Blockchain and the Limits of Trust

Last week I was privileged to be a guest on This Is Imminent, a new form of Web TV hosted by Simon Waller. The given topic was Blockchain and the Limitations of Trust.

For a replay of the Web TV event go here

As regular readers will know, I have been immersed in the world of Blockchain, cryptocurrency and digital assets for over four years – and while I am not a technologist, I think know enough to understand some of the potential impact and implications of Blockchain on distributed networks, decentralization, governance, disintermediation, digital disruption, programmable money, tokenization, and for the purposes of last week’s discussion, human trust.

The point of the discussion was to explore how Blockchain might provide a solution to the absence of trust we currently experience in many areas of our daily lives. Even better, how Blockchain could enhance or expand our existing trusted relationships, especially across remote networks. The complete event can be viewed here, but be warned that it’s not a technical discussion (and wasn’t intended to be), although Simon did find a very amusing video that tries to explain Blockchain with the aid of Spam (the luncheon meat, not the unwanted e-mail).

At a time when our trust in public institutions is being tested all the time, it’s more important than ever to understand the nature of trust (especially trust placed in any new technology), and to navigate how we establish, build and maintain trust in increasingly peer-to-peer, fractured, fragmented, open and remote networks.

To frame the conversation, I think it’s important to lay down a few guiding principles.

First, a network is only as strong as its weakest point of connection.

Second, there are three main components to maintaining the integrity of a “trusted” network:

  • how are network participants verified?
  • how secure is the network against malicious actors?
  • what are the penalties or sanctions for breaking that trust?

Third, “trust” in the context of networks is a proxy for “risk” – how much or how far are we willing to trust a network, and everyone connected to it?

For example, if you and I know each other personally and I trust you as a friend, colleague or acquaintance, does that mean I should automatically trust everyone else you know? (Probably not.) Equally, should I trust you just because you know all the same people as me? (Again, probably not.) Each relationship (or connection) in that type of network has to be evaluated on its own merits. Although we can do a certain amount of due diligence and triangulation, as each network becomes larger, it’s increasingly difficult for us to “know” each and every connection.

Let’s suppose that the verification process is set appropriately high, that the network is maintained securely, and that there are adequate sanctions for abusing the network trust –  then it is possible for each connection to “know” each other, because the network has created the minimum degree of trust for the network to be viable. Consequently, we might conclude that only trustworthy people would want to join a network based on trust where each transaction is observable and traceable (albeit in the case of Blockchain, pseudonymously).

When it comes to trust and risk assessment, it still amazes me the amount of personal (and private) information people are willing to share on social media platforms, just to get a “free” account. We seem to be very comfortable placing an inordinate amount of trust in these highly centralized services both to protect our data and to manage our relationships – which to me is something of an unfair bargain.

Statistically we know we are more likely to be killed in a car accident than in a plane crash – but we attach far more risk to flying than to driving. Whenever we take our vehicle out on to the road, we automatically assume that every other driver is licensed, insured, and competent to drive, and that their car is taxed and roadworthy. We cannot verify this information ourselves, so we have to trust in both the centralized systems (that regulate drivers, cars and roads), and in each and every individual driver – but we know there are so many weak points in that structure.

Blockchain has the ability to verify each and every participant and transaction on the network, enabling all users to trust in the security and reliability of network transactions. In addition, once verified, participants do not have to keep providing verification each time they want to access the network, because the network “knows” enough about each participant that it can create a mutual level of trust without everyone having to have direct knowledge of each other.

In the asymmetric relationships we have created with centralized platforms such as social media, we find ourselves in a very binary situation – once we have provided our e-mail address, date of birth, gender and whatever else is required, we cannot be confident that the platform “forgets” that information when it no longer needs it. It’s a case of “all or nothing” as the price of network entry. Whereas, if we operated under a system of self-sovereign digital identity (which technology like Blockchain can facilitate), then I can be sure that such platforms only have access to the specific personal data points that I am willing to share with them, for the specific purpose I determine, and only for as long as I decide.

Finally, taking control of, and being responsible for managing our own personal information (such as a private key for a digital wallet) is perhaps a step too far for some people. They might not feel they have enough confidence in their own ability to be trusted with this data, so they would rather delegate this responsibility to centralized systems.

Next week: Always Look On The Bright Side…

 

Open Banking and the Consumer Data Right

While most of Australia has been preoccupied by things such as Covid-19 lock-downs, border closures, which contestant got eliminated from Big Brother/Masterchef, and which federal politician went to an NRL game (and depending on which State you live in), the ACCC has implemented the first phase of the Consumer Data Right regime (aka Open Banking).

The TLDR on this new regulation, which has been several years in the making, can be distilled as follows:

Banks can no longer deny customers the right to share their own customer data with third parties.

So, in essence, if I am a customer of Bank A, and I want to transfer my business to Bank B, I have the right to request Bank A to share relevant information about my account to Bank B – Bank A can no longer hold on to or refuse to share that information.

