BLOCKCHAIN RECORDKEEPING: A S ANALYSIS
Information Management 2017 ARMA International, www.arma.orgBLOCKCHAINRECORDKEEPING: A SWOTANALYSISBlockchain and distributedledger technology promise todeliver trusted and immutablerecords in a wide varietyof use cases. In a relativelyshort time, it has become theinnovation to watch, accordingto just about every technologyresearch and advisory firm,global consultancy, andinternational think tank.Is this just hype, or will thistechnology really deliver?Victoria L. Lemieux,Ph.D., CISSP20November/December 2017
Blockchain – which is a type of distributed ledgertechnology in which confirmed and validatedsets of transaction records are held in blocksthat are chained together – is meant to makerecords of these transactions immutable.While this emerging technology is already transforming the recordkeeping landscape in health care, realestate, and financial services, to name but a few sectors,many organizations are just considering its use. Thisarticle explains the technology and describes its promises, perils, and future in a way that will help informationprofessionals provide their organizations sound adviceabout its potential for their business.How Blockchain WorksAs described in Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction, each chain starts withan original, or genesis, block, followed by a time-orderedsequence of blocks. Blocks are chained together cryptographically using hashes, which are 256-bit randomnumbers computationally generated from input information. This forms a long, continuous chain of hashes– hence the name blockchain (see Figure 1).ValidationEach blockchain has a consensus mechanism thatensures that updates are agreed to and communicatedtransparently across the entire network, so the order inwhich transaction records enter the blockchain is undisputed, and any changes to what has been written to theledger will be detectable.DistributionOnce validated using the consensus mechanism,blocks are broadcast through a distributed peer-to-peermesh network of nodes (see Figure 2); the nodes, intheory, are unlimited in number and can operate fromany location. Each node usually retains a complete copyof the ledger (though some retain only a partial copy),and the copies on each node should match exactly. Whenthe information on one or more of the nodes does notFigure 1. Blockchain structure (Source: Bitcoin: “A Peer-to-Peer Electronic Cash System,” Nakamoto, 2008).Centralized (A)Decentralized (B)Distributed (C)Figure 2. Three kinds of networksmatch, that node is no longer considered to have validinformation.TransactionsWhen individuals want to make a transaction ona blockchain network, such as to transfer ownershipof property, they transfer control of the asset by transferring the blockchain representation of it (sometimescalled a token) from their blockchain address to theother person’s blockchain address. An address is denoted by the hash of a public key – a hash that functionssomewhat like a zip code by indicating the destinationof a particular transfer of value. For each public key,there is a matched private key. The individual uses theprivate key to digitally sign the transaction (see Figure3) to make the transfer of ownership happen.Address(hash oforiginator’spublic key) oftransactionoriginator Originatordigitally signsthe transaction with hisor her privatekey Address(hash ofreceiver’spublic key) ofthe receiver ofthe transactionBlock Completedtransactionoutput hash Hash oftransaction A Hash oftransaction B Hash oftransaction C Etc.Figure 3. Transaction processing using public-private key pairs on theblockchainDecentralized BlockchainsIn addition to being distributed, some blockchains(such as public blockchains) operate as decentralizedsystems – that is, their nodes do not operate under thecontrol of a centralized server, but in a fully independent, albeit coordinated, manner.These blockchains may also be characterized bydecentralized governance; in other words, they may notoperate under the formal authority of a single personor organization, even though groups of individuals ororganizations may wield informal control over theiroperation, as noted in “The Bitcoin Blockchain asFinancial Market Infrastructure: A Consideration ofOperational Risk” in Legislation and Public Policy 18.Examples of these types of blockchains include Bitcoinand Ethereum.November/December 201721
