Page 196 - ITU KALEIDOSCOPE, ATLANTA 2019

P. 196

2019 ITU Kaleidoscope Academic Conference

blockchains, the targets were the smart contract application data contained or referenced in the blockchain record is
(criminal smart contracts), program design flaws, program protected by some form of intellectual property a smart
implementation flaws, smart contract virtual machine (e.g. contract associated with the blockchain could provide an
Ethereum Virtual machine) design flaws. These same automated market for efficiently licensing such content.
components would be risks for healthcare blockchains, Where the blockchain acts as a substitute for the law, there
though the incentives for exploitation would be different is no backstop of traditional legal enforcement. This may be
than for fungible commodities or currencies. attractive in regions where there is no rule of law, or legal
enforcement is weak. As an example of a substitute, the UN
[31] analyzed six types of blockchains to identify the conducted a successful trial using blockchain to track food
mechanisms that they used to implement traditional aid to refugees [40]. The challenge for such systems is the
information security principles of confidentiality, human actors interfacing with the blockchain system, and
information availability, integrity, non-repudiation, their incentives (or the lack of them) for participation.
provenance, pseudonymity and selective disclosure, with
confidentiality and selective disclosure being the least 4.1 Legal entities in healthcare blockchain
supported principles. Data security and privacy, however, architectures
have been identified as key objectives for healthcare
blockchains, and the lack of support for these features would The law covers relations among people and the things they
reduce trust in these systems. Confidentiality features can be own. At least since the industrial revolution, the law will
built on top of the blockchain using smart contracts. [37] consider human beings (or other legal persons) responsible
proposed a system for sharing medical records using for their machines’ acts. While blockchains may be more
permissioned blockchains for access control and smart secure than other approaches, courts can apply existing legal
contracts for monitoring and logging access violations but mechanisms to decide which parties bear the losses and
did not encrypt the underlying records for confidentiality. responsibility for damages. Legal risks do not vanish if
[38] proposed a mechanism for secure storage of medical healthcare services are provided or supported through
records for use with blockchains. Most blockchains require blockchains and smart contracts, etc. Whether DAOs could
some entity in the role of a “miner” to maintain the operation eventually rise to the status of a legally recognized person
of the blockchain through consensus decisions for remains to be seen.
blockchain consistency, blockchain checkpointing, etc. but
simple blockchains do not assure confidentiality of The actors that control the governance of the blockchain are
blockchains during mining operations. While basic not necessarily those using the blockchain. Disruptive
blockchain functionality excels at assuring integrity, evolution could strand users on an unsupported fork of the
additional capabilities (different to cryptocurrencies) will blockchain. The Ethereum and Hyperledger blockchain
likely be required to monitor and assure actors’ requirements systems used in a number of healthcare blockchain
for confidentiality and selective access. Confidentiality and applications are both open source projects that have some
privacy considerations in healthcare use cases may require form of governance through the open source community;
additional emerging crypto-technologies to enable patients’ open source, however, is a gift economy which may be
control of their data. challenged to timely respond to some users’ needs for
evolution and support of the blockchain. Private blockchains
4. LEGAL ISSUES whether organized for profit, or as non-profit consortiums
can provide an entity to control the evolution of the private
Legal issues can be seen as risks impeding design and blockchain, but at the cost of centralizing the function on that
deployment of healthcare blockchains. Legal systems have entity (e.g. what happens if that entity fails?). Decred and
4
geographic boundaries, but the distributed nature of Tezos , in contrast, build in governance mechanisms for
5
blockchains can cross those boundaries. Participants in evolution of their blockchains.
blockchains that cross the boundaries of different legal
systems may be subject to foreign jurisdiction. Both the legal A healthcare blockchain application could rise to the level of
system and blockchains can promote trust or undermine it. a smart contract; with autonomous (workflow) actions
[39] notes that blockchain can act as supplement, triggered by transactions as programmed in the terms of the
complement or substitute for the law. Where the existing smart contract running on the blockchain. A regular contract
trust architecture is generally functional, the blockchain would identify the parties involved and their roles or actions
application can act as an additional (supplementary) layer required as part of the contract and similarly a smart contract
subject to established legal rules, e.g. by enhancing existing defines the actors and roles associated with the contract. [41].
messaging or transaction systems with authenticated While the roles and responsibilities of actors in a smart
messages or transactions. Where the existing trust based on contract can be changed at design time, they cannot be
the legal system is insufficient or breaking down, then the changed during operation. The entities designing the smart
distributed ledgers of the blockchain could complement and contract may not be the same as those creating instances of
extend the existing trust architecture. As an example, if the

4 https://decred.org . 5 https://tezos.com .

– 176 –

191 192 193 194 195 196 197 198 199 200 201