Individuals and organizations use blockchain for its distributed control, anonymity, and immutability. But its permanence could create data privacy issues when companies try to tap into the technology for their marketing strategies.
In a recent paper, “What Blockchain Can and Can’t Do: Applications to Marketing and Privacy,” MIT Sloan professorurges marketers “to be thoughtful about where and whether to adopt blockchain-based systems.”
Marketers may seek to adopt blockchain in contexts where trust is difficult to establish, Tucker said in an interview. And given the significant existing fraud in non-blockchain systems, marketers may look to blockchain to promote a more trustworthy supply chain.
However, “marketing as a discipline should still be thoughtful about creating immutable data about an individual if there is no real need to do so,” Tucker writes in her paper. “Temporary marketing data can be used to predict persistent character traits, and even the fact that someone once exhibited a particular character trait or interest can become ammunition for malicious actors.”
Here’s a closer look at blockchain technology, marketing’s use of consumer data, and what the interaction between the two could mean for personal privacy.
The pros and cons of blockchain
Blockchain keys are anonymized, which prevents the public from identifying their holders. Transactions are recorded chronologically on a distributed ledger — which is regularly updated and affirmed by the blockchain’s participants — and all ledger entries are permanent.
However, blockchain’s anonymity means that if someone loses their blockchain key, that account can no longer be accessed. And immutability means that everything and anything recorded on the ledger is there forever.
Blockchain and marketing
The technology’s immutability poses the most problems for marketing strategies, Tucker writes. For example, blockchain could be used to track digital identifiers — login information, Social Security numbers, dates of birth — that are linked to customers’ views of a particular advertisement or some other piece of tracked content.
Say a marketer uses blockchain to advertise to a particular customer segment (e.g., someone interested in chartering a private jet). When a person clicks on the private jet ad, the blockchain records not only that click but also online purchasing behavior and identifying information attached to the computer where that click originated.
But what if the person was only temporarily interested in private jets, or they accidentally clicked on the ad? Or what if a child without private jet purchasing power clicked on it?
“The immutability of a blockchain record doesn’t tell you whether the person is in fact interested in charter jets, only that some entity has recorded them as being so,” Tucker said. “The way blockchain communicates accurate information is only by stating that a transaction happened between X and Y at a given moment. Any statements about X or about Y reintroduce the necessity for verification of information.”
Firms seek verification because they want to know, rather than infer, information about transaction participants, Tucker said. So the firm would still have to verify whether the information the blockchain recorded about X and Y was true.
“The risk is that firms may adopt blockchain methods of recording transactions and then believe that the transactions can then operate ‘trustlessly,’ without worrying at all about whether the information on participants is true,” Tucker said.
Customer data concerns
Another concern is that firms that use blockchain-based marketing strategies may wind up keeping customer data, depending on the nature of their technology setup. But the usefulness of that data is short-lived, Tucker writes.
Whereas chartering a private jet usually involves some longer-term planning and organization, a person might want to buy a pair of shoes in the morning but could be uninterested in buying them a few hours later. The information about that person’s interest in shoes is no longer useful, but “a lot of things could happen at this point,” Tucker said.
If it’s a public blockchain, then the information that the person is in the “interested in buying shoes” segment is public for anybody to see — whether they’re a marketer or not, Tucker said. “If it’s a private blockchain, then it would be harder for marketers to access that information.”
And marketers could use that data for other purposes beyond selling shoes. For example, they might know from other sources that a high interest in buying a particular pair of shoes is correlated with other things, such as the likelihood of developing a certain disease, Tucker said. Marketers could take that shoe-related information from the blockchain and construct a segment of shoe-interested participants whose information could then be sold to health insurers or pharmaceutical firms.
“The key question is whether a person’s preference data regarding certain types of shoes from decades ago could be used to make predictions about other, more sensitive characteristics applicable to them today, such as their likely health status,” Tucker said. “People should be able to reinvent themselves if they want to.”
Data management challenges
The cost of storing data gets cheaper every year, but implementing good-quality protocols for purging it doesn’t get any easier, Tucker said. So it’s not that companies necessarily want old data. “It’s that in order to preserve customers’ privacy, they have to actively think about what to purge and when, which takes time and skill to figure out,” she said.
This protocol isn’t so much about buying off-the-shelf, third-party software as it is about internal systems of data management, Tucker explained. Consider a police department that contracts with a technology company to store and periodically delete data from police cameras.
“Police aren’t data scientists, and they’re eager to outsource that process to software,” Tucker said. “But that merely shifts responsibility; it doesn’t change the fact that the question of what camera data to purge when is complex enough that simply handing it off to software risks significant problems of both over- and under-deletion.”
Holding on to or failing to purge old customer data is also a problem for companies that operate under data privacy rules like the General Data Protection Regulation. The GDPR gives people living in the European Union the right to know how their data is collected, processed, and protected by a company, as well as the right to request that that information be erased if it is no longer needed. Tucker said that EU-based companies often rely on guidance issued by the French data protection authority, which discourages the storage of unencrypted data on a blockchain and suggests restricting access to data through defenses like fingerprinting.
Warnings and wisdom for blockchain marketing applications
Remember, marketers shouldn’t be using blockchain to market to customers. It should be used for improving trust in transactions and reducing fraud.
“The best applications for blockchain in marketing are where records of immutable, purely digital data are useful now, such as maintaining a record of purchases of digital ads, and where there are no deep real-world implications foreseeable from existing privacy laws, [or] firm or law enforcement review of those transactions a decade later,” Tucker writes.