Other blockchains operate under the control of asingle authority such as Ripple, which connects banks,payment providers, and others, or under the authorityof a consortium such as R3, which leads more than 70large financial institutions in developing blockchain usein the financial services sAs spelled out by I.C. Lin and T.C. Liao in “A Surveyof Blockchain Security Issues and Challenges” in IJ Network Security 19[5], public blockchains are those that anyparticipant may use and access. They are often permissionless; participants do not require special authorizationor authentication to access, read, write, and participatein transactions and in the consensus process.Permissioned blockchains, on the other hand, areones in which nodes must have a member identity, andparticipants must have authority and authentication toaccess them. These are often private blockchains, meantonly for the use of members of a shared ledger – a single ledger that multiple participants may access and use.Permissioned blockchains have membership servicesthat manage the identity, privacy, confidentiality, andauditability within the system.Blockchain in RecordkeepingIt is tempting to think of blockchains only in termsof cryptocurrency, like Bitcoin. The use of blockchaintechnology for other cases is growing rapidly, includingfor recordkeeping.According to the article “Georgia Expands Projectto Secure Land Titles on the Bitcoin Blockchain” inCryptocoin News, the Republic of Georgia piloted theregistration of land titles using a private blockchainin 2016. The article said there are plans to expand theservice to sales of land titles, mortgages, rentals, newland title registration, property demolition, and notaryservices.The Swedish land registry authority, Lantmäteriet,has been testing a way to record property transactionson a blockchain, as described in “The Land Registryin the Blockchain – Testbed,” a 2017 report from theLantmäteriet and others.A pilot for applying blockchain technology to landtransfer registration in the municipality of Pelotas inBrazil has recently been launched by the local real estate registration authority, according to Garrett Keirns’August 2017 “Blockchain Land Registry Tech GetsTest in Brazil” in CoinDesk.Recording of land transactions is by no means theonly recordkeeping use case. According to the University of British Columbia’s unpublished 2017 “Recordsin the Chain” project report, Estonia is one of manyjurisdictions that use blockchain to securely keep med-22November/December 2017Figure 4: Overview of blockchain recordkeeping SWOT analysisical records and a host of other types of governmentrecords.Blockchain in Recordkeeping:SWOT AnalysisWith the use of blockchain for recordkeeping growing, information professionals must know how to determine the benefits and risks of its use. The “Recordsin the Chain” project mentioned above is reviewingblockchain recordkeeping solutions around the worldand has identified the following strengths, weaknesses,opportunities, and threats (SWOT).Strength: Detects AlterationsA key strength of blockchain technology is that ithelps ensure the integrity of records through the waytransactions are recorded and validated. For example, inBitcoin it is through solving a cryptographic puzzle thatpermits detection of any alteration to transaction recordsafter they have been validated.In another example, the Government of Estonia’se-Health database uses Guardtime’s keyless signatureinfrastructure solution to capture hashes of data to ensure that any changes to, or tampering with, the medicalrecords of Estonian citizens can be detected.Strength: Protects PrivacyBlockchain recordkeeping solutions might also enablebetter privacy protection for citizens and governmentsby enabling more individual control over their personaldata. With blockchain technology, they can determinewho can access their data, for what purpose, and for howlong.The Respect Network – a personal data network(respectnetwork.com) with a vision of having membersfeel a sense of privacy and security when they shareinformation – proposes to use XDI, an OASIS standardfor semantic data interchange, to produce smart contractswith blockchain-based digital signatures to establish
As as an information management veteran,you likely can name someone who wasparticularly instrumental in yourprofessional growth. Now it’s your turn topay it forward – and we’re here to help youmake a connection for sharing yourknowledge and expertise.ALLOW US TO INTRODUCE YOU!The recently launched ARMA Internationalmentorship program has attracted manypeople who are eager for professionalguidance, and we need you to sign up atsurveymonkey.com/r/ARMAMentorshipso we can make a match that will helpensure their success. Though thecommitment is minimal, it can change careers!For more details, seehttp://discoverarma.org/mentorshipand the mentor FAQs athttp://discoverarma.org/mentorFAQ.