Why does this matter? Well, a major obstacle to competition, customer choice and product innovation has been the past refusal by banks to allow customers to share their own account information with third party providers – i.e., it has been an impediment to  customer switching (and therefore anti-competitive), and a barrier to entry for new market entrants (and therefore a drag on innovation).

Of course, there are some caveats. Data can only be shared with an accredited data recipient, as a means to protect banking security and preserve data privacy. And at first, the CDR will only apply to debit and credit cards, transaction accounts and deposit accounts. But personal loans and mortgages will follow in a few months. (And the CDR is due to be extended to utilities, telcos and insurance in coming years – going further than even the similar UK Open Banking scheme.)

Although I welcome this new provision, it still feels very limited in application and scope. Even one of the Four Pillar banks couldn’t really articulate what it will actually mean for consumers. They also revealed something of a self-serving and defensive tone in a recent opinion piece:

“Based on experience in other markets, initial take up by consumers is likely to be low due to limited awareness and broader sensitivities around data use.”

Despite our fondness for bank-bashing (and the revelations from the recent Royal Commission), Australians are generally seen as being reluctant to switch providers. Either because it’s too hard (something that the CDR is designed to address), or customers are lazy/complacent. In fact, recent evidence suggests existing customers of the big four banks are even more likely to recommend them.

For FinTechs and challenger brands, the costs of complying with some aspects of the CDR are seen as too onerous, and as such, act as another impediment to competition and innovation. Therefore, we will likely see a number of “trusted” intermediaries who will receive customer data on behalf of third party providers – which will no doubt incur other (hidden?) costs for the consumer.

Full competition will come when consumers can simply instruct their existing bank to plug their data into a product or price comparison service, to identify the best offers out there for similar products. (Better still, why not mandate incumbents to notify their existing customers when they have a better or cheaper product available? A number of times I have queried the rate on an existing product, only to be offered a better deal when I suggested I might take my business elsewhere.)

Recently, my bank unilaterally decided to change the brand of my credit card. Instead of showing initiative by offering to transfer my existing subscriptions and direct debits to the new card, the bank simply told me to notify vendors and service providers myself. If I didn’t request the change of card, why am I being put to the inconvenience of updating all my standing orders?

For real innovation, we need banks and other providers to maintain a unified and single view of customer (not a profile organised by individual products or accounts). Moreover, we need a fully self-sovereign digital ID solution, that truly puts the customer in charge and in control of their own data – by enabling customers to decide who, what, when, why and for how long they share data with third parties. For example, why do I still need 100 points of identity with Bank B if I’m already a client of Bank A?

Finally, rather than simply trying to make money from managing our financial assets, banks and others have an opportunity to ensure we are managing our financial data in a more efficient and customer-centric way.

Next week: Counting the cost of Covid19

 

 

 

Blipverts vs the Attention Economy

There’s a scene in Nicolas Roeg’s 1976 film, “The Man Who Fell To Earth”, where David Bowie’s character sits watching a bank of TV screens, each tuned to a different station. At the same time he is channel surfing – either because his alien powers allow him to absorb multiple, simultaneous inputs, or because his experience of ennui on Earth leads him to seek more and more stimulus. Obviously a metaphor for the attention economy, long before such a term existed.

Watching the alien watching us… Image sourced from Flicker

At the time in the UK, we only had three TV channels to choose from, so the notion of 12 or more seemed exotic, even other worldly. And of those three channels, only one carried advertising. Much the same situation existed in British radio, with only one or two commercial networks, alongside the dominant BBC. So we had relatively little exposure to adverts, brand sponsorship or paid content in our broadcast media. (Mind you, this was still the era when tobacco companies could plaster their logos all over sporting events…)

For all its limitations, there were several virtues to this model. First, advertising airtime was at a premium (thanks to the broadcast content ratios), and ad spend was concentrated – so adverts really had to grab your attention. (Is it any wonder that so many successful film directors cut their teeth on commercials?) Second, this built-in monopoly often meant bigger TV production budgets, more variety of content and better quality programming on free-to-air networks than we typically see today with the over-reliance on so-called reality TV. Third, with less viewing choice, there was a greater shared experience among audiences – and more communal connection because we could talk about similar things.

Then along came cable and satellite networks, bringing more choice (and more advertising), but not necessarily better quality content. In fact, with TV advertising budgets spread more thinly, it’s not surprising that programming suffered. Networks had to compete for our attention, and they funded this by bombarding us with more ads and more paid content. (And this is before we even get to the internet age and time-shift, streaming and multicast platforms…)

Despite the increased viewing choices, broadcasting became narrow-casting – smaller and more fractured viewership, with programming appealing to niche audiences. Meanwhile, in the mid-80s (and soon after the launch of MTV), “Max Headroom” is credited with coining the term “blipvert”, meaning a very, very short (almost subliminal) television commercial. Although designed as a narrative device in the Max Headroom story, the blipvert can be seen as either a test of creativity (how to get your message across in minimal time); or a subversive propaganda technique (nefarious elements trying to sabotage your thinking through subtle suggestion and infiltration).

