Tech Panelists Talk Privacy, Personal Data and “Right to be Forgotten”

During the Blockchain Futurist Conference in Toronto, a panel of industry professionals shared their outlook on personal data, privacy law and the notion of “the right to be forgotten.”

The “Future of Privacy” panel included speakers Nadia Diakin-Thibault, digital academy fellow from the Canada School of Public Service; Christopher Nguyen, technical operations coordinator at Brave Software and Dina Mainville, director of Canada, Bermuda and Caribbean sales at CipherTrace.

Technology has fundamentally changed the way that we look at privacy. As personal information, data flows and security intertwine they are becoming largely controlled by a small number of large corporations and government organizations.

Against this backdrop, panelists discussed core issues on the future of privacy, cross-border data flows and how to avoid any unwanted outcomes.

After the discussion loosely touched on the distinction between identity and persona, the panel surrounded how privacy is defined.

“In the law, the key phrase is personal information. In Canada, we treat privacy as a constitutional right, and in various other countries, it’s different,” said Diakin-Thibault. “In the US it’s more of a property right.”

Privacy has different meanings in different jurisdictions, and this creates complexities between countries—specifically when it comes to cross-border data flows, added Diakin-Thibault.

“Right now we’re in the middle of various treaty negotiations impacting cross-border data flows. Cross-border data flows are important because we’re negotiating with the US, a major superpower in how they want data to be localized, or not localized,” said Diakin-Thibault.

By comparison, views on cross-border data flows in Europe are different. Canada is also negotiating these types of deals with the European Union, Diakin-Thibault added.

CipherTrace is focused on tracking international flows of data. Specifically, when it comes to blockchain technology, the company identifies the source and application of the funds.

Mainville touched on how CipherTrace is working to solve similar cross-border issues. “We’re in the business of putting attribution layer on top of what would be publicly available to help people comply with AML standards when it comes to bitcoin and other pseudonymous cryptocurrencies,” said Mainville.

Blockchain technology can be either anonymous, or pseudonymous. In an anonymous blockchain, the person’s identity is unknown. A pseudonymous blockchain, such as bitcoin, will have its user be connected to an IP address, but the name and actual address of the sender will not be disclosed.

“Some protocols are meant to be anonymous- bitcoin is not, it is pseudonymous,” added Mainville.

As the discussion surrounded the question of digital anonymity, the panel moved to the question of physical anonymity. Driving, for example, was cited to be more anonymous than flying, despite the ability of surveillance officials being able to scan individuals license plates.

When it came to flying, 9/11 was an incident that changed everything, and still does to this day, said Diakin-Thibault. This, in turn, with national security overhangs the privacy infrastructure that the government is currently developing, Diakin-Thibault added.

“This is a very difficult job for a government to do. Because, it seems, on one had we are protecting you with privacy legislation on the other hand, we are aggregating it. Yet we have to aggregate it to a degree for national security to be upheld,” said Diakin-Thibault.

With a number of different ways for individuals to protect their online privacy and anonymity including ad-blocking, fingerprinting protection and blocking third party trackers, Nguyen said that individuals are able to prevent their data from being collected by designing it in a way that can protect the individual.

As the panel moved forward, the discussion focused on the topic of the right to be forgotten and putting personal data on blockchain specifically. In turn, Nguyen voiced his skepticism, “I think we should avoid putting data on the blockchain that is private in the first place.”

When questions were directed towards the intersection of personal information and blockchain technology, the discussion took an interesting turn. Namely, the fact that blockchain is an immutable technology. Panelists then discussed how this impacts our personal data privacy in the future.

“One of the central tenants of privacy law is that you can only retain personal data for so long as is necessary or reasonable, depending on the jurisdiction,” said Diakin-Thibault. “Now, if the idea is that you can’t retain data forever, clearly a permissionless blockchain that is immutable that has personal data written to it is offside privacy law.”

Blockchain’s nebulous interaction with privacy law remained a key takeaway. “The question is how are we going to deal with it,” said Diakin-Thibault.

As technological advancements and personal security interact, they reach a crossroad, Mainville added. “I think that we need to sit down as a community and decide what sorts of liberties and freedoms we’re willing to exchange for the technological innovations that we have, and those that are to come.”

Don’t forget to follow us @INN_Technology for real-time news updates!

With files from Georgia Williams.

Securities Disclosure: I, Dorothy Neufeld, hold no direct investment interest in any company mentioned in this article.