sashkin7/123RF
 

Rockchain: Distributed Data Privacy

  • 22 February 2018
  • Expert Insights

Our new Disruption by Blockchain series aims to highlight companies that are leveraging the incredible potential of blockchain technology to disrupt and revolutionize their industry. Through one on one interviews, we'll speak directly with industry leaders to cut beyond the hype and get directly to the heart of practical use cases and examples of how it will change the world, one industry at a time.

The following is an interview we recently had with Sébastien Jehan, CEO of Rockchain.

1. What’s the history of Rockchain? How and where did you begin?

SJ: As often for blockchain infrastructure projects origins, we began trying to build a real-world service on the blockchain and realized we could not do it, simply because there were too many privacy issues, and that distributing a file using a blockchain system was not possible if privacy was involved. Digging a little bit we realized that most of the real world applications would have such a problem. I had myself been active in the blockchain for the past 3 years, in other smaller ventures, but did not want to get a long time involvement in short-sighted “consulting agency” opportunism and wanted to build something more sustainable.

2. Who are the founders and key team members?

The founders:

Sebastien Jehan, CEO, Rockchain Inventor

Sebastien is a serial entrepreneur with a strong experience in building complex international IT systems (mostly in banks). He is a Telecom Engineer graduate (TelecomParisSud), with a MSc in Finance (ICMA), and has focused his career on Ethereum since 2015. His latest project founded from scratch was Ledgys.io. Sebastien is also an advisor on Sangus.org, the first distributed investment research network. Sebastien has experienced several cultural work environment (US, Japan, Europe) and has experience in Devops automation and Datascience (he's also animating a meetup Datascience in Finance).

Sebastien Collignon, Rockchain Enterprise Alliance roadmap

Sebastien is a business leader with a strong ability to build partnerships between technology providers. He managed several worldwide partnerships for Cisco in the IoT field.

Sebastien is an active contributor and advisor on the Rockchain project.

Dr. Mark Hahnel

Mark obtained a Ph.D. in Stem cell biology from Imperial College in 2012 after previously
studying Genetics and Human Genetics at the University of Newcastle and Leeds
respectively. Mark is the current CEO of figshare, a SaaS platform that has provided data
infrastructure for the world’s leading academic publishers (SpringerNature, Wiley, PLOS,
ACS), academic institutions, academic funders, and pharmaceutical companies.

The key team members:

Regis Gourdel, GO and crypto developer

Régis has a strong theoretical background in cryptography and is a GO developer. Régis is a graduate from Telecom ParisTech (applied mathematics on cryptography and quantum computing), and is doing an MsC in applicable mathematics in London School of Economics (game theory, advanced algorithms, and financial maths).

Aayush Anand, Technical project coordinator, and cloud architect

Aayush has worked with different startups and companies, helping them realize their IT and cloud automation potential. He is a graduate in information technology. He is currently working on maintaining and creating cloud infrastructure for Rockchain and helping to assess technical tasks dependencies as a coordinator.

3. What problem are you solving? Who are you solving it for?

SJ: We want to be able to “unlock” digital content using the blockchain logic. It is about opening some digital accesses to your private content when some business conditions are met. Although it seems to be a very fundamental use case of the blockchain, not yet has delivered something in production about to solve it.

The users of this kind of system could be:

Companies collaboration: The blockchain logic is here to perform an automated due diligence before opening an access right, to for example a big data stream.

Decentralized applications: for digital content distribution strategy

 

Health applications: for example research laboratories wanting to perform tests on some DNA database.

We want a little bit further than “unlocking” the raw content of a file. We can also “unlock” the ability to perform a chosen algorithm on a file. This is done with privacy at core, we can mathematically prove that no data leak can happen when the algorithm run on some users data, only the algorithm results being published.

The users of the private algorithms could be:

Companies collaboration: They want to correlate some results together without giving away their raw data. For example, compare a customer database without giving any data.

Genomics: perform medical tests without knowing the human DNA of the patient (an area where privacy concerns are emerging with lot of emphasis)

GDPR: dealing with some privacy concerns about the file exchanges.

4. What is your solution to this problem?

SJ: Because our blockchain solutions are “notarizing” file exchanges proofs, it is helping on the regulatory side (e.g. GDPR) about tracking file transfers with sensitive private data. It can be used as a transport level: instead of sharing content using FTP or email, for example, the “dAppBox” solution can be used to keep track of the what / where / when / who questions occurring in a data transfer.

More generally, we are building a set of five layers to address privacy issues, with interoperability in mind (they should remain open with “API” and easy to integrate for applications developers). Among those 5 layers, we intend to deliver the first 3 in the first half of 2018 (to customers).

The Rockchain infrastructure layers:

– A distributed P2P file system layer: transfer data with notarization (keep track of exchanges)

– A distributed access rights system: no one owns the repository of user access rights, profiles, and grants. It's all decentralized in a blockchain, so we are a true “no-middleman” system.

– The privacy computation layer: it is the module for private remote algorithm execution, with the guarantee of no data leak.

– The cheap notarization layer: as storing a proof on the blockchain is very costly yet (easily goes above $1 per document of any size) we work on a cheap (to the dime or lower) proof storage system, linked to the blockchain.

– The offline storage layer: give the users the ability to unlock files even when the disk of the file owner is offline.

5. Why is your industry ripe for disruption?

Among 300 big companies in the process of becoming GDPR-compliant, 40% said they had spent more than $10 million, and 88% said they had spent more than $1 million, according to a PricewaterhouseCoopers L.L.P. survey of American, British and Japanese executives published in September.

6. What’s the future of your industry?

SJ: The future has always been surprising to people trying to predict it, but let me try a strike for the privacy industry:

Prediction #1: The proof systems will be outsourced. Companies will rely on external infrastructure to keep an auditing track of their internal processes (the proof does not leak any information about the proven data).

Prediction #2: Users will not yet jump on the privacy bandwagon, only companies will. Many blockchain applications talk about the “rights for consumers' privacy” in their core value definition.
Most users have not much to hide, however, so the privacy market will get most of its value from the strategic aspect of companies wanting to connect to a global ecosystem of data partners while protecting their intellectual property.

Prediction #3: The GDPR regulation will have less IT budgets than expected. Due to the overly complex impact of GDPR regulation on existing IT systems, I believe most companies will wait to see how serious regulators are about their penalties (that could go up to 4% of the parent company sales). 4% taken on company margins is a huge number and seems surrealistic, I believe companies will wait and see first to which extent they must rethink their IT systems. Because unfortunately, small patches won't work in most of the cases for defining what is close to a decentralized and audited privacy, the IT systems must be redesigned globally.

About Expert Insights

Comments

COMMUNITY