Privacy Preserving Business Analytics — powered by Ocean Protocol
foreverontheblockchain is a software-as-a-service company that connects traditional fashion and jewelry industries to the crypto space. They provide features like immutability, proof of existence, and novel ways to communicate to the Metaverse utilizing NFTs.
Their first product uses proof of existence to store hashed love letters on the Bitcoin blockchain. Together with Christ — the most prominent jewelry chain in Germany — they offer voucher cards in their stores. These voucher cards contain a code that can be used to be redeemed on foreverontheblockchain. Users can now write a message, which gets hashed and the hash gets saved on the Bitcoin blockchain. This ensures that it cannot be altered or deleted.
Premium user data
As most startups try new kinds of products, they also gather valuable insights from their users. So, while a product might fail and a startup might pivot to a new product, these insights also benefit other startups or enterprises that want to learn from these mistakes. Traditionally, startups could not monetize these insights without introducing management and tech overhead or violating privacy regulations. Compute-To-Data on Ocean Protocol offers a solution to this problem and allows the creation of business analytics and selling the result without revealing any private user data.
That should also be available through the foreverontheblockchain interface. foreverontheblockchain could be considered a novel kind of social media dApp that asks their users to pay for every message they want to publish on the Bitcoin blockchain. As these “eternal messages” are sold for a premium price, it might be valuable for other social media enterprises and startups to understand better what kind of user is willing to spend a significant amount to post a message. While these insights are valuable for foreverontheblockchain to expand their product portfolio, it is also helpful to other businesses, e.g., creating social communities. Based on the provided data, a new company could develop around the original business fostering an ecosystem without giving up control over user data.
These new possibilities enable foreverontheblockchain to 1) monetize their unique insights into a premium data set of users that are willing to pay to write a message on a social media platform, 2) while allowing other businesses to form around these insights to develop more dApps for these kinds of users. These other businesses could also share their insights via Compute-to-Data, allowing startups to cooperate in a unique new way without violating privacy regulations or giving away control.
Challenges
Businesses and organizations generate large amounts of valuable private data, including personal data such as customer data and valuable business data such as manufacturing, research, and development data. However, this valuable private data remains unexchanged because of concerns about losing control of the data once it is shared and privacy concerns. In traditional centralized data sharing models, data sets containing personal data get anonymized before monetizing it to protect the data subjects, which is complex, time-consuming, and costly. These concerns, efforts, and initial costs discourage or even prevent businesses, especially SMEs and startups, from monetizing their data.
Monetize private data with Compute-to-Data
Compute-to-Data (CtD) allows for privacy-preserving data-sharing, remote computation and data monetization and is a core feature and strong advantage of Ocean Protocol. CtD keeps the data on-premises and allows data consumers to run remote compute jobs on the data. Data owners keep full control as the data never leaves their premises and is only ever accessed by algorithms.
CtD resolves the tradeoff between using private data and the risks of exposing it. Newly monetized data creates new revenue streams for data publishers.
CtD is directly integrated into the MVG and third-party Portals, where data providers can opt to restrict the access type to “compute only”. Once data is made accessible, the compute job is brought to the data and executed on-premise. This is especially suitable to train AI models, calculate statistics or build business analytics use cases on private data without revealing them.
There is a multitude of applications in business, technology and science, benefitting from sufficient aggregation or anonymization of data. Moreover, data owners can approve only vetted and trusted algorithms, which further lowers privacy risks.
CtD, combined with Ocean Protocol’s built-in data monetization layer, is a powerful tool to enable sustainable business models around private data lakes.
Being based on Distributed Ledger Technology (DLT), Ocean Protocol has some key advantages compared to traditional Web2 data sharing solutions:
It is radically different from the traditional manner we exchanged data in the past, which usually involves giving up control and using a middleman mediating between data market participants. The middleman is a single point of failure and could use the data for their own benefit or have their data stolen, as regularly reported in the media.
Following security and privacy by design principles and giving control back to the user are key elements of the GDPR. Ocean gives full control and sovereignty to data owners.
Key privacy takeaways for monetizing your data
Businesses that want to share and monetize their data while keeping the data private can consider the following privacy takeaways.
Data minimization. The data contained in the data asset must be adequate, relevant, and limited to what is necessary to comply with the data minimization principle (Art. 5(1)(c) GDPR).
Transparency. Data subjects must be informed adequately, fairly, and transparent (Art. 5(1)(b) GDPR and Art.12(1) GDPR) about the business analytics activity by providing the information defined in Art. 13 GDPR. This includes choosing and communicating the legal basis for the processing pursuant to Art. 6 GDPR.
Right of the data subject. Depending on the chosen legal basis, the data subjects must be informed about their rights (Art. 7(3) GDPR and Art. 15–18, 20, 21, 77 GDPR), and it must be ensured that the data subjects can enforce their rights.
If data subjects demand the erasure of their personal data, it must be ensured that the concerned data gets erased from the data set. As the data owner stays in control of the data asset even after offering compute access to it on the portal, the data asset can be effortlessly updated by the company.
Security. The personal data must be protected against data leakage by implementing organizational and technical measures (Art. 5(1)(f), 25, 32 GDPR).
- Container security: the containerized personal data must be prevented from being disclosed by following best practices on container security.
- Trusted algorithms: the data must only be accessible to audited and trusted algorithms.
About deltaDAO
deltaDAO AG, located in Hamburg, is the first Ocean Protocol engineering, integration and consulting company, by Ocean Protocol community members. We are working closely with BigchainDB GmbH and the Ocean Protocol Foundation to achieve our common mission to kickstart a European Data Economy. We are a Gaia-X member active in several working groups and initiatives. deltaDAO is a co-organizer of the Gaia-X Hackathon, responsible for the “Compute-to-Data & Distributed Ledger Technology” track where we, as Web 3.0 specialists and integrators, build towards a Minimal Viable Gaia-X with the other Gaia-X community members.