commitments about private data use that are “well-defined, non-abstract and non-repudiable, and enforceablebetween individuals, corporations and governments.”(See sidebar “Blockchain Applications and Services” formore about smart contracts.)In the United Kingdom, Mydex and the Qiy Foundation (https://www.qiyfoundation.org/about-qiy/) offera model similar to the Respect Network’s, aiming toenable individuals to exchange information privately andsecurely.Strength: Increases EfficiencyAdditionally, blockchain technology can deliversignificant information processing efficiencies. This capability is what financial services firms are most excitedabout. Through enabling peer-to-peer “trustless” tradereconciliation and settlement, for example, financialinstitutions can shave millions off the cost of operation.Rather than having to run large back-office operations where staff reconcile trade confirmations, counterparties can make and settle trades instantaneouslyon the blockchain, cutting out the need for back-officeoperations. Other sectors are exploring ways to reduceinefficiencies in information processing through theapplication of blockchain technology.Weakness: Lacks Sufficient ControlEven though protecting the integrity of recordsand detecting when integrity has been breached arestrengths of blockchain technology, it is not inconceivable for a validated transaction to be overturned afterthe fact by a government or group of individuals incontrol of a blockchain.In theory, public blockchains are decentralized andself-governing, but in practice their operation is oftenin the hands of a core group of developers. If organizations intend to rely on blockchain-based recordkeeping, they must consider the effect on the integrity ofrecords.Given the uncertainty of relying on public blockchains over which it may be virtually impossible toexercise control, many organizations are turning toprivate, permissioned blockchains where governanceis the responsibility of a single body or consortium ofbodies. This does not eliminate threats to the integrityof blockchain records presented by hard forks or forcedediting of the ledger, but it does present the possibilityto establish rules of operation and procedures for anychanges to what is intended to be an immutable record.The downside of using private, permissioned ledgers, on the other hand, is that organizations need totrust that the body or group of bodies responsible forthe operation of the blockchain will do so in a mannerthat does not affect the authenticity, integrity, or longterm availability of the records. Organizations likelywill have to resort to traditional legal contracts for suchassurances, and, moreover, will need to look carefully atthe track record of the service provider.Blockchain Applications and ServicesThere are also applications and services associated with blockchains and distributed ledgers that addto their usefulness for recordkeeping. These includeblockchain applications that run over blockchainnetworks and permit participants to easily interactwith these networks.Smart ContractsAccording to Nick Szabo in his “The Idea of SmartContracts,” smart contracts are blockchain applications that express business logic associated with atransaction and execute on a blockchain platform.Smart contract code determines what transactionsare recorded into the blockchain and the informationthey will contain. Through the use of smart contracts,many kinds of contractual clauses may be made partially or fully self-executing and self-enforcing.Oracles provide a trusted service designed tosupply external data to a smart contract or blockchainsystem. Asset registries link digital currencies to24November/December 2017other assets or records on top of a distributed ledger,according to InterPARES Trust Terminology Project:“Key Blockchain Terms and Definitions.”Off-Chain ServicesOff-chain services provide secure means to access capabilities outside a blockchain system, suchas trusted data sources or functions. Sidechains arephysically separate blockchains associated with amain blockchain, and they can participate in transactions with it, typically in both directions.In contrast, subchains are logically separatechains that form part of a blockchain. Each subchain may be owned by a different entity and maybe accessible to a different set of users. Nodes maybe set up so that some nodes participate in certainsubchains and not in others. The result of this configuration is that the ledger on some nodes containstransactions for that subchain while the ledgers onother nodes do not.
The New CRM Study PackThe ICRM Exam Development Committee recommends these books as preparation resources for the CRM exam.Records and InformationManagementEssentials of ContemporaryManagement, 7th Ed.Patricia L. Franks, Ph.D.,IGP, CRM, CA, FAIGareth R. JonesJennifer M. GeorgeRecords and InformationManagement: Fundamentalsof Professional Practice,3rd Ed.Fundamentals of InformationSystems, 7th Ed.Records Managementfor DummiesRalph StairGeorge ReynoldsBlake Richardson, CRMWilliam Saffady, Ph. D.Members Save 20% Off the Cover Prices(when purchased together)Order online today at www.arma.org/bookstore
