Jump to content

User:Funfettiqueen/sandbox

From Wikipedia, the free encyclopedia

A blockchain is a public, shared database that records transactions between two parties. Specifically, blockchains document and confirm who owns what at a particular time through cryptography. After a particular transaction is validated and cryptographically verified by other participants, or nodes, in the network, it is then made into a "block" on the blockchain. A block contains information about when the transaction occurred, previous transactions, and details about the transaction. Once recorded as a block, transactions are ordered chronologically and cannot be altered or changed. This technology rose to popularity after the creation of Bitcoin-- the first application built on the blockchain-- and has furthermore catalyzed other cryptocurrencies and applications. Due to its nature of decentralization, transactions and data are not verified and owned by one singular, overpowering entity as they are in typical systems. Rather, the validity of transactions are able to be confirmed by any node, or computer, that has access to the network. Additionally, blockchain technology secures and authenticates transactions and data through cryptography.  With the rise and widespread adoption of technology, data breaches have become rampant and frequent. User information and data is often stored, mishandled, and misused, causing a threat to personal privacy. Currently, many are pushing for the widespread adoption of blockchain technology for its ability to increase user privacy, data protection, and data ownership.

Contents

[edit]

Blockchain and protecting privacy[edit]

[edit]

Private and public keys

A key aspect of privacy in blockchains lie in the use of private and public keys. Blockchain systems use asymmetric cryptography to secure transactions between users. In these systems, each user has a public and private key. These keys are comprised of a random string of numbers and are cryptographically related to one another. Although the public and private keys are related to one another, it is mathematically impossible for a user to guess a user's private key from their public key. This provides an increase in security benefits and protects from potential hackers or malicious users. Public keys can be shared with other users' in the network, as they do not give any information regarding personal data. Additionally, each user has an address, which is derived from the public key using a hash function. These addresses are furthermore used to send and receive assets on the blockchain, such as cryptocurrency. Because blockchain networks are shared to all participants, users can view past transactions and activity that has occurred on the blockchain. On the blockchain, senders' and receivers' of past transactions are represented and signified by their addresses. Due to this, users' identities are not revealed. Public addresses do not reveal any personal information or identification.Rather, public addresses act as pseudonymous identities. This furthermore allows users' to have their identities relatively concealed on the blockchain. However, it is suggested that users do not use a public address more than once. This tactic avoids the possibility for a malicious user to trace a particular address' past transactions in attempt to reveal information. Additionally, private keys are used to protect user identity and security through digital signatures. Firstly, private keys are used to access funds and personal wallets on the blockchain.Private keys also add a layer of identity authentication. When an individual wishes to send money to another user, they must provide a digital signature (which is produced only when provided with the particular private key). This process protects against potential hackers that aim to pose as certain individuals and use the said-individuals funds.

Peer-to-peer network

As previously stated, blockchain technology arose from the creation of Bitcoin. In 2008, a pseudonymous Satoshi Nakamoto released a paper describing the technology behind the technology. In his paper, he explained a decentralized network that was characterized by peer-to-peer transactions involving cryptocurrencies, or electronic money. In typical transactions carried out today, users put trust into central authorities to securely hold their data and execute transactions. In large corporations, a large amount of users' personal data is stored on a single device, posing an extreme security risk if an authority's system was hacked, lost, or mishandled. On the contrary, blockchain technology aims to get rid of this reliance on a central authority.In order to execute this, blockchain functions in a way where nodes, or devices in a particular blockchain network, can confirm the validity of a transaction rather than a powerful third party. In this system, transactions between users (such as sending and receiving cryptocurrency) are broadcasted to every node in the network. However, before the transaction is recorded as a block on the blockchain, nodes must ensure that a transaction is valid. In other words, nodes must check past transactions of the spender to ensure that he/she did not double spend, or spend more funds than they actually own. After nodes confirm that a block is valid, consensus protocols, such as proof of work and proof of stake, are then deployed by miners. These protocols allow nodes to reach a state of agreement on the order and amount of transactions. Once a particular transaction is verified, it is then published on the blockchain as a block. Once a block is created on a blockchain, it cannot be altered or changed. Through blockchain's decentralized nature and elimination of the need for a central authority, user privacy is increased. Peer-to-peer networks allow for users to control their data, decreasing the threat of third parties to sell, store, or manipulate personal information.

Zero-knowledge proofs

A zero-knowledge proof is a consensus protocol where one party proves to another party that a specific set of information (i.e., a transaction is valid) is true. However, the "prover" do so in a way that does not reveal any specific information about the transaction. This can be done through complex cryptographic methods. This method, which has been recently introduced into blockchain systems using zk-snarks, has been enacted to increase privacy in blockchains. In typical public blockchain systems, a block contains information about a transaction, such as the sender and receivers addresses along with the amount sent. However, many users are not comfortable with this sense of transparency. In order to maintain blockchain's nature of decentralization while decreasing transparency, zero-knowledge proofs do not reveal or share anything about a particular transaction other than the fact that it is valid.

Private vs. public blockchain privacy[edit]

[edit]

Private blockchains

Private blockchains (also referred to as permissioned blockchains) are different than public blockchains. As stated, public blockchain ledgers are available to any node that wishes to download the network. Common critiques of public blockchains claim that, because everyone has the ability to download a blockchain and look at the history of transactions, there is not much privacy.However, in private blockchains, nodes must specifically be granted access to participate, view transactions, and deploy consensus protocols. Due to the fact that transactions listed on a private blockchain are not public to all, private blockchains ensure an extra layer of privacy. Since private blockchains have restricted access and nodes must be specifically selected to view and participate in a network, some argue that private blockchains grant more privacy to users. Because these blockchains contain only a number of participants, they are easy to download and access and are therefore more scalable. Currently, large businesses such as JPMorgan and NASDAQ have adopted private blockchain systems into their models. While private blockchains are being deemed as the most realistic way to adopt blockchain technology into business models in order to maintain a high level of privacy, private blockchains also have cons.For example, private blockchains delegate specific actors to verify blocks and transactions. Although some argue that this provides efficiency and security, concerns have risen that in nature, private blockchains are not truly decentralized because the verification of transactions and control are put back into the hands of a central entity. Another common concern related to these delegated owners is that, because managers of private blockchains have full control over the network, they could potentially tamper and manipulate the system for personal gain.

Use cases for privacy protection[edit]

[edit]

Financial Transactions

After Satoshi Nakamoto spurred the creation of blockchain technology through Bitcoin (the most well-known blockchain use case), many know blockchain for its potential in financial applications. In current financial systems, however, there exists many privacy concerns and threats. A large hurdle in current designs are due to centralization. Currently, when individuals deposit money, a third party intermediary is necessary. When sending money to another user, individuals must put trust in the fact that a third party will complete this task. However, blockchain decreases the need for this trust in a central authority; rather, cryptographic functions allow individuals to directly send money to other users. Because of Bitcoin's widespread recognition and sense of anonymity, criminals have used this to their advantage by purchasing illegal items using Bitcoin. Through the use of cryptocurrencies and its pseudonymous keys that signify transactions, illegal purchases are difficult to trace and pin to a singular individual. Due to the known potential and security that lies in blockchains, many banks are making steps in adopting business models that embrace and utilize the technology.

Health Care Records

In recent years, more than 100 million health care records have been breached. However, in attempts to combat this prevailing issue of data breaching, attempted solutions often result in inaccessibility of health records. A large part of this is struggle is due to the fact that health providers regularly send data to other providers regarding a specific patient. Furthermore, this passing of data between providers often results in mishandling data, losing records, or passing on inaccurate and non-updated data. Additionally, in some cases, only one copy of an updated health record exists; this can result in the loss of important information. On top of these concerns, health records often contain highly personal information, spanning from patient names, social security numbers, and home addresses. Overall, it is argued by some that the current system of transferring health information compromises patient privacy in order to make records easy to transfer. As blockchain technology has expanded and developed in recent years, many have pressed to shift health record storage onto the blockchain. Rather than having both physical and electronic copies of records, blockchains could allow the shift to solely electronic health records, or EHRs. Through placing medical records on the blockchain, health information would then be in control of the patient rather than a third party through patient's having a private and public key. Using this technology, patients could then control who has access to their health records, making transferring information less cumbersome.  Additionally, because blockchain ledgers are immutable, health information could not be deleted or tampered with.Blockchain transactions, or updated to said health record, would be accompanied by a timestamp, allowing for those with access to have updated information and a clear sense of when particular things occurred in a patient's health history.

Legal

Another popular use case that protects the privacy of individuals is notarization of legal documents. Currently, documents must be verified through a third party, or notary. This poses roadblocks, as notarization fees can be high. Additionally, transferring documents takes time and can lead to lost or mishandled information. Similar to healthcare records, many are pressing for the adoption of blockchain technology in regards to the storage legal documents. This way, documents cannot be tampered with and can be easily accessed by those who are granted permission to such documents. As a result, individual information is then protected from possible stolen information and mishandling of private information. Another potential adoption of blockchain technology is the execution of legal contracts using smart contracts. Smart contracts are a popular application of the blockchain network in which nodes automatically execute terms of a contract. By using smart contracts, people will no longer have to rely on a third party to manage contracts, allowing for an increase in privacy regarding personal information.

