Skip to main content

From the doctor to the DMV, blockchain can make governments swift and secure

estonia e residency card
Estonia is the first country to offer e-Residency, a government-issued digital ID available to anyone in the world e-Residency

Although most commonly associated with cryptocurrencies like Bitcoin, blockchain technology is also being used all over the world for many intriguing purposes. One of the most impactful could be the way in which governments themselves are using it to ensure that the data of citizens and political figures are protected, from both other nation states and themselves.

In some cases, that’s already been realized. From protecting the integrity of citizenship data on government databases, to proving that your next second-hand car won’t kill you, blockchain has the potential to enable trust in data like never before – even if you don’t trust the government behind it.

Estonia is leading the way, but not as much as some think

“People always come here and say, ‘oh, Estonia, it is the country of the blockchain. This is some sort of misunderstanding,” Federico Plantera, of the E-Estonia Showroom, told Digital Trends in an interview. Although Estonia has leveraged its “Keyless Signature Infrastructure” (KSI) system since 2012, there is some debate over whether it can be described as a blockchain.

blockchain beyond bitcoin

This article is part of our series “Blockchain beyond Bitcoin“. Bitcoin is the beginning, but it’s far from the end. To help you wrap your head around why, we’re taking a deep dive into the world of blockchain. In this series, we’ll go beyond cryptocurrency and hone in on blockchain applications that could reshape medical records, voting machines, video games, and more.

As Plantera described it to us, KSI is its own variant of blockchain. It grows on a linear scale related to time, rather than the number of transactions. Due to its predetermined number of nodes, it retains a fast and consistent confirmation time for data changes and additions. As advanced as it is, however, it isn’t as far reaching as some might think.

Estonia’s digital infrastructure started development at the turn of the 21st century. What began with electronic tax filing in 2000 slowly morphed into a system that handles the country’s population register, electronic ID cards, internet voting, and health records. All this is facilitated by X-Road, the core component of the Estonian government’s digital data.

The X-Road is a system of connected government databases. It facilitates the confirmation of data points, without moving the data itself around. As Plantera describes it, “It’s basically a government office that keeps all the data there and is available 24/7. If there is […] a company that provides public transport that has to check my place of residence, [for example] that check can be done, say at nighttime, because the system is fully automated, and the data is always available.”

The blockchain’s role in this digital ecosystem comes down to security and data integrity. In the diagram (“x-Road” attached on card) that describes the Estonian system, it is represented as “security servers.” A cryptographic hash function, or “digital footprint” of the data – crucially, not the data itself — is duplicated across many nodes, much like the blockchains used in cryptocurrencies.

X-Road introduction (short version)

However, most blockchains have no limit on the number of confirmation nodes. The KSI blockchain’s Estonian developer, Guardtime, maintains a limited number of nodes, or participants, as it describes them. Those participants are controlled both internally by the government, and by external entities. If any data is altered without notifying all the other nodes, it can be quickly discovered and rejected.

One unique participant is a ‘physical node’ — the Financial Times newspaper. Every issue contains a printed copy of the data’s hash. Even if some external or internal actor were able to compromise or gain control of every node connected to the KSI blockchain, they would never be able to effectively rewrite the blockchain’s history, because it could be checked against the physical, printed copy. Any nefarious actor would have to somehow change tens of thousands of printed newspapers to hide their tracks. Recovering from an attack using the printed hash wouldn’t be fast, but as a failsafe and warning against attempting to make major changes to the blockchain, it should be very effective.

Blockchain Estonia
Toolbox Estonia

“The blockchain basically protects all of the information exchanged at the government level,” Plantera said. “All the government institutions use the blockchain to protect the integrity of public information that is exchanged on the X-Road.”

Estonia implemented this system in response to cyber attacks in 2007 which stalled the computer systems of major banks and some media outlets, and even made the country’s ATM services unavailable for some time. Although Plantera told Digital Trends the country saw no long-term consequence from the attacks, it prompted the development of the KSI system, and Estonia’s eventual implementation of it in 2012.

“Since we started using the blockchain, we always know when there is a cyber attack and where it’s happening, because we can detect it straight away,” Plantera said.

