The IAB Technology Laboratory announced Tuesday a blockchain-based protocol that allows companies to manage and track the consent of personal consumer data across the internet.
PrivacyChain gives consumers complete control of the personal information collected about them by companies that sign up to use the technology. When opted in, the data becomes available to retailers, along with their advertising agencies and publishing partners that serve the ads.
Through the portal, the consumer can choose to opt out or opt in on a variety of topics such as name, email, location, and gender, as well as the retailer's site or marketing partners and publishers. The ledger provides details on who and where the data was shared, including time and date.
LiveRamp developed PrivacyChain, and donated the code to the IAB TechLab and the working group that standardizes processes.
The PrivacyChain specification, which is under review for public comment, is based on a shared distributed ledger to support privacy legislation in place or coming in the near future. The technology also is available to test through specifications and reference implementation.
“It’s about helping consumers, publishers and advertisers to maneuver through a lot of change,” said Dennis Buchheim, senior vice president and general manager, IAB Tech Lab.
PrivacyChain simplifies the ability for companies to prove compliance with numerous consumer privacy regulations worldwide, including the California Consumer Privacy Act, General Data Protection Regulation, and the European Privacy Directive, as well as a company’s own privacy policies.
Arthur Coleman, head of research and development at LiveRamp, said the first step is to finish the review of the written specifications to ensure that advertisers, publishers and others accept the way it is designed. That means ensuring that the correct processes are flawlessly and automatically electronically completed, such as when someone requests removal of information through the Right To Be Forgotten law. In the next year, the team hopes to receive feedback on the “hyper ledger,” “consensus algorithm,” and more.
Coleman said PrivacyChain must have the ability to “handle any regulation in the world that might come along” related to privacy. Data is one piece related to privacy.
The code was written in a way to support other types of regulations such as data management, which also relates to privacy concerns. The working group would determine whether there will be any additions and enhancements.
The hope is that one portal that connects all data through a distributed ledger would give consumers the ability to provide consent for all transactions made by an individual worldwide.