Legality of blockchain and privacy[edit]

[edit]

GDPR

With the recent adoption of the General Data Protection Regulation in the European Union, questions have arose regarding blockchain's compliance with the act. In short, GDPR is a piece of data privacy legislation that was enacted to protect EU citizens from data breaches. This piece of legislation applies to those who both process data in the EU as well as those who process data outside the EU for people in the EU. However, personal data (as defined by the GDPR) is "any information relating to an identified or identifiable natural person". Because identities on the blockchain are associated with an individual's public and private key, it comes in question whether or not this falls under the category of personal data, since public and private keys enable complete pseudonymity and are not necessarily connected to a specific identity. Additionally, a key part of the GDPR lies in a citizen's right to be forgotten, otherwise known as data erasure. This piece of the GDPR allows individuals to request that data associated with them to be erased if it is no longer relevant along with other conditions. Due to the blockchain's nature of immutability, there exists potential complications if an individual who made transactions on the blockchain requests their data to be deleted. Additionally, another roadblock lies in the fact that once a block is verified on the blockchain, it is immutable, or impossible to delete.

IRS

Due to the fact that cryptocurrency prices fluctuate, many treat the purchase of crypto as an investment. By purchasing these coins at particular prices, buyers hope that they can later sell them at a higher price, furthermore making a profit. However, the IRS, or International Revenue Service, are currently facing struggles due to the fact that many people do not include revenue made by cryptocurrencies in their income reports. In response to these concerns, the IRS issued a notice, announcing that people must apply general tax principles to cryptocurrency and treat the purchase of cryptocurrency as an investment or stock. Furthermore, the IRS has enacted that, if people fail to report their income from cryptocurrency, they could be subject to civil penalties and fines. In attempts to strictly enforce these rules and avoid potential tax fraud, the IRS has called on Coinbase to report users that have sent or received more than $20,000 worth of cryptocurrency in a singular year. However, the nature of blockchain technology makes these enforcements rather difficult.  Because blockchains are decentralized, singular, all-powerful entities cannot keep track of purchases and activity of a user. Additionally, pseudonymous addresses make it difficult to tie identities with users, ultimately being a perfect outlet for people to launder money.

Blockchain Alliance

Because virtual currencies and the blockchain's protection of identity has proven to be a hub for criminal purchases and activity, the FBI and Justice Department created the Blockchain Alliance. This team, which is made up of law enforcement agencies, aims to identify and enforce legal restrictions on the blockchain to combat such activity through open dialogue on a private-public forum. This allows such leaders in the law enforcement industry to work together to fight against these illegal exploitations of the technology. Examples of criminal activity on the blockchain include hacking cryptocurrency wallets and stealing funds. However, since user identities are not tied to public addresses, it is extremely hard to locate and identify particular criminals and robbers.

Fair Information Practices

Importantly, blockchain has been acknowledged as a way to solve Fair Information Practices, which are a set of principles relating to privacy practices and concerns for users in modern technology. Specifically, blockchain transactions allow for users to control their data through private and public keys, allowing them to own it themselves completely.  This way, third party intermediaries are not allowed to misuse and obtain data in unsuspecting ways. Additionally, if personal data is stored on the blockchain, owners of such data are able to control when and how a third party can access said data. In blockchains, ledgers automatically include an audit trail. This ensures that transactions accurate.

Concerns regarding blockchain privacy[edit]

[edit]

Transparency

Although many push for the adoption of blockchain technology because it allows for users to control their own data and get rid of third parties, some believe that certain characteristics of this technology infringe on user privacy. Because blockchains are decentralized and allow for any node to access transactions, events and actions of users are completely transparent.Additionally, skeptics worry that malicious users can trace public keys and addresses (which is a way to represent sender and receivers, although made up of random numbers and letters) back to specific users. If this were the case, then a user's transaction history would be completely viewable and accessible to anyone, resulting in what some consider to be a lack of privacy.

Decentralization

Another concern lies in the fact that, due to blockchain's decentralized nature, a central authority is not surveilling for malicious users and attacks. This creates a concern that users might be able to hack the system anonymously and escape unscathed. Because public blockchains are not controlled by a an all-powerful third party, a false transaction enacted by a hacker that has a user's private key cannot be stopped. Additionally, because blockchain ledgers are shared and immutable, it is not possible to simply undo or reverse a malicious transaction.

Private Keys

As previously stated, private keys essentially provide a way to prove ownership and control of cryptocurrency. If someone simply has access to another user's private key, they are able to access and spend these funds. Because private keys are crucial to accessing and protecting assets on the blockchain, users must store the private key safely. Many have run into problems with this, as storing it on a computer, flashdrive, or phone can propose potential security risks if stolen or hacked. Additionally, if a device is misplaced or lost that contains a user's private key, they no longer have access to their cryptocurrency. This creates issues of storage, as placing physical place (such as on a piece of paper in a lock) can be stolen and placing it online can be hacked or lost.

Cases of privacy failure[edit]

[edit]

MtGox

In 2014, MtGox was the world's largest Bitcoin exchange at the time located in Tokyo, Japan. However, the exchange suffered from the largest blockchain hack of all time. During the year of 2014, MtGox held an enormous portion of the Bitcoin market, accounting for more than half of the cryptocurrency at the time. Throughout the month of February, hackers infiltrated the exchange, stealing what amounted to 450 million dollars in Bitcoin. Many in the blockchain community were shocked at the time, as blockchain technology is often associated with security and this was the first major hack to occur in the space. Although analysts were able to track the public address of the robbers by looking at the public record of transactions, the person (or people) who committed the heist were not identified. This is a direct result of the pseudonymity of blockchain transactions.

DAO Hack

While blockchain technology is anticipated to solve privacy issues such as data breaching, tampering, and other threats, it is not immune to malicious attacks. In 2016, the DAO opened up a funding window for a particular project. Within this period of time, the system was hacked, resulting in the loss of what was (at the time) 3.6 million from the Ether fund. However, due to the ever-changing price of cryptocurrencies, the amount stolen has been estimated at a whopping 64-100 million dollars.

Coinbase

Coinbase-- the world's largest cryptocurrency exchange that allows users to store, buy, and sell cryptocurrency-- has faced a multitude of hacks since its founding in 2012. Users have reported that due to its log-in process that verifies login through personal phone numbers and email addresses, hackers have targeted the numbers and emails of well-known individuals and CEOS in the blockchain space. Hackers then used the emails of these individuals to change their verification number, consequently stealing thousands of dollars worth of cryptocurrency from Coinbase user wallets.

Peer Review Week 9

[edit]

Cal.oasis: I think your lead section does a good job explaining what blockchain is for those who know nothing about it. Regarding a small thing, cryptography has 2 hyperlinks; I think only one is necessary. Additionally, I think it would be helpful to explain what cryptography is. Overall, I think that your lead section is in good shape and has enough citations and hyperlinks.

I think you can separate your paragraphs into smaller sections to make it easier to read. Right now, with the large chunks, it makes it harder to retain information. For example in private and public keys, I think it would be good to separate the paragraph at “Additionally, each user…” and again at “however, it is suggested…”. Also, I think it would be helpful to readers to define important terms; for example, asymmetric cryptography, cryptocurrency, pseudonymous identities. Similarly in peer-to-peer network I think it would be helpful to provide a short definition of Bitcoin. Additionally, break up the section at “One the contrary…” and at “in other words..”. Otherwise I think that this section is thoroughly explained and has enough content. In private blockchains, I think you can divide the section at “Currently…” In Health Care Records, I think you should break up the section at “On top of these concerns...” In GDPR, after you make sure you define what EU when you first say European Union, add it in parentheses. All the other sections were an appropriate length and all content was easy to understand.

I think overall, the content of the article was good and thoroughly explained. I think the only problem I had was structure and the large chunks of information present. Additionally, make sure to define the terms within the article. I think the tone was good as it was encyclopedic and there were not biases that I could detect. Great job so far!

Peer Review Week 8

[edit]

Funfettiqueen response to peer review:

I do think that I need to be more conscious about adding hyper links as well as making the end of my lead section flow. As of now, I feel like I abruptly dived into how blockchain is applicable to privacy, which I think I may need to do in a smoother way. All of the hyper link suggestions that breadyornot gave me are super helpful! Also, I do need to revisit private blockchain section...right now, I think it seems a bit out of context and can be confusing to those that do not blockchain well. I am super into the way breadyornot suggested I reword one of the sentences, which will probably allow readers to understand it better. I also have noticed that I have yet to edit my article for grammatical mistakes which I can see (based on the peer review) needs to be done. I really like the suggestion about providing more background information on criminal activity on the blockchain, as I think it would be very interesting to readers and provide more context. The DAO and MtGox section could definitely and will be extrapolated on, so I was happy the reviewer brought that up.

Breadyornot:

Lead section:

[edit]

I like how the language is aimed towards a more public audience, rather than purely people with computer science related background. Possibly add a hyperlink for cryptographically, cryptocurrencies, cloud systems, (if available), this could help guide more people to your page. Change”misuses” to “misused” within the ends of the lead section: User information and data is often stored, mishandled, and misused, causing a threat to personal privacy. Rewrite the last sentence of the lead section potentially to clarify and create better flow: Currently, many are pushing for the widespread adoption of blockchain technology due to its ability to increase user privacy, data protection, and data ownership.