Trusting three letter agencies – even the DMV

Though Plantera told Digital Trends that Estonia has no plans to expand its use of blockchain technology as part of the E-Estonia system, GuardTime is constantly iterating and expanding its services. It recently signed a partnership with Verizon to deliver similar protective technologies to large enterprises and government agencies, and the mobile carrier plans to announce its own set of KSI-backed security products later this year.

“Government institutions use the blockchain to protect the integrity of public information.”

GuardTime isn’t the only organization experimenting with the potential of blockchain solutions to governmental problems. Fluence, a startup developing blockchain database technology, sees great potential for improving trust between government departments. If more government entities can rely on the integrity of data from partner agencies, then sharing information should make many facets of government more efficient, while also improving security.

“[Governments] can install a permissioned blockchain to their departments and have some trust and storage between different government agents and departments,” Fluence CEO and co-founder, Evgeny Ponomarev, told Digital Trends. “The thing about a decentralized database, is it can be permissioned, it can be used by government [to engender trust].”

[infogram-responsive id="aff5580f-b40b-424d-86d6-1c1a177cbdac" title="How Blockchain Works"]

Governments around the world often lose sensitive data due to mishandled physical media. Strong, permissioned data sharing over the blockchain could make that a thing of the past.

HashCoins, most commonly known as the operator of cloud mining company HashFlare, was recently asked to conceptualize a system for the Belarus government to handle a protected, distributed database of car components and service histories.

“[Belarus wants] to have a vehicle registry [built on blockchain technology],” HashCoin’s Product Development and Public Relations Manager, Edgar Bers, told Digital Trends. “That register would contain more than just VIN numbers, but also the serial numbers of the engine parts, so you could always check whether something has been changed or not. All the cases where accidents [take place] are also logged – it’s like a car passport. It has all the information about the car’s history. Car inspections, fines, everything.”

While many countries have systems for maintaining detailed information on a car and its parts’ history, they aren’t always mandatory, and rely on paper as much as digital records. A blockchain-based system would guarantee the integrity of the data, highlighting where proper records hadn’t been kept, making it harder for fraudsters to cheat potential car buyers.

“Automotive production companies, retailers, car shops and mechanics [would use it].” Bers said. “All these places would have access to APIs, so if you are a licensed service who is allowed to make technical checks of car equipment, you would do that and then put all of that data you have received and put it all into the system as an authorized body, so next time something happens with the car and it appears in the blockchain that the car service says that engine is fine, but it turns out that the engine is not fine, it will be easy to see who to blame.”

Classic car scams, such as rolling back the mileage, would be nearly impossible to pull off if a distributed network had note of a car’s real mileage, updated each time the car entered any legitimate business for repairs or servicing. Such a system could easily operate across borders, making it much harder for the scam of importing cars and rolling back the mileage to trick local buyers, far harder to achieve.

Governments protecting against governments

The main purpose of blockchain in governance, at least in its current guise, is data integrity. That’s what it’s used for in most cryptocurrencies, too. It creates trust in the currency’s validity because no one entity can change it without everyone knowing.

“No one from the government could change what the blockchain says.”

In the case of government data, that makes it harder for other nations to hack it or rewrite the data’s history. Estonia says it’d be difficult for anyone to interfere with its digital voting infrastructure, or health records, without giving themselves away. Adding a blockchain layer to a government’s digital ecosystem even prevents the government from altering the historical record. It can’t change one database entry and cover up the logs – it’d have to change every single entry. Even that’s impossible because physical nodes, like the Financial Times, exist.

In Estonia’s case, “It works bi-directionally,” Plantera explained. “It works for the citizens. It prevents against cyber threats from the outside, and works for the government in a sense that no one from the government side could change what the blockchain says, and what has already been encrypted and protected by the blockchain, in terms of data integrity and privacy.”

How the US government is using blockchain to fight fraud | Kathryn Haun | TEDxSanFrancisco

At a time when collective research suggests that the public’s trust in government is at an all-time low, blockchain technology offers a potential avenue for improving trust in at least the data we are presented with. If the data that underlies policies and discourse can be guaranteed, that could form a better basis for discussion, and make it easier to avoid some of the confusing, often erroneous reporting that has become so common worldwide.

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more