Weakness: Doesn’t Link Records to Business ContextAnother weakness in most blockchain solutions is theabsence of a mechanism to link records on the chain backto the business context of their creation. This may makeit difficult to rely on blockchain records as evidence ofbusiness transactions.Consider a blockchain solution, like those piloted inSweden and Brazil, in which land transfer records havebeen recorded on a public blockchain along with millionsof other transactions. How would it be possible to retrievethe hash recorded on the blockchain associated with aspecific land title unless there is a means of linking thetransaction with its business context? How would it bepossible to comply with e-discovery orders?In the case of the Swedish and Brazil land transactionrecording pilots, the problem is solved by using “coloredcoins” – blockchain transactions specially annotated withmetadata that links them back to the transaction to whichthey relate. As these pilots demonstrate, it is possibleto establish the bond between records on the chain andtheir business context using hash pointers “on chain” tometadata or registers stored “off chain,” but not withoutcareful solution design that pays attention to this important recordkeeping requirement.“Breaking open the MtGox case, part I” in a July 2017WizSEC blog post.Weakness: May Violate Data LawsData localization laws may stem from laws and rulesrequiring retention of documents at a business premisesor from laws that address data protection and privacy inrelation to technology. In the European context, an example is the incoming General Data Protection Regulation(GDPR), which has requirements for processing personally identifiable information (PII).For countries relying on storing elements of theirpublic records on any blockchain not operating entirelywithin their sovereign jurisdiction, it is necessary to consider if the system complies with data localization, dataprotection, and privacy laws and rules.In the case of the Brazilian pilot, for example, theplatform’s metadata files contain details of property transfers that are kept on a Colu server in Israel. Althoughthere are no laws or rules that preclude this architecture, the company that built the Brazilian pilot system,Ubitquity, is looking at providers in Brazil to ensureadherence to good practice with data handling and inanticipation of possible data localization requirements.Laws and regulations governing the admissibility and weight to be given suchevidence differ according to jurisdiction, and thus it is difficult to generalize.Weakness: Admissibility as Evidence Is UncertainWith the potential for more records to be created natively on chain using smart contracts, attention must alsobe given to the question of legal admissibility. Althoughproponents of smart contracts and blockchain technologyenvision a future where contracts code is law, it is unlikelythe need for dispute mechanisms, such as courts, will beeliminated, at least in the near term.It is, therefore, important to consider the issue of legaladmissibility and weight of information recorded andstored on the blockchain. Laws and regulations governingthe admissibility and weight to be given such evidencediffer according to jurisdiction, and thus it is difficult togeneralize about how such evidence might be treated bythe courts, beyond saying that uncertainty prevails.Existing laws must be interpreted to apply to theseemerging forms of records until jurisdictions changelaws and regulations explicitly to address the admissibility and weight of blockchain records. In the meantime,information professionals may draw insights, if not legalprecedent, from those few cases that consider this type ofevidence. A recent case is the U.S. grand jury indictmentin July of Alexander Vinnik in a 4 billion bitcoin laundering scheme that also linked him to the 2014 collapseof Japan-based bitcoin exchange Mt. Gox. For details, see26November/December 2017In some jurisdictions, privacy laws, such as theGDPR, require protection of PII. Norms for publicavailability of PII about land holders should followwhat is prescribed by any relevant laws. For solutionsthat affix metadata to transactions recorded on a publicblockchain, consideration should be given to encryptingmetadata to protect the privacy of transacting parties tocomply with good practice and legal requirements.Weakness: Disposition Is Difficult“Right to be forgotten” provisions may also need tobe followed, which can be problematic when blockchainrecords are meant to be immutable, not editable. Thisraises the larger issue of how to delete records fromblockchains, which is also a consideration for implementing records retention policies or correcting inaccuracies in the record.Some organizations have proposed “editable” blockchains, but this flies in the face of the primary valueproposition of blockchain recordkeeping – immutability. Information professionals may look to techniquesused for managing write-once-read-many storage forguidance, including the segregation of blockchains intochannels according to retention requirements so that entire sub-chains can be deleted if need be when the time
comes –a sort of blockchain “big bucket” approach.Another approach is to delete the “off chain” recordsto which “on chain” pointers point, but this approachmay not be practical for many organizations, and so thequestion of how to handle deletion of blockchain recordsremains open.The InterPARES TRUSTER Project is investigating how to extend the guarantee of authenticity for digital records by replacing traditional digital signatures,which rely on digital certificates issued by a trustedcertificate authority, with blockchain-based digitalsignatures that have no need of trusted third parties orIt is generally assumed that lots of copies available on participating, distributednodes will keep blockchain records safe and accessible over the long term Weakness: Long-Term Preservation Is ChallengingThe question of how to preserve blockchain records over the long term is still an open one as well.Traditional approaches to digital preservation rely oncentralized repositories operated by archival institutions. Will these approaches translate to decentralizedrecordkeeping?It is generally assumed that lots of copies availableon participating, distributed nodes will keep blockchainrecords safe and accessible over the long term, butwhat happens when the operator of a privately operated blockchain disappears? Or when nodes on a publicblockchain no longer have an incentive to keep validating transactions? Who would be responsible for identifying the whereabouts of all the