A European Approach to E-Commerce
Secure, autonomous, peer-based transacting
hosted by local, regulated fiduciaries
Background:
The current system of e-commerce is hub-based. Hubs aggregate information and power. Hubs often have business models that encourage re-purposing of personal information and have limited regulatory oversight. Each person needs to interact with many hubs, each of which has excessive, redundant information about the person. Hub-hosted information is a source of insecurity as well as inconvenient. Often, the person about whom the information relates does not have a copy of the information in a format that is compatible with the rest of their information.
There are technological approaches that are more secure and efficient than hubs. These can be generally referred to as peer-based technologies (“P2P”). They include the cryptographic technologies for “identity management,” for instance, those standardized as part of the Kantara Initiative and discussed, e.g. at DG-BSC. They also include blockchain technologies. More broadly, a European approach to e-commerce would be based on a peer-based data model and open source technologies.
The traditional way of handling legal documents adds a significant element of cost, delay and uncertainty. The fundamental flaw is that they are custom-made or proposed by one party, rather than being standards-based. Organizations such as the IACCM seek to reduce this burden, but nevertheless there is no generalized system of standards.
The EU has taken legislative action that encourages major European actors to establish a secure, peer-based system. Notably, the General Data Protection Regulation and the Payment Services Directive, if vigorously interpreted, require a P2P model and require that banks make themselves available as hosts. A bank-based P2P model can be generalized into to a complete system that extends beyond banks to all of transacting.
A P2P system could radically reduce the effort for people and increase security. A bank-based P2P system could use the weight of banks to create an alternative to hubs. Bank hosts could combine the benefits of rigorous regulation, data security and commercial wisdom available from the historical data and knowledge of banks.
P2P Transacting
The basic model was presented at a conference at MIT. Each participant has a “repository,” which can also be referred to as a “wallet” or “personal data store.” The name is not important, but the principle is simple and essential. Each transaction by a person begins as a record in that person’s wallet and the record is communicated to the other parties. The communication can be by any means. In the diagram, the communication is by a blockchain ledger and the canonical (binding) copy of the record is on the blockchain. But the canonical record could also be communicated via ledgers held by one or more trusted intermediaries, for example, the banks at which each of the parties has an account. Systems such as Interledger, Ripple and R3cev’s Corda are protocols that are not based on blockchains. Blockchains have the critical disadvantage that all information is copied to all nodes of the blockchain and cannot be redacted or erased. Even if encrypted, the data remains vulnerable to compromise of the key or increased power of computing. In most transacting situations involving individual (and many others) this is inconsistent with data security and with legal requirements such as the GDPR. Blockchains appear to be appropriate when the transacting must take place in the absence of access to any trusted intermediary, for instance when connection to the internet cannot be assured, or when the parties know and have a moderate level of trust in one another and wish to keep the information among themselves without involving a third party.
Pragmatically, P2P allows an intermediary such as a bank to offer the functionality of hub-based e-commerce sites, but across all of a person’s dealings (in the same way that a bank account currently can handle all kinds of payments). The bank can also shield the person’s private information in most dealings. The bank intermediary can assure payment and handle the interactions without needing disclose details of the individual.
While bank-hosted P2P may appear more “centralized” than blockchain approaches, in fact, it will usually be less centralized. There are many banks and each individual can have their choice, as they do now. The accounts will be highly portable because the bank’s copy of the records can be synchronized to the individual or to the individual’s choice of a new host, which could be another bank or a generic hosting company. The bank can be required to expunge any information that is no longer needed. A host can keep defensive proof of the records by hashing them and keeping the hash while discarding the actual records.
In contrast, public blockchains function by running a continuous competition among a “miners” – a kind of arms-race. Practically, this means that all of the information is collected into a single database. The database is replicated many times and there is an element of decentralization because the hosts compete to be the most rapid, but minors need scale to compete. There is a double centralization effect – all participants’ data is all stored in a single database and the hosts that matter need very large scale.
Banks that opened themselves to P2P transacting can of course be very efficient. They will not need to write software, since that will be open source and managed by the community, perhaps centered on the makers of mobile phones. They will not need to “reconcile” records, a huge source of cost to them, since the records will have a common format and semantics. They will not have to do much support because the apps will all run the same across many banks, and there will be many sources of information. The banks will also be able to comply with regulatory requirements much more efficiently because regulatory documents can be handled in the same way, and the standardized platform will make reporting much easier for the bank, and better for the regulators.
CommonAccord 