Blockchain and protecting privacy:

[edit]

Private and public keys: Make sure to add hyperlinks the first time something shows up - i.e. digital signatures. Overall, the entire passage was very clear and concise giving a good definition of how private and public keys work from a less technical perspective. 2. Peer-to-peer network Possibly link information to Satoshi Nakamoto, even if theres not a direct link to a Wikipedia article on him, could potentially link a segment of a portion of the blockchain page about him. Hyperlinks could be added to decentralization, cloud systems, broadcasted, nodes, and third parties. Overall, the entire passage was extremely clear, good job! 3. Private vs. public blockchain privacy

Private blockchain: Hyperlinks for permissions blockchains. I like how you reference other parts of your article within this section (the part about public blockchain ledgers) - this allows the reader to reference other parts of the article with greater ease of reading. However, I was still a bit confused when you discuss the use of nodes within private blockchains. How exactly do these function on their own and then in relation to private blockchains? The last sentence could be reworked to say "Concerns have emerged through this verification process, despite the blockchain’s added efficiency. To elaborate, private blockchains are not completely decentralized because the verification of transactions and control are put back into the hands of the centralized entity."

Use cases for privacy protection (is this the best name for this - maybe simplifying to privacy protection is better - the cases are outlined in subheading underneath already).

[edit]

Financial Transactions: You hyperlink Satoshi Nakamoto in this section - make sure to do this in the sections before as well. First sentence is confusing, what do you mean by “…many known blockchain for its potential in financial applications”? Hyperlinks to business models, third party, and financial systems. Overall, great language used - make sure to say something about how third parties function in relation to blockchain, or add a hyperlink to make the comparison more recognizable.

Health Care Records: Provide an all-encompassing definition/topic sentence for this such as "Increasingly, health records are being transferred to the blockchain." This sentence is a bit confusing for me: Through placing medical records on the blockchain, health information would then be in control of the patient rather than a third party through patient's having a private and public key - maybe place links to these to another portion of your article explaining them. More so, maybe rework the sentence so the last portion does not seem like an add-on: i.e. By placing medical records on the blockchain, health information would be in control of the individual patient rather than through a third party’s public and private keys. Hyperlinks for data breaching and electronic health records (EHRs).

Legal - should this be included in the next section for legality?: Hyperlink for notarization. Rework the sentence "Similar to healthcare records, many are pressing for the adoption of blockchain technology in regards to the storage legal documents" to "Similar to healthcare records, many are pressing for the adoption of blockchain technology in regards to the storage of legal documents".

Legality of blockchain and privacy

[edit]

1. GDPR: Hyperlinks for European Union, data privacy legislation, and data erasure. Overall, great section! The information posited was very clear, I would only suggest adding a reference to wear you explained blocks within your article, just to keep the reader informed and able to reference other information to fully comprehend the extend of the legislature.

Blockchain Alliance: How has this become a hub for criminal alliances? A bit more information on the criminal background of blockchain could be beneficial. Hyperlinks for enforcement agencies and audit trail.

Fair Information Practices Importantly (first sentence) seems a bit bias, possibly get rid of this term and neutralize the sentence by heading straight into the topic.

Concerns regarding blockchain privacy

[edit]

Transparency: First sentence should clarify who “many” are, ambiguous as to the origins of the information - maybe describe any social movements (either online or in public) related to this to help bolster the position of the topic. Again, the concept of nodes and blocks is a bit unknown to the public audience, make sure to reference these section potentially in order to give greater access to the information being supplied.

Cases of privacy failure

[edit]

MtGox: Rework the first sentence, get rid of “at the time” since you already mention the year of its’ application. Add a hyperlink to hack. What are some reactions/critiques to this? More information/background could be beneficial since this only states the issue of hacking.

DAO Hack: What does DAO stand for? Put the whole name of the organization before the acronym. What period of time is this? - add the year or period to your second sentence since it mentions “Within this period of time…”. Why are cryptocurrencies amount values constantly changing? You mention this at the end of the portion, but I am not sure if this is addressed within the article previously - or potentially add a hyperlink to something referencing this from the main Blockchain Wikipedia page.

Peer Review Week 7

[edit]

Tommytheprius: I really like your lead section because it clarifies what Blockchain actually is and how it can help with privacy concerns. Your writing is very clear, and you do an amazing job of citing your sources throughout your article. On a stylistic note, I'm wondering why you use "could" so often instead of "can" because it reads a little awkwardly, but that's not a big deal at all. I think it was a good idea to change your article from Private vs Public Blockchain to Privacy and blockchain because the private vs public part works well as a subsection. Speaking of structure, I think you've generally organized your article really well. The one thing I'd consider when thinking about the layout is maybe putting the private vs public right after the lead section because it seems like it relates the least to the rest of the article. My only other suggestions are to add a See Also section and to finish filling in the bolded subheadings that have nothing under them, though obviously you were planning on doing that already. The tone of your article is very encyclopedic and perfect for wikipedia. You also made me think about including a small section about the GDPR in my own article. Great job so far!

Rainbowdolph: I really like the lead section! Maybe it might look better if you split where you start talking about the privacy aspect because formatting wise it might be easier to spot if someone were to just first glance at the page. This is just being super picky but "describing the technology behind the technology" in the peer-to-peer network is a little repetitive although I understand what you're trying to say. Maybe just clarifying it so it flows a little bit better would be good! For private vs. public blockchain privacy, do you need to have a sub-heading? Are you going to add more to this section? Additionally this paragraph had a lot of bouncing back and forth on the perspectives and it was a little hard to follow. There was just a lot of there was this critique, however this, but on the contrary, but while the opposite is also happening at the same time. Is there going to be like a solutions or next steps or what steps are being taken in order to move on from the future? I think it would have a really nice round off at the end if you could add that, but also considering the subject is so new and like going on right now, there probably isn't a concrete solution at the moment. I think your page is really good overall too because I couldn't see bias, I could see when you write about skeptics or critics and because of that I didn't really hear your opinion but rather you writing what someone already said and it just so happened to be in a passionately opposing view.

Peer review responses from Funfettiqueen: Once again, it was super nice to hear someone that does not have previous exposure to blockchain technology state that I had a sufficient outline and description of it. Also, I do understand the confusion that comes from "could" tense; while I recognize that it can come across as unclear, I tend to use "would" since blockchain technology is still in its nascent state and not widely adopted; a lot of development and applications are still very much in its early stages, so it is not possible to do clear assessments. Additionally, I really appreciate Tommytheprius' comment o the organization of sections. It makes a lot of sense to move the private vs. public blockchain section. Also, rainbowdolph's critique on my wording is super helpful. In the private vs. public section, I also think that I need to clarify the pros and cons.

Peer Review Week 6

[edit]

Funfettiqueen response to Cal.oasis: Once again, I am glad to hear that my topic is understandable, as I have dedicated a large portion of my time with this topic digesting information and thinking how to best word it for those who have no prior exposure to blockchain. Additionally, I do think that some subsections are a little empty and that more information could be used. This week, I am planning on doing finishing touches by adding a couple sentences within my article to expand on certain topics. However, I do think that I should add more hyperlinks to my page, as there is a decent amount of jargon included.

Cal.oasis: Regarding content, I think that there is sufficient information in each section; I was able to understand the topics you were discussing. You could expand on the supply chain section and give specific examples of these cases. Otherwise I believe that each section has enough content. I think you did a good job in providing enough background information so that readers who are unaware of what block chain is can understand the topic well. Regarding tone, I think that the tone is unbiased and the writing itself is easy to understand. Finally, regarding sources, I think that they are reliable and the hyperlinks work.

PandaFantasy: Firstly about the lead, it is good that the lead paragraph has a clear comparison between privacy and blockchain, which make it possible for audiences to understand the relationship between privacy and blockchain easily. Besides, another thing I find wonderful is that it gives a good overview of the rest of the articles, showing us the current situation of blockchain technology as well as it advantage on users' privacy. One part I don't understand is "structure to solutions", I am not sure about the bold sentences, maybe it is the subheading of some unfinished parts. I think the structure of the whole article is very clear, and in each section, the content is unbiased, and I noticed that nearly every sentences is based on some journals, which is really reliable. The last thing I want to mention is that the details of some subsections are not quite balanced, which is very normal as it is just the first draft. In all, it is a great draft regarding the lead, the resources, the structures as well as the tone.

Peer Review Responses from Funfettiqueen: I was super excited to hear that people who do not have background in blockchain understood my wiki article, since that was a very large concern of mine when beginning to tackle such a topic. I definitely agree that I need to expand; since I changed my topic last week, I had no outline and was not quite sure where my article would be leading to, so I do need to create a clearer picture of that and expand on each section as both peer reviewers stated. Additionally, I do think that "structure to solutions" is pretty confusing, so I will work on changing that heading to something more understandable.          

