The BigBrotherAward in the “Technology” category is given, as a symbolic award, to the Bundesdruckerei (“Federal Printer”)1, represented by its CEO, Stefan Hofschen,
for its model project “digital school reports”, which promotes blockchain technology – a technology with severe data protection implications.
“Do something with blockchain” – that is a sentence many tech company department managers will have heard from their superiors. In practice it is not easy at all to find a really sensible application for that technology. It seems like Bundesdruckerei conducted a desperate search and conjured up a project that on first sight would appear to be a great application for the blockchain: fake-proof, digital school reports.
Blockchain, what was that actually?
Right, something with Bitcoin.
Crypto currencies are in fact the best-known application of blockchain technology. Production of these currencies consumes large amounts of energy, and as they are traded much like shares and attract a lot of speculative investment, a gold rush mood has set in. The hype has gone so far as people equating2 the day the Bitcoin manifesto was published by its inventor with the day when Martin Luther is said to have nailed his Ninety-five Theses to a church door – both of these events took place on a 31st of October.
Among the criticism levelled at crypto cash is its high consumption of energy. But there is a distinction to be made: the process that requires particularly large amounts of energy is the “mining” of the currency. The blockchain’s actual function is to act as a “ledger”, or notebook, of the crypto “coins”. Every transaction, meaning the creation of the money and every transfer from A to B, is stored in a public blockchain. The transactions – or “blocks” – become immutable, as they depend on each other as they are stored in the chain. Any manipulation of the chain would be noticed as verification of all subsequent elements would fail. As this is a public kind of chain, anyone can reproduce the chain and verify its validity. Which gives us a huge, public, cash account book.
That concludes our excursion into the world of blockchain.
So what were Bundesdruckerei thinking?
The idea is that schools create a digital version of a student report, which is transmitted to Bundesdruckerei via an application interface.3 There, a PDF file is created and a checksum for it is calculated. A checksum is a mathematical procedure that can be used to prove that a document has not been changed. Bundesdruckerei would then store this checksum in a blockchain – and since all the data added to a blockchain are built on the previous state, it would be very hard to manipulate this later. If such a report were shown, for example when applying for a place at a university, it would be possible to ask Bundesdruckerei whether the document is genuine. The blockchain would be used to determine whether the checksum matches.
It sounds quite good actually …
But is a blockchain needed for this?
Many use cases for digital authenticity checks are better solved using conventional “top-down” certificates, establishing a hierarchical structure of trust.
This is something that almost all of us have used last year: The digital proof of the COVID vaccination is based on conventional, cryptographic certificates. The German agency for disease control (Robert-Koch-Institut, RKI) confirms that a pharmacy is authorised to issue these proofs. The pharmacy checks the record of vaccination and confirms it (or signs it, technologically speaking), then prints the barcode for the CovPass app. There were desires to use blockchain for this. Fortunately, this approach did not catch on. Because this blockchain would have grown to an enormous size in a very short time, the only possible way to verify certificates would have been online, with all ensuing drawbacks. The procedure now adopted even allows for offline verification and does not require constant access to a blockchain.
So what privacy issues are linked to a blockchain?
The major threat with a blockchain is that all entries are fully traceable. That is the very idea behind blockchain. Correcting or deleting anything in retrospect is impossible. All entries are built on top of their predecessors, like a chain – hence the name – and are cryptographically secured.
To store personal data in a blockchain would be a total data protection disaster because no data, and also no data that was incorrect or stored illegally, could ever be deleted. There is no way to enforce the “right to be forgotten”, data would be forever enshrined in the blockchain and openly visible.
For the school reports, what Bundesdruckerei would store in the blockchain is not the content but only the checksum. There is nothing to say against that.
But imagine someone came up with a scheme to store personal identities in the blockchain. Indelible, immutable. A kind of ID card in the blockchain. This idea has been put forward already: initiatives such as id2020 or the EU’s “electronic ID”, soon to be valid throughout the union, using the “European Blockchain Services Infrastructure” (EBSI)4 – they enthuse about securing an electronic ID via the blockchain. We can only hope that no link to a person will be found in that blockchain.
With crypto currencies it is also a problem that all transactions can be traced – using the blockchain as a cryptographically secured, but openly readable cash book. While Bitcoin and others are hyped as anonymous payment methods, they can only be regarded as pseudonymous at best. Often, with only a little effort the pseudonymous identifier can be linked to an actual identity.
Even the German industry association Bitkom states in its “Blockchain Factsheet” that “depending on the details of the technology, personal data will be present, if only in pseudonymised form”.5
Why this BigBrotherAward?
We are not basing the award on the fact that Bundesdruckerei has committed grave technical mistakes in its development of the digital school report, such as omitting a permission check before entries are admitted to the blockchain. Through a programming error, it was possible for anyone to insert data in the blockchain, although such data would have not have been valid. Something like that can happen in a beta version.6
But to use blockchain technology to verify school reports is completely misguided. Instead of using conventional, digitally signed documents, which have been standard technology for many years and can be verified by anyone using simple software, Bundesdruckerei is muscling in as the central verification authority, which would have to be consulted every time and without alternative. This is because the blockchain containing the checksums is not planned to be made publicly available – so nobody except Bundesdruckerei would be able to verify the school reports’ authenticity. This is just about the opposite of the blockchain concept.
The excuse that such digital signatures would be too complex for schools to produce is pathetic. The whole service could function without any blockchain at all. And without Bundesdruckerei actually. But of course this would be harder to sell as a model project.
Dear Bundesdruckerei, stop proclaiming that blockchain is a must-have technology for the German government. You are leading politicians into false notions of what a blockchain is useful for, and where it should better not be used. Its use requires broad discussion and critical evaluation. What we rather need are more technologies that protect privacy and that moreover have a smaller ecological footprint than a blockchain.
Dear Bundesdruckerei, our congratulations on the BigBrotherAward.
1 The Bundesdruckerei (“Federal Printer”) used to be a state entity that produced banknotes, ID documents and other official print products. It was privatised in 1994 and after various changes it became a fully state-owned company in 2009.
2 thedailybeast.com: Bitcoin Threw a Massive Party in Miami and I Crashed It (Web-Archive-Link)
6 heise.de: Schlechtes Zeugnis für Zeugnisse in der Blockchain (German) (Web-Archive-Link)