data center
Server room/datacenter. Image credit: monsitj/

Blockchain has been making waves in the media and at the table in many companies for its ability to offer immutability and tamper evidence, reduced data corruption, enhanced security, among other benefits. However, blockchain is not ideal for everything — and privacy is one of those things.

Social networks and search engines have been invading user privacy on a colossal scale and they are constantly getting worse. The ‘right to be forgotten‘ is a concept that has been growing in popularity (especially in the European Union) and has been implemented to some extent via GDPR regulations.

The ‘right to be forgotten’ enables you to delete your personal data from the servers of companies that don’t need it (for example: Google allows you to delete your data now) or request the deletion of it. If you put that data on a blockchain, you can’t remove it.

This is because blockchains are designed to be immutable. You are not supposed to be able to delete data from a blockchain, otherwise it isn’t quite a blockchain. Each block in a blockchain is chained together by the hash of the previous block, which means that editing or deleting any of the blocks (except the last one, maybe) will break the chain.

Blockchain is for keeping a permanent record of activities that you actually want to be stored permanently. If anyone tried to tamper with said records on a blockchain by editing them (for example: trying to delete records of fraudulent activities from a database), then that would break the chain and the software managing it should detect that and notify its administrators.

Your chats, reactions, posts, photographs, and everything else can never be deleted if Facebook for example stored its data on a blockchain. If Google did it, then you would no longer be able to delete your searches and your right to be forgotten would vanish.

Blockchain Can Help To Hold Social Media And Service Providers Accountable

On the other hand, it is possible to store only some data on a blockchain and exclude user data. For example: The activities of Facebook representatives (moderators) could be stored on a blockchain and user data could be stored separately in a conventional database. This could help with accountability and audits, as it would be much harder to delete the evidence of wrongdoing.

Social networks could also be required to log all of their communications (including outbound data transfers that send user data to third parties) on a blockchain to keep track of the data they’re sharing. They would have to be relied upon to abide by such a regulation, though (in other words, they might just store unscrupulous activities off-chain so they can delete them easily).

There is a way in which blockchain can indirectly help to enhance user privacy — facilitating a level of decentralization that removes for-profit companies like Facebook from the equation. These platforms could be built to store little user data or just have users store their own data. This has its disadvantages (as does anything else), but such platforms are under development and messaging services can also implement end-to-end encryption which offers a high degree of privacy.