Annotated Bibliography for my article:

[edit]
  1. M. Crosby, Nachiappan, P. Pattanayak, S. Verma, V. Kalyanaraman. 2016. "Blockchain Technology: Beyond Bitcoin." Applied Innovation Review, no. 2 (2016): 6-19.
    1. In this article, the authors provide an introductory explanation of blockchain technology. They focus on how blockchains are distributed databases of records where transactions are recorded. This ledger, which is shared and accessible to participating parties, contains all “transactions” made. Rather than trusting a third party or centralized entity to verify transactions, blockchain technology relies on consensus protocols to do so. The authors set the scene by laying out the currently digital economy, which, as stated, puts trust in an authority. This outside party is in charge of data, privacy, digital assets, etc. Unsurprisingly, these authority figures can mishandle data. The authors of this piece relay the idea that blockchain is a decentralized solution for currently problems posed by a centralized system. They focus on blockchain’s first application, which was Bitcoin. The authors explain the process of making and verifying transactions on the blockchain. The authors then dive into financial and nonfinancial applications where blockchain technology can be adopted. After this introductory explanation, the authors dive into financial and nonfinancial applications for the blockchain, such as insurance, documents, music copyright, etc. Importantly, the authors pose the clear risks to adopting blockchain technology. They expand on the idea that people often are resistant to change and that scaling the technology may be difficult, as the current system relies on participants to download the history of transactions. This article provides a fundamental understanding of blockchain technology to readers, which I believe is important when explaining blockchains to others with a nontechnical background. Additionally, their explanation of possible applications clearly illustrate the current state of certain use cases along with explaining how blockchain technology could provide more security. Particularly, I found it interesting that in the use case of document storage, people place a lot of trust in third parties to hold confidential and private files.
  2. Dominique Guegan. 2017. Public Blockchain versus Private blockchain. Documents de Travail Du Centre d’Economie de La Sorbonne. Retrieved from https://libproxy.berkeley.edu/login?qurl=http%3a%2f%2fsearch.ebscohost.com%2flogin.aspx%3fdirect%3dtrue%26db%3dedsrep%26AN%3dedsrep.p.mse.cesdoc.17020%26site%3deds-live
    1. In Guegan’s paper “Public Blockchain versus Private Blockchain”, he provides an introductory explanation of blockchain technology, followed by reasons why it should be adopted in financial institutions. Additionally, he provides alternative use cases. He begins the paper by describing blockchain cryptography; a practice that is used to secure transactions. He dives into specifics, such that Bitcoin blockchain uses asymmetric algorithms. These consensus protocols involve private and public keys assigned to users. The author also focuses on its security through a process of mining, yet explains the dangers of tampering or modification by 51% attacks. Importantly, he creates a clear distinction between public and private blockchains. He simply defines public blockchains as blockchains that allow anyone to participate and verify transactions. Contrastingly, private blockchain limit access and must grant participants access. The people selected are the only ones able to verify transactions and the consensus process. He elaborates on the important fact that, unlike public blockchains, private blockchain consensus protocols do not involve mining or practices like proof of work. While this piece was very clear and provides easy-to-understand definitions and explanations, the author did not reference many outside sources, which tampers with its credibility. However, the piece is void of any strong opinions and focuses strictly on objective definitions.
  3. Kshetri, N. 2017. Blockchain’s roles in strengthening cybersecurity and protecting privacy. Telecommunications Policy, 41, 1027–1038. https://doi-org.libproxy.berkeley.edu/10.1016/j.telpol.2017.09.003
    1. In Kshetri’s piece “Blockchain’s Roles in Strengthening Cybersecurity and Protecting Privacy”, he performs an analysis that compares current IOT ecosystems to blockchain technology. He outlines the current privacy and security issues with cloud systems. Consistently, Kshetri focuses on how IOT systems are very vulnerable to attacks, furthermore affecting all devices. Importantly, cloud systems involve intermediaries that store personal data; as of right now, consumers and users do not know what is being done with their personal data. Kshetri consistently argues for the point that centralized system problems could be solved using blockchain technology. For example, he discusses use cases such as supply-chain management and healthcare. He states that blockchain technology is more secure than cloud systems. Blockchain technology allows for individuals to control their own data, such as signed contracts or documents. Additionally, Kshetri makes it clear that hacking a blockchain network is much harder than cloud-based systems, as it requires more than 50% of the systems to be hacked due to its characteristic of distributed ledgers. Additionally, he points out that blockchains have a high level of privacy protections due to its cryptographic ways. Importantly, he defined permissionless blockchains (basically, a normal blockchain) as a blockchain where anyone can join. On the other hand, he defines a permissioned blockchain, or private blockchain, as a blockchain in which access must be granted by some authority. While the author of this article clearly has high spirits regarding blockchain technology, I found it important that he consistently points out drawbacks. For example, he focuses on blockchain’s new characteristics and how it is not well-developed and widely adopted. This article will be helpful for my research, as Kshetri points out clear use cases for blockchain that provides more privacy and security than our current IOT ecosystem.
  4. Wang, Y., & Kogan, A. 2018. Designing confidentiality-preserving Blockchain-based transaction processing systems. International Journal of Accounting Information Systems, 30, 1–18. https://doi-org.libproxy.berkeley.edu/10.1016/j.accinf.2018.06.001
  5. Primavera De Filippi. 2018. "The Interplay between Decentralization and Privacy: The Case of Blockchain Technologies;" Journal of Peer Production, Issue n.7: Alternative Internets: 0-16
    1. Primavera De Filippi’s article “The Interplay between Decentralization and Privacy: The Case of Blockchain Technologies” focuses on the contradictory properties of privacy in blockchain technologies. She provides very clear, introductory explanations regarding the idea of decentralization. De Filippi discusses how, currently, data is put in the hands of centralized authority, furthermore forcing users to put trust in said entity. She points out that while many flock towards the idea of decentralization for its press for user control and privacy, she brings up the point that in some ways, it appears to infringe on user privacy. She explains that in a decentralized system, user transactions are passed onto every node in the network. While the identity of each user in such a transaction is encrypted and disclosed, she talks about how this system is extremely transparent; anyone and everyone can gain access to transactions. However, she also argues for the benefits of blockchain technology; she focuses on the idea that in decentralized systems, no single entity controls personal data and information. She goes back to the main argument against “transparency”, stating that this accessibility of transactions is not a tradeoff for privacy due to the cryptographic power. Essentially, users identities are protected. Importantly, she explains that while these transactions are not anonymous, they are pseudonymous. Overall, De Filippi argues that the transparency of blockchain technology is not something to be worried about, as transparency and privacy are not incompatible. Throughout this article, I found that De Filippi’s approach was extremely unbiased. She notably addressed a common and valid counterargument regarding the transparency of blockchain technology; she clearly extrapolated on said concerns. However, in addressing her main point that blockchain continues to protect user’s privacy, she provides a digestible thesis and explanation. This article is extremely vital to my research, as De Filippi provides comprehensible explanations on privacy and blockchain technology.
  6. Catalini, C. and Gans, J. 2018. "Some Simple Economics of the Blockchain" National Bureau of Economic Research. 1-18.
    1.      In the piece “Some Simple Economics of the Blockchain”, the authors explore the economics behind blockchain technology and how costs of verification and networking can decrease if this technology is adopted. Importantly, they highlight how when Bitcoin and other cryptocurrencies became widespread, investors strongly believed that blockchain technology would increase both the number of users and security. They elaborate on the idea that blockchain – by getting rid of a third party to verify transactions – greatly reduces the cost of verification. Traditionally, systems paid fees to intermediaries to watch and surveil transactions. However, blockchain technology gets rid of this cost and the need for a hired person. Another important aspect of blockchain technology that they focus on is that by allowing for open-source production, the cost of networking also decreases. Additionally, the authors bring up the point that this technology particularly opens up opportunities for groundbreaking approaches to data ownership, privacy, and other use cases. While this piece provides important information regarding blockchain privacy, I found that its appendix specifically defines public and private blockchains, which will be helpful for my research. The authors share that public, or permissionless, blockchains allow any user with software to participate in the verification of transactions. On the other hand, in private (also known as permissioned) blockchains, participants must be specifically granted access to view transactions and add blocks. However, the authors bring up the issue that private blockchains mimic the functionality of data bases that are already widely used today. This article may contain some bias, as blockchain enthusiast tend to contend for the widespread adoption of blockchain technology; they often persuade people that it will increase security and privacy. Therefore, the high spirits about how this technology could greatly reduce costs may be biased.
  7. G. Zyskind, O. Nathan and A. '. Pentland. 2015. "Decentralizing Privacy: Using Blockchain to Protect Personal Data," 2015 IEEE Security and Privacy Workshops, San Jose, CA, 2015, pp. 180-184
    1.   In Zyskind, Nathan, and Pentland’s paper “Decentralizing Privacy: Using Blockchain to Protect Personal Data”, they talk about how Bitcoin provides secure ways of personal data management. Particularly, by getting rid of a third party intermediary, user experience transforms in a way that allows users to have complete control and ownership of data that is stored on the blockchain. The authors contrast this statement with the idea that current systems that require a centralized owner, user data is unknowingly stored and collected. Throughout the piece, the authors continue to emphasize the privacy concerns that exist with typical data storage by third party services. The authors argue that, with blockchain technology, users do not have to address particular permission controls since their data is completely controlled by themselves. They delve into blockchain practices that preserve privacy; through pseudo-identity mechanisms that involve private and public keys, user identities are private. Overall, the authors aim to communicate how personal data – when put in the hands of a centralized system – is subject to mishandling and misuse. On the contrary, blockchain technology poses solutions to these problems. While this piece gives a clear outline of how blockchain can solve user privacy and data security issues, it does not address possible downfalls and tradeoffs of the technology; this creates a distorted analysis.
