever revealing its contents. A record on a blockchain assures that the data is authentic and comes from a trusted source.
That enables businesses and entrepreneurs to track inventory, public health records and other data without revealing its contents. They can also create data marketplaces and sharing platforms that protect individual privacy. All of the data is saved locally and exchanged using cryptocurrency to facilitate transactions, but none of the data gets recorded in a database or on a shared computer.
Already, at least a dozen startups have created distributed storage platforms that use blockchains and cryptocurrency to move data without a server or private computer network.
For example, Steamr worked with Filipino fishermen to record their catches and revenue on the blockchain so banks could build credit files on them. The banks didn’t need to see the records themselves, verify the catch or ask for documentation. The blockchain confirmed the data’s authenticity.
Or VeChain, which uses RFID to track goods and a cryptocurrency to settle each transaction from source to sale. Each item has “My Story,” a chronology of where it came from, where it went and what happened along the way. In that case, the contents are revealed, but the same technology can keep those contents private.
Their users will never have to worry about their data being hacked because no hacker can access that data. To get close, a hacker would have to get access to every computer that services the network network, which is a quite a tall task.
Had Colonial Pipeline stored its data on a blockchain and secured the value of its data with cryptocurrency, perhaps it never would’ve exposed itself to a hack.
After all, what hacker wants to spend time and effort getting access to a computer that doesn’t have the data they want?
On the other hand, this technology comes with risks.
It takes only one real-world connection to unravel all of the privacy that the networks protect. Once an individual’s data is exposed, everybody has a history of how it moved. Just like the authorities could find and seize the hackers’ bitcoin, anybody can find and seize the data with the right forensic evidence.
Criminals can also use the same private channels to conspire on crimes. Because the protocols don’t have any personal information about users, no one can tell whether somebody’s doing something wrong, let alone stop them from doing so. Authorities can’t do much, either. How do you subpoena a computer protocol?
Mark Helfman, crypto analyst at Hacker Noon, edits and publishes the Crypto Is Easy newsletter at cryptoiseasy.substack.com. He is the author of Bitcoin or Bust: Wall Street’s Entry Into Cryptocurrency. @mkhelfman