Realising the potential of new digital technologies: Realising the promise of blockchain

12 Mar 2019 16:45h - 17:30h

Event report

[Read more session reports and live updates from the OECD Going Digital Summit]

The moderator, Mr Greg Medcraft (Director, Financial and Enterprise Affairs, OECD), introduced the session by remarking that the next phase of the OECD Going Digital project will look at the impact of the emerging technologies on policy over the next two years, with a particular focus on artificial intelligence and blockchain technology. We are in the early days of blockchain, he added, the technology that presents the unique way data is presented, stored and transacted in the digital environment, offering unique ownership of the digital asset. It has the potential to transform industries and present a better tool for governments to offer improved digital public services. Blockchain applications clash with certain regulations in finance and data governance; this session will look at what policymakers can, and should be doing for blockchain to develop in a way to benefit the economy and society.

Ms Allison Berke (Executive Director, Stanford Cyber Initiative) focused on the benefits and risks of implementing blockchain products, and presented some of the results of the Stanford Research Center. She named land records, voting records distribution of foreign aids, and supply chains as some of the most efficient use cases for blockchain technology. Knowing that records on blockchain are immutable, technology itself can only verify that data is untempered, it cannot determine the properties of the physical asset. Therefore, blockchain products are successful when operating between transactions of digital goods. Blockchain is best when used in projects that have a flat hierarchical structure among different agencies which do not trust each other, but trust the central intermediary, she pointed out. They are also used for faster settlement times and lowering transaction fees.

One of the risks is the interoperability of standards. Big tech companies are now competing with the deploy-ready solutions for custom blockchains. Another risk involved with open blockchains is the ability to store illegal data or disseminate harmful content. They also collide with global privacy protection laws, specifically with the EU General Data Protection Regulation (GDPR), and the Right to Be Forgotten. Data added to blockchain cannot be removed, only amended by a newer version of data. 

Governments can help in the defining regulatory environment in which blockchains are used, and making explicit data retention and data access policies. The International Organization for Standardization is developing a standard for the open blockchain platform and developers should embrace this universal standardisation, Allisson added.

Mr Jonathan Ivelaw Chapman (Chief Operating Officer, Responsible Business Alliance) underlined that blockchain and the emerging technologies are pretty nascent, and there is no clear consensus around the policy right now. Even on a bigger scale, having in mind that the Internet is 30 years old this year, there are still regulatory struggles and uncertainties. He urged the regulators to look for the solutions with the longer time frame. The years 2030 and 2040 should be on our mind. He pointed to the example of the EU country of Estonia which first started with the government online services, but needed more than ten years for its citizens to become familiar and start using government e-services.

The global approach should be education around the policy-making, and an overall education track to create the fit for purpose solution. The policies around -physical world meets the digital world- should be balanced. Data on Distributed Ledger Technologies (blockchains) are likely to reach across the whole world, so a careful approach is needed.

He invited regulators to think analog when thinking regulations and building trust.

Mr Tom Kettels (Operational Lead, Infrachain, Digital Luxembourg) presented Infrachain as a part of the Digital Luxembourg project. The project aims to set the framework for enterprises to deploy blockchain based products. Accountability of nodes in open blockchain can be a problem so Infrachain is run as a private, permissioned blockchain. Luxembourg is issuing the certification for the nodes that are participating as verifiers in the network. This way they provide much needed legal certainty, Kettels added.

Regarding the concerns on the EU General Data Protection Regulation, the Infrachain project, with the help of local data regulation agency, developed a working scheme to address the issues of ‘data controllers’ and ‘data processors’ (terms specified by the GDPR). This is not a fully GDPR compliant solution, he added, but still the most regulated one. It was important for the government to have an open discussion with the industry to align on the objectives. Education was also high on the agenda having on mind that interdisciplinary experts will be needed (law and technology, for example).

He added that Luxembourg amended the Law on Security to add digital tokens. Transfer of securities can now be done by the Distributed Ledger Technologies (blockchain). This added a layer of legal certainty to the industry in this field.

In an answer to the question on whether we can fit new technologies into the existing framework or we need a new one, Kettels said that even some laws can be amended by adding a digital perspective, we do need a new set of laws that are as tech neutral as possible to take into account the inevitable evolution of technologies. In addition, the notion of decentralisation can be a problem from the data managing perspective.     

As an answer to the question whether we lose a lot of resources instead of using the off-shelf solutions, Allison added that these solutions can be beneficiary to the stability of systems, especially from the security aspects, by fixing security flaws. Even the largest open blockchains (such as bitcoin) was reported for vulnerabilities, it is logical that the biggest companies will have most resources to tackle security issues and update such systems.

In conclusion, the panellists agreed that we are still at the starting line of technology development and regulation.


By Arvin Kamberi