  8. Dominique Guegan. 2017. "Public Blockchain versus Private blockhain". Documents de travail du Centre d’Economie de la Sorbonne 2017.20 - ISSN : 1955-611X. 2017.
  9. De Filippi, P., Wright, A. 2018. “Blockchain and the Law: The Rule of Code” Harvard University Press. pp. 107-116
    1. This brief chapter in the book “Blockchain and the Law: The Rule of Code” talks about how blockchain applications can be adopted by institutions and applications other those regarding financial payment and contracts. The authors highlight how blockchains provide a place to store tamper-resistant certified information and public records. De Filippi and Wright state that, in order for blockchain technology to ensure privacy and security, blockchain companies must address these concerns. Once again, they delve into use cases of storing information on the blockchain; by doing this, citizens could have access to said information whenever they please. Additionally, this information—once stored on the blockchain—is close-to-impossible to delete. This way, users do not have to worry about third parties losing, tampering, or mishandling data and documents. Some examples of this include property documents, birth certificates, and licenses. This use-case decreases the need for parties, such as the government, to own and store data. Therefore, the authors conclude that this could increase national security and protect against data hacks. Importantly, the authors address potential downfalls of blockchain technology regarding security and privacy; they state that the tech must garner political support, since blockchains can be attacked by malicious parties. They bring up the point that, because blockchains are characterized by the fact that everyone has access to the ledger, this global access could result in a privacy concern for users. Malicious actors could potentially connect public keys to individuals. This article presented an extremely impartial and thorough analysis of both benefits and concerns of blockchain technology.
  10. Melander A., Halvord E. 2017. Blockchain – What it is, and a Non-financial Use Case. EXAMENSARBETE INOM TEKNIK, GRUNDNIVÅ, 15 HP STOCKHOLM, SVERIGE 2017. pp. 12-22
    1.   Throughout pages 12-22 of the journal “Blockchain- What it is, and a Non-financial Use Case”, the authors give an overview of blockchain technology. They provide an explanation of the database structure, which is comprised of distributed ledgers that can be accessed by anyone. They expand on the idea that in a distributed ledger, each peer in a particular network gets the same, updated version. They then dive into characteristics of P2P, or peer to peer networks. These type of networks have no centralized third parties. Additionally, they are robust and one single failure does not compromise the whole system. Melander and Halvord specify different node roles, such as full and light nodes. Following this, they dive into specifics of blockchain protocols and continue to define terminology such as a hard fork and soft fork. Importantly, the authors then differentiate between private and public blockchains. They specify that, in private blockchains, there is a direct control of participants. They share that currently, many companies are aiming to incorporate private blockchain technology into business practices. However, the authors bring up the point that many believe private blockchains are too similar to classic databases; by controlling access to a particular blockchain and having only permissioned nodes to participate, many think that centralization is once again introduced. Following this, the authors clearly define public, private, permissionless, and permission blockchains. They define private blockchains as blockchains where “direct access to blockchain data and submitting transactions is limited to a predefined list of entities” and permissioned blockchains as “transaction processing is performed by a predefined list of subjects with known identities”. Throughout this piece, I found that the authors provided ample references and two-sided takes when performing analyses. The list of benefits of private vs. public blockchains provided by the authors will be extremely useful to my research; a large part of understanding the two is through comparing them. Also, I found it interesting and vital to my research that how, in a private blockchain, users are known, so identity decreases privacy. However, this also decreases the likelihood of malicious attacks.
  11. Goldfeder Steven et al. 2018. “When the Cookie Meets the Blockchain: Privacy Risks of Web Payments via Cryptocurrencies.” Proceedings on Privacy Enhancing Technologies, Vol 2018, Iss 4, Pp 179-199 no. 4 (2018): 179. doi:10.1515/popets-2018-0038.
    1. In Goldfeder et al's article "When the Cookie Meets the Blockchain: Privacy Risks of Web Payments via Cryptocurrencies", the authors explore ways in which users' privacy can be comprised when paying with cryptocurrency. They importantly highlight how websites are often surveilled and filled with third party trackers that attempt to gain information about user activity and personal information. The authors focus on how if consumers pay with cryptocurrency on merchant sites, third party trackers can identify ample information about the transaction. By doing this, the tracker can then link an identity to the specific transaction; the transactions, which were once pseudonymous by being represented by a public key, are no longer anonymous. Additionally, the authors talk about how some blockchain systems, multiple public keys are generated to improve user privacy so that an identity is not associated with a singular key. This then makes it harder for malicious trackers to attach a specific identity. However, the authors explain that, even with multiple addresses, user identities can still be linked by trackers through different hacking systems. Additionally, the authors conducted research that revealed that 17/130 bitcoin accepting merchant websites sent addresses and other information of users to third parties. The authors of this article referenced and utilized ample sources. Additionally, the way in which they conducted an in-depth research experiment increases the validity of the article. On the other hand, it appears that the authors are rather skeptical of blockchain technology, which will furthermore cause their article to contain bias.
  12. Dagher, Gaby G. et al. 2018. “Ancile: Privacy-Preserving Framework for Access Control and Interoperability of Electronic Health Records Using Blockchain Technology.” Sustainable Cities and Society 39 (May 1, 2018): 283–97. doi:10.1016/j.scs.2018.02.014
    1. In Dagher et al's piece "Ancile: Privacy-Preserving Framework for Access Control and Interoperability of Electronic Health Records Using Blockchain Technology", the authors give an in-depth explanation of a possible blockchain-based solution to data breaches in the healthcare sector. They extrapolate on the current state of health records, and how they notably lack in privacy and often result in misuse. Throughout the article, they focus specifically on EHRs, or electronic health records. Currently, EHRs are managed by providers who then store records in data bases. However, this results in security issues, as the databases can get hacked and tamper with records. Additionally, if data is altered, there is a struggle to retrieve the correct information. The authors of the article pose an outline for "Ancile", which is a system they created to give patient's control and ownership of their own health records. Additionally, this allows for the tracking and transfer of records as well. Ancile proposes a solution that uses smart contracts, or blockchain technology that allows for nodes to execute a particular function given in a "contract". The authors state that Ancile allows patients to securely store, transfer, and protect their health records in a way that wards off malicious users. This article is extremely relevant to privacy, as the authors clearly explain current privacy threats to the healthcare record system and how blockchain could solve it. Additionally, it seems as though the authors have done intense research on the topic, as they cite other sources throughout the article. It is also important to note that the authors do bring up the struggles that come with the newfound nature of blockchain and that this lack of development could be a detriment to solving such solutions.
  13. Berberich, M.; Steiner, M. 2016. Blockchain Technology and the GDPR: How to Reconcile Privacy and Distributed Ledgers. European Data Protection Law Review (EDPL) 2(3), 422-432.
    1. In Berberich and Steiner's piece "Blockchain Technology and the GDPR: How to Reconcile Privacy and Distributed Ledgers", the authors discuss the EU's new data privacy law-- GDPR-- and how the rise of blockchain technology complies (or may not comply) with such legislation. GDPR, or the General Privacy Data Regulation, is a set of data regulations that applies to people that control data in the EU or those who process data of people in the EU. The authors bring up the fact that blockchains and their nature of decentralization may pose issues with GDPR. Importantly, they discuss how private blockchains will likely comply and have GDPR apply. This is because, in private blockchains, there are a few known and identifiable "data controllers". On the other hand, public blockchains operate in a way that every node in the system has the ability to verify and access transactions. Because of this, it is hard to delegate any specific user as the "data controller". The authors talk about how this would then fail to meet the standards of GDPR; GDPR requires there to be a known data processor. The authors also bring up the concept called privacy by design and how GDPR requires that data controllers and processors must "implement technical measures in line with data protection principles". However, because transactions on blockchains are viewable by all, it is possible that this technical aspect could not comply. On the contrary, blockchain's strong encryption technology implies strong data security, which could possibly be in line with PbD (privacy by design). Overall, it is clear that blockchain technology will create a complicated relationship with GDPR and could possibly be incompatible. This article will be helpful for my article, as I have not discussed the legality of blockchain technology and believe it would be an interesting addition to the relationship between blockchain and privacy. Additionally, the authors present a very unbiased description, as they take time to dwell on both the pros and the cons of how blockchain technology could function under GDPR.
  14. Wahab, Jad. 2018. “Privacy in Blockchain Systems,” https://libproxy.berkeley.edu/login?qurl=http%3a%2f%2fsearch.ebscohost.com%2flogin.aspx%3fdirect%3dtrue%26db%3dedsarx%26AN%3dedsarx.1809.10642%26site%3deds-live.