Which is essentially where we are in the attention economy. Audiences are increasingly disparate, and the battle for eyeballs (and minds) is being fought out across multiple devices, multiple screens, and multiple formats. In our search for more stimulation, and unless we are willing to pay for premium services and/or an ad-free experience, we are having to endure more ads that pop-up during our YouTube viewing, Spotify streaming or internet browsing. As a result, brands are trying to grab our attention, at increasing frequency, and for shorter, yet more rapid and intensive periods. (Even Words With Friends is offering in-game tokens in return for watching sponsored content.)

Some consumers are responding with ad-blockers, or by dropping their use of social media altogether; or they want payment for their valuable time. I think we are generally over the notion of giving away our personal data in return for some “free” services – the price in terms of intrusions upon our privacy is no longer worth paying. So, brands are having to try harder to capture our attention, and they need to personalize their message to make it seem relevant and worthy of our time – provided we are willing to let them know enough about our preferences, location, demographics, etc. so that they can serve up relevant and engaging content to each and every “audience of one”. And brands also want proof that the ads they have paid for have been seen by the people they intended to reach.

This delicate trade-off (between privacy, personalisation and payment) is one reason why the attention economy is seen as a prime use case for Blockchain and cryptocurrency: consumers can retain anonymity, while still sharing selected personal information (which they own and control) with whom they wish, when they wish, for as long as they wish, and they can even get paid to access relevant content; brands can receive confirmation that the personalised content they have paid for has been consumed by the people they intended to see it; and distributed ledgers can maintain a record of account and send/receive payments via smart contracts and digital wallets when and where the relevant transactions have taken place.

Next week: Jump-cut videos vs Slow TV

 

 

 

 

Intersekt Festival 2018

This year’s Intersekt Festival, held in Melbourne last month, was put together in quite challenging circumstances, given some of the recent events within key industry body FinTech Australia, the primary event host. It was a credit to all involved.

Not surprisingly, given some of the regulatory and industry changes underway in Australia, the key themes included: Open Banking and access to data: Trust in the banking and financial services sector (thanks to the Royal Commission, and the APRA report on the CBA); Data Privacy; Payments and the NPP; Comprehensive Credit Reporting and predatory lending practices; and Equity Crowdfunding. And of course, a little bit about Blockchain, Cryptocurrencies and Security Tokens.

There was a lot of discussion on “Trust”, especially in the age of Uber and Airbnb – how have these marketplaces managed to earn so much public and consumer trust in such a relatively short time? Yet as consumers, we obsess about Open Banking vs Data Privacy,  while banks themselves appear to be more infatuated with their Net Promoter Score…. whereas “Trust” is clearly a huge issue. In the case of the banks and the fall out from the Royal Commission, there was a discussion about whether our key financial institutions have come close to losing their social license to operate.

Meanwhile, with the prospect of self-sovereign digital identity becoming a practical reality (fuelled by blockchain, decentralisation and trust-less protocols and standards), there is a demand for cross-functional  (and cross-border) solutions for KYC/AML processing and identity management. But a lack of mutual regulatory recognition or harmonization (as opposed to “mere” industry standards) plus a diversity of business models confounds regulatory harmony, often within a single jurisdiction, let alone across multiple markets.

When it comes to payments and the NPP, it’s clear that regulation lags technology. For example, despite the existence of a (complex and somewhat uncertain) licensing regime for purchased payment facilities, APRA has only licensed one such PPF – PayPal. As former ASIC Chairman, Greg Medcraft once observed, by the time the NPP is fully operational, Blockchain will have gotten there long beforehand. And given the preponderance of stored value cards, digital wallets, peer-to-peer crypto exchanges, and multiple overseas and cross-border mobile payment apps, the respective regulatory roles of RBA, APRA, AUSTRAC, ATO and ASIC need to be clearly defined and set out.

On the topic of data protection and “big data”, there was a lot of discussion about getting the balance right between privacy and innovation. One the one hand, industry incumbents should not be allowed to use their market dominance to resist open banking and stifle the emergence of neo-banks; but on the other, there is a need to shelter the forthcoming consumer data right (CDR) from potential abuse like predatory lending (e.g., not simply define the CDR standards by reference to existing banking products and services) – mainly because the CDR is designed to empower consumers (not embolden the industry), and it is designed to be sector neutral (i.e., equally applicable to utilities, ISPs, telcos, insurance firms).

Other topics included SME lending, where new, tech-driven providers are not only originating new loans, but also refinancing existing businesses as the big 4 banks are seen to withdraw from this market; home loans (where technology is driving new loan origination, funding and distribution models); social impact (“FinTech for good”); equity crowdfunding (and the role of STOs); insurance (creating a decentralised market place) and Superannuation (which prompted perhaps the most contentious panel discussion – more on that to come!).

If there were any criticisms of the conference, based on local and overseas delegates I spoke to, they related to the length (was there enough content to sustain nearly 3 days?); the need for clearer roles and participation by the major and regional banks; the absence of investors (despite a speed-dating matching event….); and a desire to see a broader range of speakers and panelists (too many of the “usual suspects”?).

Next week: The Future of Super