Glass Houses: Transparency and Privacy in Information Economies

In recent years, the trust that society places in opaque centralised mechanisms run by government, network operators, and financial institutions has been eroding, with various events (e.g., the financial meltdown of 2007 and the hack of the DigiNotar certificate authority) illustrating that high integrity cannot be achieved merely through trust in one or a handful of parties. As a reaction to this erosion in trust, two alternative architectures have emerged: users have either flocked to systems that have no central point of trust; or they have increased pressure on central entities to provide more openness and visibility. In both of these settings, the main technique that has emerged to provide these properties is a distributed ledger; i.e., a list of events that have occurred within a given system that is created and stored by a distributed or even decentralised set of parties. Storing such ledgers in a distributed and transparent manner allows these systems to achieve full public auditability, in which any user can check for themselves that the system is functioning correctly.

Given the potential applications of distributed ledgers, one might be tempted to use a single approach as a way to provide auditability or distribute trust. Requirements in one setting may be very different from those in another, however, so one approach cannot be indiscriminately applied. As an example, SSL certificates are public, so their issuance can be stored on a public ledger. On the other end of the spectrum, systems such as financial settlement, supply chains, and personal identity management all deal with highly sensitive data that cannot be included as-is in a globally visible ledger. Balancing these application-specific requirements with both the benefits and limitations of distributed ledgers is the main focus of our research.

To understand the requirements in each of the settings mentioned above, our research will be conducted with five user partners: the Bank of England, which is interested in using distributed ledgers for financial settlement; the Department of Work and Pensions (DWP), which is interested in the provision of benefits; the Robin Hood Fund, which is interested in allowing for the trading of entitlements to the fund; Provenance, which is interested in transparency in supply chain certification; and the Google Certificate Transparency team, which is already using distributed ledgers to log the issuance of SSL certificates. Each of these user partners will give us insight into a different potential application of distributed ledgers, and by constructing technical solutions that meet their diverse requirements (e.g., the need for privacy or scalability), we can impact their eventual deployments of these technologies.

The intended beneficiaries of this proposal are academic researchers, the UK government, the technology and financial industries, and the general public. The proposal addresses how to use distributed ledgers to provide benefits across a variety of settings, including supply chains, financial infrastructures, and the management of personal identity and information. This proposal has the potential to solve concrete problems that occur in these settings, as well as other settings where distributed ledgers may be used.

We describe our impact across three categories: academic, government/society, and industry.

Academia.

Academically, the goal of this project is to open up new lines of interdisciplinary research on distributed ledgers. The main avenues for achieving this goal are to publish research papers in international peer-reviewed conferences and journals, give invited talks at universities and other research institutions, visit and host academic researchers, and interact with an interdisciplinary set of researchers via the UCL Centre for Blockchain Technologies. We expect that the combination of all these activities will provide the widest possible exposure for our research, thus helping it to achieve meaningful impact across multiple academic communities.

UK government and society.

The UK government has publicly expressed interest in distributed ledger technologies, and the findings of this research programme could directly impact any deployments, both in shorter and longer timescales. The main avenue for achieving this goal is via our user partners, visits and discussions with other government entities, and workshops held throughout the course of the project.

Two of our user partners, the Bank of England and the Department for Work and Pensions, are central components of the UK government that deliver solutions to enormous populations. The Bank of England is the central bank of the United Kingdom; as such, any solution that they adopt would have immediate and widespread impact. Similarly, the Department for Work and Pensions (DWP) is responsible for administering welfare and pensions to the entire United Kingdom (and indeed are the largest government department), so any solution they adopt would directly affect millions of users.

In addition to individual meetings with these user partners and the kick-off workshop described above, we plan to host regular workshops throughout the course of the project for these and our industrial partners. These workshops will augment our individual meetings in providing our user partners with updates on our progress, discussing emerging opportunities, and identifying additional user partners with whom it may be beneficial to collaborate.

Industry.

Many major financial institutions and technology companies are already seeking ways to incorporate distributed ledgers into their products, but ensuring the security and usability of these technologies prior to deployment is critical for their success. The main avenue for achieving this goal is via discussions and internships with our user partners, invited talks at companies and industry workshops, and workshops held throughout the course of the project.

In terms of our industrial user partners, the deployment of Google's Certificate Transparency (a technology based on distributed ledgers) is already partially underway, and in addressing a shortcoming in the SSL ecosystem the project has the ability to affect every user of the Internet. While Provenance and the Robin Hood Fund are both much newer companies, their potential reach is also quite broad and their current relative autonomy allows them to deploy blockchain-based solutions without the struggle that a larger company would face. We will actively engage with these user partners, both via the individual meetings and workshops mentioned above, but also by sending pre-doctoral research assistants to conduct internships and assist with pilot studies.