    1. Jad Wahab goes into an in-depth analysis about privacy and how it operates within blockchain systems. He focuses on how, currently, complete privacy on the blockchain is a difficult quality to achieve. Throughout his piece, he continuously reiterates that in its nascent state, work still needs to be done in regards to privacy protection. He describes blockchain as a "digital ledger in which transactions are recorded chronologically and publicly" and states that since the technology is not fully developed, there are hindrances and shortcomings. Importantly, he brings up the common complaint that public blockchain systems like Bitcoin publicize every transaction; these transactions can then be traced back to their origins. Additionally, he focuses on other large blockchain systems such as Ethereum and brings up the fact that unfortunately, these privacy preserving systems are not cost-effective and rather slow. Wahab brings up a possible solution called indistinguishability obfuscation. This is a system, rather than being able to view each transaction on its own, transactions are mixed up. Users cannot trace transactions. However, Wahab discusses blockchain applications that currently use this and outlines their downfalls. He also brings up the fact that secure multi-party computations may be a more efficient approach to indistinguishability obfuscation, but ultimately concludes that there are clear shortcomings and inefficiencies that cannot be ignored. Overall, Wahab concludes that, in order for blockchain technology to promise complete privacy, developments must occur. He does bring up the belief that blockchain is going in the right direction and that developments on the technology are occurring at a rapid pace, promising a secure future. As many other critics do, he claims that scalability on the blockchain is a large detriment to achieving privacy. When reading this article, I felt that the author was only presenting one-sided opinions. Additionally, his sources did not seem very reliable; a lot of them were drawn from websites. However, he did provide deep analyses about existing companies and did in-depth research about them.
  15. Harry Halpin, Marta Piekarska. Introduction to Security and Privacy on the Blockchain. EuroS P 2017 - 2nd IEEE European Symposium on Security and Privacy, Workshops, Apr 2017, Paris, France. IEEE
    1. Halpin et. al's article "Introduction to Security and Privacy on the Blockchain" focuses on explaining blockchain and its current state. Their main claim is that privacy and security research about blockchain must happen in order for developments in the industry to be made. They aim to provide readers with a base-level understanding of blockchain technology. They state that blockchain is essentially a list of verifiable data shared amongst every participating node in the network. According to the authors, blockchain has data integrity due to its decentralized nature. However (as agreed by many other authors writing about blockchain and privacy), the authors state that blockchain still struggles to ensure anonymity. Rather, blockchain users are promised pseudonymity, as their public key corresponds to their identity. Due to this pseudonymous mechanism where users are represented by their public key, there arises a lot of confusion regarding privacy and anonymity on the blockchain. As a result, blockchain privacy mechanisms are not formalized. Interestingly, the authors bring up how Satoshi Nakomoto, the anonymous creator of Bitcoin, never fully stated privacy and security concerns. The authors once again press that people in the blockchain space must conduct more research regarding this topic along with widespread and standardized vocabulary regarding blockchain privacy and security. By focusing on transactions, the author discusses how pseudonymity is required for blockchain to function. In order to verify transaction and confirm that users did not double spend, or spend money or BTC that they do not have, it is necessary to go to the public ledger and look at all transactions of a specific user. The authors claim that in order for true privacy, blockchain must undergo many changes. They delve into technical solutions, such as mechanisms called "Confidential Transfers" and "Zero Knowledge Proofs". Additionally, they state that some blockchain companies plan to increase privacy by adopting mixing schemes. This means that transactions from particular Bitcoin users would be mixed together, making it difficult to see transactions by one user. However, this brings in the need for a third party once again, which brings up the concern of centralization. This article will be useful to my research, as it explains clear doubts that arise when examining blockchain technology and privacy. However, it seems that the authors focus particularly on Bitcoin, which is only one subset of blockchain tech. Additionally, the authors did not reference many articles, which makes it seem as though many claims are opinions.
  16. Nicola Fabiano. 2017. Internet of Things and Blockchain: Legal Issues and Privacy. The Challenge for a Privacy Standard. IEEE International Conference on the Internet of Things.
    1. In Nicola Fabiano's article "Internet of Things and Blockchain: Legal Issues and Privacy. The Challenge for a Privacy Standard", she writes about legal issues with IOT. Currently, IOT allows users to transfer data on the internet. However, this poses extreme privacy concerns for many users, resulting in a multitude of data breaches each year. She stresses the fact that individual privacy is important when using technology. Additionally, she focuses on legal issues relating to privacy and data protection with blockchain. Throughout her article, she uses and focuses on the definition of privacy by design as stated by the GDPR. She begins her article by outlining current IOT threats; she states that, when using IOT, people are at risk of profiling, geolocation, and data breaches. This happens during data processing by a central, authoritative figure. Her guiding statement is that even if a piece of technology is secure, it is not necessarily private. She then focuses on the idea of "privacy by design", and states that if things are constructed with privacy be design in mind, then there would be no need for companies to constantly rely on regulations and laws to combat privacy threats. She states that, in order to ensure privacy, companies must keep the user in mind; by putting the user's privacy first, privacy by design is instilled naturally. Overall, her main statement regarding this is that creators of applications must start building from the standpoint of user privacy. She then delves into the details of blockchain. While blockchains promise security of transactions, there exists an issue of computational power. She then goes to argue that blockchain technology is not designed for user's privacy, but rather the design focuses more heavily on the need to create financial transactions. She then goes on to bring up that blockchain poses concerns, such as that, is a public key is somehow associated with a particular individual, their identity would furthermore be revealed along with every transaction they ever made on a blockchain. Ultimately, she concludes that privacy by design is the safest bet to ensure user privacy. Additionally, she brings up the statement that there should be a standard framework adopted nationally to measure privacy. While reading this article, I found it interesting that she focuses heavily on user privacy. However, the jargon and writing style she deployed included many grammatical mistakes; this brings up concerns regarding the credibility of such article. She also did not reference many sources and includes a decent amount of opinionated statements.
  17. Kumar et. al. 2017. Blockchain technology for security issues and challenges. IoT. International Conference on Computational Intelligence and Data Science
    1. In Kumar et. al's piece "Blockchain technology for security issues and challenges, the authors focus heavily on prevailing issues in IOT exchanges. In IOT systems, a central server deals with many exchanges and therefore leads to security and privacy issues. They focus on how, in order to combat these issues, blockchain could possibly contribute to solutions. They importantly define IOT as technologies of communication, information, etc. They claim that by eliminating this central authority in IOT transactions through blockchain technology, privacy and security problems could be solved. Following this thesis, the authors then bring up existing challenges with IOT. They state that currently, data of individuals are constantly being passed around and transferred among systems. This then leads to an immense amount of lost and mishandled data. In order for readers to understand blockchain technology, the authors give a history and short, non-technical explanation. They focus on the fact that, in order to record transactions on the blockchain, participants must create transactions, validate the transaction, and then this transaction is then recorded on the blockchain. Once verified and placed as a block, transactions cannot be modified or altered with. This creates a level of security that IOT does not provide, pressing many to have high spirits about blockchain and security. Additionally, they discuss how every node gets access to these transactions through a distributed ledger. As stated before, this distributed ledger is tamper-proof. They go on to state that blockchain technology has a wide range of potential and possible applications, such as the field of agriculture, business, finance, etc. However, they close the piece by expressing deep concerns and challenges within blockchain. They state that, because it is a recent development, the work done thus far is very limited. Going along with this, there is also a lack of skilled workers in the space. Lastly, which is a complaint shared by many, blockchain is currently not scalable. While this author provided a decent amount of citations, the tone and rhetoric of the article was not professional. This draws concerns regarding the credibility of the article. However, I found it useful that the authors extrapolated on existing issues with IOT.
  18. JOSHI, ARCHANA PRASHANTH, MENG HAN, and YAN WANG. 2018. “A Survey on Security and Privacy Issues of Blockchain Technology.” Mathematical Foundations of Computing 1 (2): 121–47. doi:10.3934/mfc.2018007.
    1. In Joshi et. al's piece "A Survey on Security and Privacy Issues of Blockchain technology, the authors explore the possible challenges regarding blockchain technology and its interplay with privacy and security. The piece focuses heavily on providing readers with a clear, straightforward understanding of blockchain technology and how it works. Firstly, they go over its characteristics and functionality. They include the mechanisms of its peer to peer network; the authors explain how copies of transactions are broadcasted to every node, or computer in the network. This then allows nodes to verify and authenticate transactions by protocols such as Proof of Work and Proof of Stake. This furthermore implies that there is no need for a central authority to be solely in charge of such data management. The authors also delve into the logistics of private and public keys. They straightforwardly explain how blockchain transactions are signed and verified through public and private keys. These keys, which are mathematically related to each other, are used differently. Private keys are private to each user and are used to verify actions such as sending money or receiving money. However, users are associated with their public keys, which can be seen by every node participating in a network. Lastly, they focus on blockchain's key characteristic of immutability. In simpler terms, immutability refers to the fact that blockchain transactions (once they are verified and recorded as a block) cannot be altered or deleted. This ensures that data has not been tampered with. The authors also define security of blockchains as "the protection of transaction information and data against threats" and privacy of blockchains as the "user's ability to perform transactions without leaking identification information". They then express their concerns for such topics, which lies in the fact that public key transactions are available and visible to everyone. Overall, the authors conclude that blockchain technology could be adopted in a wide range of areas, but there exists some privacy issues that come with this adoption. They aim to ultimately provide the infrastructure of such technology and how it can furthermore support many different areas for data storage. I found that this piece was very unbiased, as everything was presented in a matter-of-fact way. Additionally, I found that this paper had one of the most comprehensible explanations of the technology, which I will definitely be using in my section "blockchain and how it protects privacy".
