Can blockchains reduce the impact of data breaches?

Another day, another catastrophic data breach.  This time it’s medical records in Singapore, where I live.  At this stage we’re almost immune to this kind of headline:

Cyberattack on Singapore health database steals details of 1.5 million, including Prime Minister (Reuters)

But this is quite bad.  Eileen Yu noted in her piece for ZDNet (my emphasis):

Singapore has suffered its “most serious” data breach, compromising personal data of 1.5 million healthcare patients including that of its Prime Minister Lee Hsien Loong.

The affected users are patients of SingHealth, which is the country’s largest group of healthcare institutions comprising 42 clinical specialties, four public hospitals, five speciality centres, nine polyclinics, as well as three community hospitals.

Non-medical personal details of 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics between May 1, 2015, and July 4, 2018, had been accessed and copied. The stolen data included patients’ name, national identification number, address, gender, race, and date of birth.

In addition, outpatient medical data of some 160,000 patients were compromised, though, the records were not modified or deleted, said the Ministry of Health and Ministry of Communications and Information (MCI), in a joint statement late-Friday.

Continue reading “Can blockchains reduce the impact of data breaches?”

The Basics of Bitcoins and Blockchains

Last December I was approached by a publisher, Mango, who asked me if I would write a book about blockchain technology.  A little nervously, I agreed, and I’m excited to announce the result of six months of effort:

The basics of bitcoins and blockchains - book cover

The Basics of Bitcoins and Blockchains is an essential guide for anyone who needs to learn about cryptocurrencies, ICOs, and business blockchains.  Written in plain English, it provides a balanced and hype-free grounding in the essential concepts behind the revolutionary technology.

I wrote The Basics for an audience of business people, students, practitioners, and those who are simply interested in this technology.  I tried to make it entertaining even for those who are already working in the cryptocurrency or blockchain industry.  For example, did you know:

Continue reading “The Basics of Bitcoins and Blockchains”

MAS just released Corda for Central Banks… so what?

I’m absolutely thrilled to be able to write about the open sourcing of Project Ubin Phase II, a key project that our team has been working on for the past seven months with the Monetary Authority of Singapore (MAS), ten banks, and our partner Accenture.

UbinPhase2
Ubin Phase 2 report

What is Project Ubin?  It’s probably the most advanced starter kit out there for anyone wanting to explore blockchains for banking:

Continue reading “MAS just released Corda for Central Banks… so what?”

Blockchains and central banks – what have we learnt?

This article was first posted on r3.com

Over the past couple of years, R3 has worked closely with a number of central banks to explore if distributed ledgers could support their policy goals, and I have had the privilege to participate in a number of these projects.

What have we learnt?  What is important?  What do central banks care about?  While I can’t speak directly for individual organisations, I have collated my own thoughts, and wanted to share these ahead of the Singapore FinTech Festival this year (13-17 Nov) when the results of Singapore’s “Project Ubin” experiments will be announced.

Update (post FinTech Festival): Read about the Open Sourcing of “Corda for Central Banks“!

Continue reading “Blockchains and central banks – what have we learnt?”

The hype around central banks, digital currencies, and blockchains

Central banks and blockchainThere has been a lot of hype around central banks, interbank payments, blockchains, and central bank digital currencies (CBDCs), but the narrative has become confusing and often misses the point.  What’s going on?  Actually two independent things are being actively explored:

  1. Decentralisation of interbank payment systems
  2. Wider access to digital central bank money (Central Bank Digital Currencies – CBDCs)

I aim to explain them both in this post.

Continue reading “The hype around central banks, digital currencies, and blockchains”

Blockchains and laws: are they compatible?

At conferences and events I often get asked a variation of “Is blockchain regulated?”.  The short answer is no: technology is rarely regulated.  It’s entities who are regulated (especially in finance).

blockchains_and_laws
Blockchains and Laws: are they compatible? A paper I coauthored at R3 with Baker Mckenzie.

Banks need their technology to conform to certain standards – resilience, security, and so on.  The banks (not the technology!) get penalised if they can’t demonstrate high standards with the technology they choose to deploy.  A common rulebook that is adapted for each jurisdiction is called Principles for Financial Market Infrastructures.

But blockchains and distributed ledgers share data, and often business is conducted across borders.  And many countries have data protection laws specifying that certain types of data (eg personally identifying data) need to remain stored on computers within the borders of the country itself.  How do we reconcile data sharing with data protection laws?

Well, instead of thinking about blockchains and distributed ledgers as a mechanism for sharing data (we know data sharing is a solved problem), think of them as “business to business glue” that can make business processes between entities much more efficient.

So, some data absolutely needs to be shared.  In finance that may be some trade details: prices, amounts, delivery dates, etc.  We do this today anyway, bilaterally and via intermediaries.  But we only really want to share this kind of data with the other party (and not the entire network of participants!).  Other data needs to be kept completely internal: customer details and instructions, valuations and profit margins, etc.

Can blockchains and distributed ledger platforms deal with these kinds of requirements?  Absolutely – R3’s Corda was built specifically for this.

In my role as Director of Research at R3, I recently coauthored Blockchains and Laws: are they compatible? with Baker Mckenzie, the world’s leading cross border law firm.  If you’re into that kind of thing, it’s well worth a read.

R3’s cutting edge research and thought leadership is also now available as a separate offering to consortium membership – here’s a selection of papers that R3 has produced.

Avoiding blockchain for blockchain’s sake: Three real use case criteria

Blockchain use case funnel 2016-17

2016 was the year of creating frameworks and filters to determine if a business problem was worthy of a blockchain-based solution.  Often, the frameworks would declare inappropriate potential use cases as ripe for blockchaining, as the frameworks were often designed by blockchain vendors or consultants to let as much through as possible.  However, many of the proofs of concepts built in 2016-17 have not become industrial solutions.  Why?

Two main reasons are:

  1. The technology didn’t meet the requirements of the use case
  2. The use cases themselves were selected badly

This post discusses what went wrong with use case selection, and presents two new and better questions for use case selection.

Continue reading “Avoiding blockchain for blockchain’s sake: Three real use case criteria”

Blockchains and cyberwar: Why the next wave of interbank settlement systems will be decentralised

Currently a number of central banks around the world are exploring two things:

  1. A decentralised interbank payment system
  2. A central bank digital currency

Though often conflated, these are slightly different concepts.  You can decentralise your interbank payment systems without allowing the public to have digital access to the central bank’s balance sheet, and vice versa.

This short post is about the first set of experiments: decentralising the interbank payment systems.

Continue reading “Blockchains and cyberwar: Why the next wave of interbank settlement systems will be decentralised”

Three common misconceptions about smart contracts

There is a lot of misleading commentary about smart contracts, leading to confusion about what they are and what they can do. Here are three of the most common myths that I have noticed. This builds on a previous piece, a gentle introduction to smart contracts.

Myth: Smart contracts are self-executing bits of code

Continue reading “Three common misconceptions about smart contracts”