The Web3 Series: Is Decentralisation The Key to Digital Privacy?

As founding partner of the McCourt Institute since June 2021, Sciences Po believes in its main focus: “Tech for the common good”. The Institute is launching this semester a new series of events, “Web3 &”, to address daily life concepts and their relationship to Web3 and technology. On 11 October, a panel of expert speakers discussed the key topic of Web3 – an internet built on decentralised blockchains – and privacy: Francesca Musiani, Associate research professor at the French National Center for Scientific Research (CNRS), Jean-Pierre Landau, Associated Professor and Researcher at Sciences Po and Romain Defouillhoux, Blockchain Developer and Co-founder of Aurora Society. Leïla Mörch, Senior Program Manager at the McCourt Institute, introduced and moderated the roundtable.

Privacy challenges in the digital era

Francesca Musiani explained that there are many “privacy challenges in the digital era” and they are “specific to the fact that we use digital tools”. She added that we live in an era of “datafication” due to the expansion of “data collection tools” as well as “the explosion of the volume of data itself”. The fact that the internet is now even extending to objects (with the internet of things and Artificial Intelligence) makes “the exposure of the private life of the individual really unprecedented”.

“The individual is today at the center of a complex network of personal information.”

The Associate research Professor at the CNRS wanted to make clear that, “The definition of personal data has changed. It’s no longer a piece of data made available by an individual in a specific circumstance, it can be all sorts of traces that we leave in an undeliberate way”, such as metadata like our IP address. Moreover, in our digital age, “Data is not just saying things about the person but also about the network of the person”.

In this context, one can wonder if decentralised technologies can be tools enabling people to manage their data and get their autonomy and privacy back.

Web3: can blockchains protect users’ privacy?

Romain Defouillhoux gave a little history lesson on crypto and Web3. Crypto was not originally about making money, it was founded by a movement, the “cypherpunks”, that emerged in the eighties. The members considered themselves as “anarchists” and wanted to “get rid of governments”, of the central system. They wanted users to be “more responsible”. A good example of the cypherpunks spirit is the Wikileaks project by Julian Assange. 

9/11 in the United States led the cypherpunk movement to disband, because it became too dangerous to work against the government. That is when a need for “anonymity”, “truth and protection” arose and when blockchain became their tool of choice. The goal was that no one would know anything, for example by using onion browsers like Tor. That is why Nakamono, one of the founders of Bitcoin, stated that every transaction should be made with a unique address. 

Web3, if correctly handled, can be seen as a mean to protect users’ privacy. The trouble is when the way people use it, for example without changing their address every time, or the way governments try to control it, as with the European Union’s MiCA regulation, turn it into a non-anonymous place. The question is to what purpose.

"Technology is not going to solve the problem by itself"

Jean-Pierre Landau challenged the idea of Web3 as the perfect answer to digital privacy issues. First of all, he reminded the audience that data privacy goes against other important concepts such as efficiency (through tools like facial recognition or passwords wallet), free speech (when it is regulated like in France) and public policy. How can any government “control crime, fight terrorism or regulate taxes” if the internet users are totally anonymous? There is indeed sometimes a “public good aspect” to limiting privacy, for example in allowing access to medical records to help the progress of research.

Web3 is “not going to solve all problems, it has a cost”, explained Sciences Po’s Associated Professor and Researcher. Leïla Mörch agreed that, “Technology is not going to solve the problem by itself”. Solutions like the European GDPR (General Data Protection Regulation) or the “zero-knowledge proof” identification system could be ways to protect users’ privacy while finding a balance with other priorities. All speakers were unanimous about the limits of the notion of consent on the internet. The GDPR is not seen as efficient because “the exchange is asymmetrical”, claims Jean-Pierre Landau. We give our data expecting benefits but we don’t understand “what will happen to our data”. Francesca Musiani reckoned that the issue is even sometimes “to identify your adversary” and that “the consent documents are often too complicated”. She declared herself in favor of the “privacy by design and default” principle.

As a conclusion, Leïla Mörch wondered what education and expertise would be needed by the users to fully benefit from Web3 in terms of privacy. Should we “give people the tools to be more responsible for their privacy”? Can we really get rid of the third-party, get rid of the State? Can we ensure trust in a decentralised system? Those questions, among others, will be discussed in a following event, Web3 & Digital Democracy (15 November).

MORE INFORMATION:

• McCourt Institute official website
• Youtube replay of the event
• The Web3 & Digital Democracy event at Sciences Po on 15 November