Search
Follow me:
Search
Follow me:

Blockchain & Bioethics

Play episode

@DarshanKulkarni welcomes back guest @JimNasr to discuss Blockchain & Bioethics on this episode of @Darshantalks.

Darshan

Hey everyone, welcome to the DarshanTalks podcast. I'm your host Darshan Kulkarni. It's my mission to help you trust the products you depend on. As you may know, I'm an attorney. I'm a pharmacist, and I advise companies with FDA regulated products. So if you think about drugs, wonder about devices or obsessive a pharmacy, this is the live stream is the podcast for you. I do have I do have to state this is not legal advice, not clinical advice. I am an attorney. I'm not your attorney. I'm a pharmacist and your pharmacist. The advice we're going to talk with the advisor we're going to talk with is an expert in blockchain and distributed ledger technologies. But he is not your expert. So don't consider that advice as much as educational information. So all this is just educational, is for entertainment purposes. I do these podcasts because it's exactly that there are a lot of fun. I find myself learning something new each time. But it would be nice to know if someone's listening. So if you like what you hear, please like, leave a comment, please subscribe. If you actually like the conversation, please share and feel free to reach out. Please actually ask questions while we're having these conversations. So we love sort of interacting with the questions and sort of sharing them. If you want to find me, you can actually find me on Twitter DarshanTalks, or just go to our website DarshanTalks, calm. today's podcast, this podcast was actually a request, because we've had, we've had our guests today more than a few times. And with the last time we were finishing up, people were saying that we really want to hear back from him. So we had to bring him back quickly. And we're excited to have him on. And just for just to introduce him, and he doesn't need any introductions anymore. Because he is. He's a legend. Actually, I believe I believe that's the term we've used him before. He's a legend. He is the he's the CEO of a core. But he is actually an I'm an economist. In all seriousness, he actually is incredibly well known. And he is a person who is, in many ways setting up the standards associated with executing dlts in the life sciences. So our guest today the CEO of a core gymnasts are Hey, Jim, how are you?

Jim

Hey, gotcha, thank you for that introduction is always setting me up for failure. So

Darshan

it's good to have you on and the reason we the last time we had this conversation and people were trying to sort of asking these questions, is we were talking about NF T's. So when we spoke about NF T's there were a lot of questions. So let's start from the basics again, just to remind everyone, what is an NF? t? And how is that different from blockchain? And why should I care in the life sciences?

Jim

Sure. So NFT is really a kind of a token, right? It's a non fungible token, which means that, you know, you can't exchange it for another like token it's unique, it's globally unique. You know, a token really is a unit of essentially measure, but really unit huge of a value. For blockchain, for public blockchain, private blockchains certainly need this idea of tokenization, not nine disguise. Also tokenization is at the heart of security, for what's called a, you know, permissionless or a public network, the more tokens you have the more widely in and kind of evenly distributed that the more likely that the you're essentially hack proof, right? Because it's very difficult to hack, you know, like, like, 10s of 1000s of people who have, you know, kind of lateral stake or token, you know, in the network. But that's, that's really kind of tokenization.

Darshan

Let me ask you a question. You talk about non fungible being sort of unique, if you will, is that the equivalent of say, a MAC address? Because it is unique to individual devices? That a token?