  19. Androulaki et al. 2016. “Evaluating User Privacy in Bitcoin” NEC Laboratories Europe, Zuerich Switzerland
    1. Androuluki et al. discuss the multitude of privacy concerns when it comes to Bitcoin transactions. They focus on how, in blockchain technology, transactions are publicly shared and displayed with all participating nodes in the system. In order to conduct research regarding the topic, the authors created a simulator that mimicked the use of Bitcoin in a University setting. The authors give a clear, but high level introduction of Bitcoin technology. They highlight how, on the Bitcoin blockchain, users sign transactions and are prevented from double-spending their coins. Users also receive their own private and public key; the public key functions as an address, allowing other users to send BTC. However, when transactions from a certain user are made, their public key is presented to the whole blockchain. Additionally, the authors bring up that timestamping raises crucial concerns about privacy on the Bitcoin blockchain. They state that a malicious user could potentially track expenditures of a particular user. Throughout their study, they measure privacy using activity unlikability (the ability for someone to link 2 different public addresses to a particular user) and profile indistinguishability (the ability for users to reconstruct the profiles of all users in a blockchain). In order to asses the level of privacy in the Bitcoin blockchain, the authors ran a simulation of transactions in a university setting. By running this, the authors were able to gauge the level of security that exists in Bitcoin if it were widely adopted. Their results concluded that within their experiment, 40% of users profiles were unveiled, regardless of the fact that some went an extra mile to enhance their privacy by creating multiple public addresses. Ultimately, they concluded that, in its current state, Bitcoin transactions are not necessarily private or safe. Through the authors' intense research and simulation, they clearly put a substantial amount of time, effort, and factual evidence into their analysis. Unlike many articles I have come across, this was the first to present an overwhelmingly skeptical regarding privacy on the blockchain. Additionally, this was the first academic article that conducted empirical research.
  20. Li X, Jiang P, Chen T, Luo X, Wen Q. 2017. A survey on the security of blockchain systems, Future Generation Computer Systems
    1. "A Survey on the Security of Blockchain Systems", written by Li et. al, explores security threats to blockchain applications. In order to conduct this analysis, the authors focus on past attacks and threats to real blockchain systems. Particularly, they focus on the DAO hack of 2016. DAO, or the Decentralized Autonomous Organization was created on the Ethereum blockchain. In 2016, the DAO created a crowdfund on the blockchain, which clocked in at the biggest crowdfund. However, a malicious hacker found a downfall in code, furthermore prompting them to steal 3.6 million Ether. Additionally, the authors touch on a MtGox hack. MtGox was the largest Bitcoin exchange in 2014 and was later hacked, resulting in 450 million dollars in Bitcoin stolen. The authors then go into providing a beginner explanation about blockchain technology, delving into the consensus protocols and how this guarantees reliability, consistency, and decentralization. They go on to discuss the multitude of consensus protocols, which include Proof of Work, Proof of Stake, PBFT, and POB. However, they then bring up common risks within these mechanisms. In consensus protocols, user's must trust that other users who are "mining"-- or verifying-- transactions are being honest. While an attack on the blockchain is highly unlikely, there is a possibility for a 51% attack. This occurs when a miner has over 50% of the hashing power, which could allow them to manipulate and alter blocks. This is due to the fact that the "authentic" block is that which has the largest chain; if a majority of the miners (which, in this case, is a malicious user) want to manipulate a block, they could use their power to create this largest block. Additionally, the authors discuss how, if a user had their private key stolen, there would be serious threats. The authors therefore conclude that there exists some risks in the blockchain, which are exemplified by attacks that have occurred in the past. They then discuss highly technical solutions to such issues, such as code obfuscation. Due to the fact that the authors did a case study on previous events and attacks that occurred in blockchain systems, their statements are credible and factual. Additionally, their explanation of past hacks will be useful to my section about "past privacy failures".
  21. Tom W. Bell. 2016. "Copyrights, Privacy, and the Blockchain," Ohio Northern University Law Review 42, no. 2 439-470
    1. In Bell's piece "Copyrights, Privacy, and the Blockchain", he discusses potential applications that could be built on the blockchain for anonymous/masked authors. He starts out the piece by explaining how anonymous authors do not get to reap the benefits of copyright laws. This is to the Copyright Act that is currently legally enforced; the act states that claimant's must provide their name in order to file for copyright registrations. Therefore, the author claims that, unfortunately, masked authors must choose between having the ability to copyright their pieces or maintain their privacy. Bell brings up the fact that in order to potentially enforce any copyrights, anonymous or pseudonymous writers must go through a third party to do so. Furthermore, the author begins to state that blockchain could be a potential solution to this problem. He provides readers with an overview of what blockchain is. He states that blockchain could function to both protect the identity of an anonymous/pseudonymous author while also give these authors copyright privileges. On the blockchain, authors could go by their public keys, or addresses. Therefore, if said authors interact with businesses, lawyers, etc., their identity would not have to be revealed blatantly. Additionally, blockchain would eliminate the need for an intermediary. Additionally, Bell claims that because of blockchain's timestamping technology, authors could enforce their copyright privileges. On the blockchain, activity is attached with a timestamp, signaling that a particular person had access to something like a document at a particular time. This timestamp is then projected to every node in the system. Through this, authors could prove that they created or had accessed to a document before others; this could protect authors from having their work stolen and claimed by others. However, Bell importantly brings up the fact that this would evidently not apply to work stolen in person. He builds off of this statement, saying that unfortunately, authors could not enjoy all the benefits of copyright through the blockchain. Ultimately, the power of the Copyright Act enforces the possibility that, in the case of a legal battle, anonymous/pseudonymous authors must reveal their true identity. He ends the piece by claiming that changes must be made to the Act in order to give masked authors legal rights and privacy. I found that this article was very unbiased, as the author clearly presented both hope and skepticism for the adoption of blockchain technology. Additionally, he provided ample research on the legal terms of the Copyright Act. This will be useful to my article, as it specifically discusses privacy and blockchain by connecting it to a use case I have never thought of before.
  22. Hardwick, F. S., Gioulis, A., Akram, R. N., & Markantonakis, K. 2018. "E-Voting with Blockchain: An E-Voting Protocol with Decentralisation and Voter Privacy," Retrieved from https://libproxy.berkeley.edu/login?qurl=http%3a%2f%2fsearch.ebscohost.com%2flogin.aspx%3fdirect%3dtrue%26db%3dedsarx%26AN%3dedsarx.1805.10258%26site%3deds-live
    1. In Hardwick et. al's piece titled "E-Voting with Blockchain: An E-Voting Protocol with Decentralisation and Voter Privacy", they propose an e-voting system built on the blockchain. E-voting, or electronic voting, has been discussed broadly lately. They extrapolate on the idea that currently, a large portion of young voters do not participate in elections. The authors believe that by adopting e-voting applications on the blockchain, it could attract and increase the number of young, tech-savvy voters. Hardwick et. al present the advantages of e-voting on the blockchain, which includes the possibility for greater transparency, anonymity, security, and immutability. However, unlike most proponents for decentralization, the authors state that in order for a secure system to exist, a central authority must be introduced in this system. They believe that this is necessary, as a third, central figure can authenticate that particular voters are eligible. They propose a system that, once voters authenticate themselves to a said authority, they are then given a token that represents and proves their eligibility. Their system allows for the control of voting in the hands of the actual voters. Similar to most other blockchain applications, voters would be signified by a public key, so their identities would be private. Additionally, the author's proposed solution allows for voters to change their mind about a vote within a particular voting period. Additionally, the authors stress that, by using blockchain technology, votes can be updated. Blockchain e-voting also ensures that votes cannot be changed or altered by a third party; once a vote is placed on the chain, it cannot be tampered with by an outside source. With its peer-to-peer nature, voters can make sure that fraudulent voters are rejected. Hardwick et. al's paper concludes by stating once again that e-voting is a potential solution to entice young voters to participate in elections. However, they importantly bring up the fact that, because blockchain technology is still growing and in its early stages, the technology is not able to reach its full potential. This article will be useful to me, as it clearly outlines a potential use-case for protecting privacy on the blockchain. The author's also conducted intense research and present an unbiased opinion; they clearly state their doubts while presenting hopefulness for a voting solution.
  23. Suzuki et. al. 2018. "Blockchain: How It Will Change Your Legal Practice," The Computer & Internet Lawyer. 5-9.
  24. Wieczner, Jen. 2017. “The 21St-Century Bank Robbery.” Fortune 176 (3): 52. https://libproxy.berkeley.edu/login?qurl=http%3a%2f%2fsearch.ebscohost.com%2flogin.aspx%3fdirect%3dtrue%26db%3dedb%26AN%3d124711446%26site%3deds-live.
  25. Wang, Yunsen, and Alexander Kogan. 2018. “Designing Confidentiality-Preserving Blockchain-Based Transaction Processing Systems.” International Journal of Accounting Information Systems 30 1–18. doi:10.1016/j.accinf.2018.06.001.
  26. Heroux, Mark. 2018. “Cryptocurrency: Compliance Challenges and IRS Enforcement.” Tax Adviser, October, 1. https://libproxy.berkeley.edu/login?qurl=http%3a%2f%2fsearch.ebscohost.com%2flogin.aspx%3fdirect%3dtrue%26db%3df5h%26AN%3d132130185%26site%3deds-live.
  27. Pooley, Gale L., and Larissa Lee. 2018. “Bits and Blocks: Navigating the Legal Landscape of the Blockchain Economy.” Utah Bar Journal 31 (3): 54–59. https://libproxy.berkeley.edu/login?qurl=http%3a%2f%2fsearch.ebscohost.com%2flogin.aspx%3fdirect%3dtrue%26db%3da9h%26AN%3d129643275%26site%3deds-live.

