|
|
|
|
|
|
by mumblemumble
1868 days ago
|
|
|
> Distributed immutable ledger is astonishingly relevant in a variety of security and financial (and financial security) areas I'm not so sure about that. IANAL, but I suspect that, at least under US law, a distributed immutable ledger would actually be illegal in many cases. The entire legal environment is set up around the idea that there is a system of record, and that system of record has a single custodian, and that custodian is not just responsible for tending to it, but also someone to whom you can appeal (or sue) for remediation if something goes wrong. The immutable bit is also often incompatible. There are laws and contracts out there laying out cases where data needs to be deleted - not reverted, not being flagged as no longer relevant, actually deleted - from the record. In the US, the Fair Credit Reporting Act is probably the most familiar example, but there are others. Yes, we can say that it hasn't taken off because people just don't understand it because it's a complex technical topic. But we should also consider the possibility that the business environment in which we are trying to ininuate ourselves is a complex technical topic, too. And also watch out for Chesterton's Fence. |
|
|
A distributed immutable ledger has many uses other than recording voluntary transactions, or even recording things to do with specific people.
For example, such a ledger can be used to create a tamper-proof security-camera footage log. Just hashes of exported video files, locked into a chain at time of export. You can redact the videos themselves (i.e. make all copies of the referenced video unavailable), but you can't change the hash, and so there's no party you can collude with to substitute one video for another. Even if you're a state actor. You either have the videos — which can be proven to be the right videos — or you don't; but you'll never be able to present the wrong videos.
Or, in the same vein, a chain-of-custody log for the contents of a safety deposit box at a bank. Any time someone opens the box, an entry is automatically appended to the log saying what authorization (e.g. access card) was used to open the box. Once again, the fact that the log is distributed on a wider multi-party-controlled system, makes it impossible (or at least impractical) for the bank itself to tamper with the logs to steal something from your box.
These are "finance" / "security" / "financial security" use-cases. But they're not PII. There's no point at which any of this data would ever legally require redaction or purging, because it doesn't relate to a specific client profile. It relates either to metadata of public-point-of-view sensory data capture; or it relates to employee actions against customer accounts, where the mapping back to an individual isn't given in the public log but rather exists in a private database.