Data and security are two of the most critical aspects of tokenized security, but they seldom get the attention they deserve. Although blockchain technology looks to eliminate any dependence on third-parties through decentralized computational trust, adhering to existing security laws would force us to forgo either decentralization, compliance, or privacy.
Jesus Rodriguez, Chief Scientist and Managing Partner at Invector Labs, recently wrote a piece discussing the “elephant in the room”: how to square the circle that is security and privacy protocols in security tokens.
Blockchain’s main selling point is its ability to verify authenticity without the need for a third party. In the case of Bitcoin, there is no need for a bank. When it comes to tokenized securities, this problem gets a little bit tricker. The problem comes due to three concepts which, as it stands now, cannot co-exist together within tokenized securities: privacy, compliance, and decentralization. Let’s call this the “privacy problem” or the “privacy tetralemma.”
Rodriguez gives two examples of how this problem manifests:
“1) A tokenized asset issued in Germany is subject to data protection regulation that stipulates that is can only be traded between German parties and the data related to the trade cannot leave German jurisdiction.
2) An asset-based tokenized product needs to be compliant with FINRA privacy rules that enforces the protection of sensitive information related to any trade involving the asset.”
The first example presents us with a conflict between privacy and decentralization. The second highlights an example of a possible conflict between privacy and compliance. With our current digital infrastructure, we are bound to see a problem between two of these three categories when it comes to tokenized securities.
Ultimately, decentralized solutions that allow for privacy and on-chain compliance is the holy grail. We can expect, however, that the first wave of tokenized securities will involve off-chain solutions to the privacy question.
They will also be crucial to linking the cryptocurrency space closer to traditional finance. Naturally, this is not the end goal, but tokenized securities have to adhere to the regulations for traditional securities. Off-chain solutions are a temporary necessity.
Consensus methods are currently being devised for dealing with tokenized securities, but we are far off from an on-chain solution to these problems. We can expect the security token industry for the foreseeable future be relying on off-chain solutions to resolve the privacy problem.
For more information on the privacy problem within tokenized securities, read Jesus Rodriguez’s original article “The Elephant in the Room: Security and Privacy Protocols in Security Tokens.”
What do you think of the ‘privacy problem’ when it comes to tokenized securities? Is this issue a current major flaw in our conception of tokenized securities? Let us know in the comments below what you think.