Why I am Creating the Article Private vs. Public Blockchains

[edit]

With spirits regarding blockchain constantly rising and falling, many people remain skeptical-- and intimidated-- by the technology. A large part of blockchain technology is spurred by the public's fear of big companies storing and controlling their data. While public blockchains (or, in other words, normal blockchains) allow anyone to verify transactions, private blockchains run on a completely different system. As of now, there exists no wikipedia article to explain the concept. This is a rather large and complex concept, but I want to explain it in a way so that the general public (especially those with a non-technical background) can understand the technology that many large companies are beginning to talk about adopting. Additionally, such a large incentive to adopt blockchain technology stems from the public's desire for privacy and the eradication of third party intermediaries. I think it is important to highlight the interplay between privacy and blockchain.

References for Privacy + Paparazzi

[edit]

While doing some research regarding paparazzi and privacy, I came across a law journal that touched on paparazzi and law.

  • After Princess Diana's death, manslaughter charges against paparazzi were filed, but ultimately thrown out. This trial -- which garnered mass attention from the public -- spurred the public to press for legislation against paparazzi. [1]

Information Privacy Evaluation

[edit]

A) Evaluating Content: 1) Is everything relevant to the article topic? Is there anything that distracted you? 2) Is there any information out of date? Is anything missing that could be added? 3) What else could be improved?

  • When reading the Wikipedia article for Privacy Information, I found the wording to be rather distracting. As we learned through training, a good Wikipedia article is presented in a way that is easily digestible and understandable to a standard audience with no prior information. For example, the sentence "Improper or non-existent disclosure control can be the root cause for privacy issues" is one of the many. To a normal reader with no prior knowledge about the topic, the term "non-existent disclosure control" can be rather confusing, as these terms are not in everyone's vocabulary.
  • Additionally, the first article includes the quote "Within academia, Institutional Review Boards function to assure that adequate measures are taken to insure both the privacy and confidentiality of human subjects in research.". I found this information to be out of context and unfitting for the opening paragraph. We learned that the first paragraph should serve to define and provide background information, but this seems very out of place and confusing to readers.
  • In the portion called "Information Types", a lot of the information is not contextualized and clearly explained. For example, in the Internet subheading, the author wrote "Browsing of web pages as well as other online activities should be done trace-less via anonymizers, in case those are not trusted, by open-source distributed anonymizers, so called mix nets, such as I2P or Tor – The Onion Router." Once again, many typical readers will have no idea what this means or implies about privacy. The use of advanced terminology is distracting and requires some outside research. I believe that in order to improve the reader's understanding of this topic, the author should provide short definitions for such terms.
  • For the Social Media section, the author's information is sparse and appears to be out dated. In today's day and age, social media is one of the dominating topics regarding privacy, yet this Wiki page only includes a few sentences about it and merely talks about pictures users are tagged in; nowadays, this does not seem to be the most relevant concern.
  • In the Cable television section, there is barely any information. The author places in a copy and pasted quote without any prior context.
  • Throughout the article, I found that the author focuses a lot of users emotional responses rather than facts.
  • Oddly enough, the article is lacking in information in a lot of subheadings, yet provides an extreme amount about the Safe Harbor program and passenger name record issues. After reading the article as a whole, I was a tad confused why so much weight was put onto this topic in particular.

B) Evaluating Tone: 1) Is the article neutral? Are there any claims that appear to be heavily biased towards a particular position? 2) Are there viewpoints that are overrepresented or underrepresented?

  • Throughout the article, I found that the writer's tone was continuously wary regarding privacy and often shared opinions from others that reflect paranoia about information privacy.
  • This tone is set in the very first paragraph, as the writer states "it is important to keep abreast of any changes in the law and to continually reassess compliance with data privacy and security regulations". Not only is the writer sharing an opinion by coming out and saying that it is important, but it instills a sense of worry from readers, prompting them to be cautious about their privacy.
  • After reading this Wiki article, I felt as though the writer did not provide possible positive viewpoints regarding information privacy. Rather than presenting some potential benefits, the writer focuses only on ways in which users should be vigilant in regards to their personal information.

C) Evaluating Sources: 1) Check a few citations; do the links work? Does the source support claims in the article? 2) Is each fact referenced with an appropriate, reliable reference? Where does the information come from? Are these neutral sources? If biased, is that bias noted?

  • As stated before, the writer sporadically placed a quote from a source without any context. In the Cable Television section, the writer did not give any background about the quote, so it was a bit out of place and odd.
  • When reading the article, I became aware that many sources were from other Wikipedia articles. While Wiki articles can be reliable, there is still a risk that the article(s) the writer took from also contain bias. As a whole, the article's sources would be improved if more sources were from other academic and scholarly articles.

D) Talk Page: 1) What kind of conversations are going on behind the scenes? How is the article rated? How does Wiki discuss this topic differ from the way we've talked about it in class?

  • Behind the scenes, this article received a decent amount of advice and criticism. For example, people in the past have edited it for containing biased opinions, which I found to be fitting. However, I believe that it still contains some of these subjective claims.
  • Additionally, another user commented that the sources used in this article might be irrelevant, as it focused on INFORMATIONAL privacy. Such user provided a pretty detailed reasoning for why the title should be changed to "Informational" privacy rather than information privacy. This catalyzed a pretty involved thread.
  • This article was given a C rating, which states that there are some errors and that it is lacking information. I saw this rating to be quite fitting. However, I was taken aback that this article has a "high" importance rating, but still is at C level.

Privacy concerns regarding Google Evaluation

[edit]

A) Evaluating Content: 1) Is everything relevant to the article topic? Is there anything that distracted you? 2) Is there any information out of date? Is anything missing that could be added? 3) What else could be improved?

  • At first glance, I was distracted how the first paragraph of the article focuses heavily on a quote from the Google CEO Eric Schmidt. While the CEO's statements about Google is obviously relevant to the topic, his proclamations about his own company will inevitably contain bias, so I think it is inappropriate to open up the article with them.
  • Additionally, it focuses a lot on the policy change in 2012, which I would assume is rather outdated. Recent years have been flooded with relevant news regarding Google and privacy, so I would expect the information to be more recent.
  • I found it to be distracting that the writer consistently would not provide context when making sweeping statements. One of the many examples is "Google was REPORTED to be working on an agreement with NSA", but it does not expand on who reported this. Additionally, it says that Street View was "accused" but, once again, does not elaborate on who and if it was an accurate accusation.

B) Evaluating Tone: 1) Is the article neutral? Are there any claims that appear to be heavily biased towards a particular position? 2) Are there viewpoints that are overrepresented or underrepresented?

  • Throughout this article, tone was my biggest criticism. The writer consistently only shares information regarding people being wary of Google + privacy.
  • By sharing quotes from people that have negative opinions about Google and the way in which they handle their privacy policies, I believe that it instills a sense of fear into readers, furthermore painting Google + privacy in a negative light. It provides no other opinions regarding Google.
  • In the section regarding Children's Online Privacy Protection Act, it states that Googles terms of service are "biased" and "heavy-handed" which is pretty ironic, as this statement is biased, too.

C) Evaluating Sources: 1) Check a few citations; do the links work? Does the source support claims in the article? 2) Is each fact referenced with an appropriate, reliable reference? Where does the information come from? Are these neutral sources? If biased, is that bias noted?

  • The writer takes a lot of their information from Consumer Watch Dog, which is a huge advocate for privacy. In turn, this automatically creates a sense of bias in the writer's sources and information.
  • In one portion of the article that is only connected to one source, it states that Google is "suspected" of collecting data. Once again, this lack of specification makes it hard to view the sources as credible and unbiased.
  • In the Gmail section, the article draws from a source that is centered on the idea that Google is "creepy", which of course contains a lot of heavy opinions and statements that are not unbiased.
  • Randomly, the writer shares that Steve Ballmer, Liz Figeuroa, Mark Rasch, and the editors of Google Watch believe gmail goes beyond proper use. It wold make the article better if the writer provided a differing viewpoint.

D) Talk Page: 1) What kind of conversations are going on behind the scenes? How is the article rated? How does Wiki discuss this topic differ from the way we've talked about it in class?

  • This article received a B rating, which I found to be pretty fitting. While it contained a decent amount of bias, I do think it was written well and in a clear manner.
  • One person commented on the fact that they changed some grammatical errors and the structure of the article.
  1. ^ Rehm, Emily. A (May 2017). "Breaking News and Breaking the Law: Reining in California's Criminalization of Paparazzi and the Intent to Photograph". Southwestern Law Review: 470–471 – via http://www.lib.berkeley.edu/. {{cite journal}}: External link in |via= (help)
  • From a page move: This is a redirect from a page that has been moved (renamed). This page was kept as a redirect to avoid breaking links, both internal and external, that may have been made to the old page name.