|Cross Cutting Challenges|
User interfaces of blockchain for identity solutions are often neither clear nor compelling. As a result, incentivizing individual users is difficult.
Blockchain brings together a number of complex technologies – “P2P networking, distributed timestamping, cryptographic hashing functions, digital signatures, and Merkle trees, among others.”99 To date, the user-friendliness of many implementations of these complex technologies is lacking, creating challenges to broad, mainstream adoption.100
Incentivizing use at the institutional/legacy level will be required for many blockchains in order to identify initiatives that provide true value.
Similar challenges—concerning user interfaces, incentives, and others--confront institutional users as individual ones. Incentives questions are particularly pressing when institutions must replace existing legacy systems. Many Blockchange initiatives seek to circumvent and disrupt legacy systems with the goal of establishing a fully self-sovereign and decentralized replacement; given the long time horizon for such solutions to reach critical mass, partnership with relevant domain area institutions will likely remain essential for use and impact.
Legal and Policy Questions
Legal and policy questions can introduce further challenges to the governance of blockchain for social change.
At its current stage of experimentation – within the identity space and beyond – blockchain is raising a number of challenging legal and policy questions, including but not limited to those listed below.
- How can Blockchange experimentations ensure ongoing regulatory compliance, including sector-specific identity concerns and regulations (e.g., HIPPA issues for health, KYC concerns for finance)?
- How can questions of liability and redress – for example arising from a privacy breach – be answered in a distributed and, at least in some cases, disintermediated system?
- Especially given new and emergent legal mandates, such as the General Data Protection Regulation (GDPR) in Europe,101 how can Blockchange for identity initiatives navigate diverse legal frameworks and ensure regulatory compliance and interoperability across regions?
- How can Blockchange achieve its social change potential when vendor lock-in and a race to patent blockchain applications and protocols102 threaten to limit use and experimentation?
- Is the policy landscape ready for disruptive new identity approaches at a time when identity requirements differ widely across, for example, government service providers?
- Will the types of digital signatures used in Blockchange for identity initiatives be considered valid by existing legacy systems, intermediaries, and gatekeepers?
- Can Blockchange projects adhere to data protection policies (e.g., GDPR) that increasingly guarantee a right to be forgotten and other principles regarding personal information collection, storage, and use that run counter to certain DLT attributes like immutability?
- What types of policies can and should be put into place regarding information handling, privacy, and security
Technical inefficiencies embodied especially in proof-of-work mechanisms in some (but not all) blockchains can create major environmental concerns.
- Although blockchains can help increase institutional efficiency, Nouriel Roubini argues that they are “less efficient than existing databases,” with higher requirements for storage space, computational power, and with higher latency levels than in a centralized database.103
- In many blockchains, the inefficient-by-design proof-of-work mechanism has significant—and negative— ecological impacts. Mining on the Bitcoin blockchain, in particular, is creating an unsustainable carbon footprint.104
Risks (including to intended beneficiaries from vulnerable communities, like refugees) can outweigh the potential value created by certain blockchain-for-identity initiatives
- Blockchain’s sophisticated cryptography is often viewed as a means for creating high levels of information security. Many blockchain implementations, however, rely on private keys handled by the end user. These keys can introduce otherwise non-existent information security and personal privacy concerns should they be lost or stolen.105
- The “coercive force” of immutability has surfaced concerns regarding the removal of human agency and decision-making in some processes. Smart contracts, in particular, can be used to create an immutable “absolute law”106 that cannot be altered or iterated upon without significant transaction costs and distributed buy-in.
- Blockchain’s immutability can also amplify issues surrounding the notion of “garbage in; garbage out.””107 If low quality information is allowed to enter the blockchain, not only will it negatively impact resulting actions, but the low-quality information will remain on the blockchain permanently (unless significant transaction costs are undertaken to rectify the issue).
- These challenges are especially salient given the use of privacy-preserving, zero knowledge proof approaches. Zero knowledge proofs leverage an automatic system for determining whether or not something is true without sharing information with the authenticating entity.108
Measuring impact remains a challenge, and the lack of clear metrics of success negatively affects attempts to scale up.
With the vast majority of Blockchange applications still at the conceptual or pilot stage, impact measurement is lacking. Moreover, given that much of the field of experimentation is being driven by startups in the private sector, open and context-specific impact measurement will likely remain a challenge without leadership from the public, academic, and civil sectors.