copies? How manycopies would be needed to ensure continued trust in therecords? And, who would be responsible for maintainingthese nodes, and how? There are no clear answers yet.Opportunity: To Be a Trusted AdvisorAs more and more organizations begin to see thevalue of blockchain-based recordkeeping, there existsa major opportunity for information professionals toadvise their organizations on its use. To take advantageof the opportunity, however, they must bring themselvesup to speed on how blockchain technologies operate,how they are used in recordkeeping, and how to ensurethe application of these technologies adheres to globalrecordkeeping standards and professional principles.The Blockchain Education Network offers a wideselection of online resources information professionalscan draw upon to build their knowledge. Those who failto update their technical knowledge may find themselves identified with outmoded paper or centralizedrecordkeeping paradigms and therefore be sidelined.Opportunity: To Innovate Professional PracticeJust as blockchain technology is beginning to impactorganizational recordkeeping, there is an opportunityfor information professionals to innovate their practicesthrough its use. Smart contracts, for example, to automatically implement the publication of data, are beingexplored by the UK National Archives.digital certificates. And there are many other possibilities to consider.Info Pros Are Compelled to ActBlockchain technology is transforming traditionaldigital recordkeeping from a centralized operating modelunder human control to a decentralized, autonomousmodel. Information professionals must understand thestrengths and weaknesses of this emerging technology tobe able to advise the increasing number of organizationsthat are looking to implement it for recordkeeping.As with any emerging technology, there are significant opportunities – for greater business efficiency,privacy protection, and security, for example – but thereare also great risks. Perhaps the greatest risk will be ifinformation professionals fail to take up the challengeof understanding the capabilities of blockchain-basedrecordkeeping, allowing its implementation to marchahead without their wisdom and guidance. That couldlead to costly mistakes that might otherwise have beenavoided. Information professionals should feel compellednot to let that happen. EAbout the Author: Victoria Lemieux, Ph.D., CISSP,is an associate professor of archival science and SauderSchool of Business Distinguished Research Scholar atthe University of British Columbia and adjunct associateprofessor of research at the University of Maryland. Herresearch focuses on risk to the availability of trustworthyrecords, particularly in financial contexts, and how theserisks impact upon transparency, financial stability, publicaccountability, and human rights. She holds a doctoratein archival studies from University College London, isa Certified Information Systems Security Professional,and won the 2015 Emmett Leahy Award for outstanding contributions to the field of records management.Lemieux can be contacted at v.lemieux@ubc.ca.November/December 201727
SWOT Analysis. With the use of blockchain for recordkeeping grow-ing, information professionals must know how to de-termine the benefits and risks of its use. The “Records in the Chain” project mentioned above is reviewing blockchain recordkeeping solutions around the worl
www.sheppardmullin.com Blockchain Games and Collectibles - Patents and Other Legal Issues March 2019 By: James G. Gatto 1. Blockchain Games and Collectibles Are on the Rise – The use of blockchain (or distributed ledger) technology for games (a.k.a blockchain ga
AWS Blockchain Templates helps you quickly create and deploy blockchain networks on AWS using different blockchain frameworks. Blockchain is a decentralized database technology that maintains a continually growing set of transactions and smart contracts hardened against tampering and revision
THE EMERGENCE OF CHINA'S STATE-BACKED BLOCKCHAIN PLATFORM JUNE 2021 Overview Introduction to Blockchain China's Communisty Party Prioritizes Blockchain p. 2 p. 8 p. 10 p. 11 China's State-backed Blockchain Ecosystem p. 13 The Potential Data Security Risks Associated with BSN p. 18 Permissioned vs. Permissionless Blockchain
Blockchain Adoption Q12. Which of the following best describes your organization when it comes to business blockchain technologies? N 220, single response, percent responding 33% Already has implemented, or is currently implementing blockchain technologies 22% Currently evaluating or testing blockchain technologies 20% Have discussed blockchain
3 Opportunities for the Use of Blockchain in Health Care 9 3.1 Benefits of Blockchain 10 3.2 Disadvantages of Blockchain 10 3.3 Key Health Care Challenges and Use of Blockchain 11. 3.3.1 Electronic Health Records. 11 3.3.2 Supply Chain 12 3.3.3 Health Insurance 13 3.3.4 Genomics 14 3.3.5 Consent Management 15
Hyperledger Fabric, one of the umbrella projects of IBM, is an open-source, permissioned blockchain. Hyperledger Fabric blockchain differs from other blockchain in many ways. It makes use of execute-order-validate mechanism whereas other blockchain networks use order-execute logic. This helps Hyperledger Fabric e-ISSN : 0976-5166
Pre-production Proofs of concept/value R&D Version 1s Version 2s Version 3s Figure 1: Path to blockchain adoption. Building Value with Blockchain Technology 7 . technologies or other digitization strategies. As noted in "Blockchain Beyond the Hype", blockchain may not be a viable
English Language Arts: Grade 2 READING Guiding Principle: Students read a wide range of fiction, nonfiction, classic, and contemporary works, to build an understanding of texts, of themselves, and of the cultures of the United States and the world; to acquire new information; to respond to the needs and demands of society and the workplace .
