16 July 2018
Bo Harald

Good for society at large

Bo Harald - ZEF, Transmeri, Demos, Real Time Economy Program

363Posts 1,437,992Views 274Comments
Innovation in Financial Services

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

Seamless access to data in digital Europe

12 June 2018  |  6262 views  |  0

Eminent article by Markus Hautala - head of Blockchain Solutions at Tieto 

"Any thriving economy depends on the availability and free movement of skilled labour, products and services. Data has for centuries been an integral element in facilitating the movement of these assets. For the casual observer, it might seem that – thanks to the internet, API economy, cloud services and data platforms – we have largely managed to solve the issue of free movement of data. But as the EU Commission initiative, “Building a European Data Economy” illustrates, this is not the case. There are still major barriers to free movement of data and competition, due to localization restrictions and lack of rules for data portability.

The European Commission has sought to remove these barriers by issuing regulations such as GDPR and the recent proposal for a regulation on a framework for the for the free flow of non-personal data. Whilst these initiatives are major steps in addressing the issue of data portability, they fail to tackle one of the biggest challenges prevalent in the modern internet: the verifiability of data.

Trusted interactions require verifiable data

As anyone who has ever bought anything online knows, the main issue with data is not its availability, but instant access to trusted data. Can I trust the merchant to deliver the purchased goods? Can I trust that the goods are not counterfeited? These are just some of the concerns for consumers and e-commerce is but one of many use cases. The W3C Verifiable Claims Working Group has identified many more in domains such as finance, education, and healthcare. As more and more of our personal and business activities move to the internet, we need to make various kinds of claims as part of our everyday activities in transactional interactions. For example, we use a driver’s license to prove that we are capable of operating a motor vehicle, a university degree to prove our education status and government-issued passports to grant us travel between countries.

From centralized platforms to a distributed trust

As the amount of digital data has exploded, new platform-based business models have emerged. Due to network effects, this has led to a situation where a relatively small number of platforms control our data, as well as continue to grow and gain more influence. European Union initiatives related to data portability aim to address some of these concerns. Yet whilst doing so, the European Commission takes the former network, infrastructure and trust models as given. The trust and data sharing paradigms present in platform-based business models rely on the existence of trusted counterparty (”the platform”).

As instant access to trusted information is becoming increasingly vital for our everyday interactions, a new type of approach for exchanging the data is needed. During the past couple of years, a new network and trust model based on distributed infrastructure – namely blockchain – has emerged. One of the reasons why blockchain technology has received significant interest is that it has the potential to transform existing trust models – including how personal data can be handled. Instead of relying on centralised trust platforms, we now have the means to establish new types of trust infrastructures without vendor lock-in.

Decentralised identity helps guard personal data whilst improving customer insight

Until recently, the prevalent way to share identity information has been through a centralised platform with a single point of control. The problem with trusted middlemen is that when compromised, they pose a massive security risk to a large number of people.

As global digitalisation moves forward, we have witnessed a tremendous increase in hacks and personal data breaches that cripple businesses. Recent examples include the Equifax breach, where more than 145 million people were exposed to identity theft and the Facebook leak in which more than 50 million user profiles were handed to Cambridge Analytica.

Handling customer data is clearly a huge risk for organisations, but at the same time, it is the cornerstone of customer relationships and business critical operations. How can organisations then maintain a holistic view of their customers without exposing themselves to increasing risks and regulatory pressures? This is actually one of the goals of GDPR: to make organisations rethink how to handle customer information. And this is exactly what solutions decentralised identity networks, such as Sovrin, allows them to do.

Decentralised identity networks can deliver the internet’s missing trust layer

In decentralised identity networks, the identity holder forms secure digital connections with entities (organisations, individuals or things) that can provide information about the identity holder. This information can literally be anything such as a name, government ID, address, power of attorney, drivers licence, health information, university degree etc. This verifiable data can then be shared by the identity holder to a party that requires these proofs. This provides for all kinds of rich digital interactions: Know-Your-Customer, contract and transaction signing (B2B, B2C, G2C), permits, insurance claim, job application and so on. Storing identity data on blockchain would naturally be problematic for various reasons, including adherence to GDPR compliance and risk of data hacks. In a decentralised identity network, actual identity data is not stored on the ledger. Instead of identity data, the decentralised ledger only contains pointers to the data. These uncorrelatable pieces of information are related to an identity holder and stored on the ledger to allow entities access, share and verify identity data when authorised.

What should the European public sector do?

Whether we realise it or not, technology choices always also carry choices of ideology. This is rarely as evident as in the context of identity data. By supporting centralised platforms, we are essentially supporting a business model which leads to a situation where a relatively small number of operators remain in control of our data and – due to network effects – continue to gain even greater influence over our lives.

The European public sector holds the keys to changing the course of this path. In the context of verifiable data, public administration maintains base registries such as citizen, company, land, vehicle and others. Due to the trust held in public authorities, these are the most reliable sources of basic information. Seamless access to this data is essential in digitalising not only the government but in all interactions (B2B, B2C, G2C). To drive the adoption of distributed identity networks, private and public sector participants should jointly and iteratively prototype, pilot and develop new distributed infrastructure concepts to demonstrate their value for citizens.


Competitive economies depend on the availability and free movement of labour, products and services – and data is the fuel that drives the movement of these assets. Despite the ubiquity of the internet and related technologies, barriers remain in access to verifiable data needed in transactional interactions. EU initiatives related to data portability aim to tackle some of the problems concerning access to data and the dominance of data platforms. These initiatives, however, fall short in responding to issues related to instant access to data needed in transactional interactions. The cause for this is that these initiatives do not address trust, data sharing and infrastructure issues caused by platform-based business models.

During the past couple of years, blockchain-based distributed platforms have emerged, providing us means to establish new types of trust infrastructures without vendor lock-in. The public sector has a pivotal role in digitalising society, as it maintains the base registries containing verifiable identity data needed by both public and private sectors in transactional interactions. The public sector needs to actively drive the adoption of the new distributed platforms in collaboration with the private sector to ensure a wide market take-up. It is now time to time to make the EU’s single market fit for the digital age and ensure that the European economy remains globally competitive – bringing benefits to both businesses and consumers."




TagsBlockchainMobile & online

Comments: (0)

Comment on this story (membership required)

Latest posts from Bo

Seamless access to data in digital Europe

12 June 2018  |  6262 views  |  0 comments | recomends Recommends 0 TagsBlockchainMobile & onlineGroupInnovation in Financial Services

Craving for the concrete..

27 April 2018  |  5352 views  |  0 comments | recomends Recommends 0 TagsInnovationOpen APIsGroupInnovation in Financial Services

How to be practical - 10 years ago

24 April 2018  |  2924 views  |  0 comments | recomends Recommends 0 TagsPaymentsInnovationGroupDigital Banking Trends

10 years ago - and still not quite there..

21 April 2018  |  6391 views  |  0 comments | recomends Recommends 1 TagsMobile & onlineInnovationGroupDigital Banking Trends

Protecting costs - NOT consumers - Anno 2008

15 April 2018  |  7193 views  |  0 comments | recomends Recommends 1 TagsPaymentsInnovationGroupDigital Banking Trends

Bo's profile

job title Chairman/Founding member
location Helsinki Region
member since 2008
Summary profile See full profile »
Independent advisor and board professional

Bo's expertise

Member since 2008
353 posts274 comments

Who's commenting on Bo's posts

John Bullard