Jim

Yeah, yeah, you could look at it that way. Yeah. Yeah. You know, essentially, a MAC address, if you like, and, you know, basically represents a specific device, right there, like your laptop, your, you know, your 13 inch MacBook Pro, or whatever it happens to be, and there's only one hop in in the world. Right? If, you know, again, I don't, I don't want to know, I have to go back to my back in the day, if you're reading about magnetars, I don't want to say that's necessarily completely unique, and there's no way of, you know, having a duplicate MAC address that that does happen. But then you get a notification. However, certainly with non fungible tokens, that is exactly the idea that, you know, it represents essentially, you know, it's a token is basically a long hash as long number, but there's no other number like that. And then it could represent anything. It could represent, you know, some some physical asset, it could represent, you know, essentially, financial assets. It could represent a digital asset represent a combination at that. You know, there'd be a reason going back to your kind of question, you know, is it is it different to blockchain? Of course not, right. It's a component of blockchain right? You know, but it's very hot right now for lack of a better term, because I think people are realizing that you can take non fungible tokens. And you could take all kinds of assets, including newly kind of, you know, imagine assets like, like, you know, for instance lebrons, official dying, get into the 2019, World Series writer, NBA championships, you know, and then basically have an authentic unquote, official version of that, that then is associated NFT, and then put that in a marketplace, and then somebody, you know, like, you could be a big LeBron fan or big basketball fan, you say, you know, what, I am willing to pay whatever the market rate is $10,000 for this, and then I am the official owner of it. And then assuming that in like, five years time, kind of like with baseball, trading cards, the value of that that dunk goes up, since you're the official owner, then you could have an arbitrage opportunity to sell it same five years and make like 10 times more more than money. And in fact, as you probably have heard that that's already happened, there's been stories about like kids, you know, bought NF T's, and literally, not overnight, but over a few weeks, the value of the underlying assets has increased by, you know, five times or 10 times that made a lot of money. That's the basic idea.

Darshan

But now that raises a few different questions, right? So let me let me go back to the Mac analogy. And give me the Mac analogy is you want to keep your mac address safe, because that prevents hackers from from accessing, and so you want that to be as private as possible. So how I've always understood it. What I hear you saying, though, is that the that uniqueness is what what works with NF T, however, it's going to be public by definition. So if it is public, isn't that a security risk? Like why is it different? And there's no

Jim

because you know, think of the nfda? Again, it's a big long number, right? Yeah, video reference to something else. Just because you have the big long memory doesn't mean that you know, what it references? You know, I'm saying, if I guess that's a fundamental component of like, how we built, you know, kind of art technologies, for instance, rice, as we've talked about before, you know, it's a technology where we essentially create a manage NF T's and associate them to digital objects, such as consent, like a patient consent, or is this a patient, like result of a patient, kind of remote, or rapid diagnostics, tests, you know, they the capture, you know, from from the test kit, that the long non fungible token number doesn't doesn't tell you what the actual information is, right? That's it, that's a reference to something that's stored somewhere else is an encrypted reference. However, what was very important, and this, this is the part that I think is really interesting, is that through that long, unique number, you can see that the trade off transactions, like for instance, you can see that you know, and on, you know, August 31 2021, you know, somebody with this long token number had a transaction and let's say the transaction was, you know, to record something onto a ledger, we don't know what that is. For the same token, like an hour later, there was another transaction and maybe that transaction with somebody like you, let's say you're your doctor, I don't know where you are, but or pharmacist actually, even more likely, you read that information. Right? So I created it, but now you read it, and let's say, you know, another couple hours later, you know, a third person, let's say something administrator approves it. So yeah, the trail of the transactions is recorded to that one NF T. But by just looking at the ledger, you can't tell really, who did what know, the ledger, the, you know, an access to the private information or the private key to decrypted. Now you could tell the full flow, right, but that's really where the privacy preservation comes in. So then I think there's a misperception that just because something is on a public ledger, you know, is not privacy preserving that is wrong, right? Because, you know, as I say, There's 1001 way to skin a cat. It's not that trivial that just because something is public, everything is public right now we're able to differentiate between something that's this a public auditable event or traceable thing that is useful, necessary and and really adds value. It adds traceability, it adds accountability versus you know, diet, you know, kind of like essentially divulging private information, patient information, financial information or other kinds of information that should not be, you know, divulge that way.

Darshan

So, so you talk about this idea of just because it's public doesn't mean it's not private, helped me a little bit more about how it can be kept private, is it the fact that it's a bunch of hash hashes or a bunch of numbers And that's the fact that you can connected one to one is what makes it private? If so, first of all, is that is that accurate?

Jim

Not quite right. So, you know, I think the hashing really is is referencing what this token ID looks like. You could also use encryption technology, or also hashing technology to encrypt the actual data or encrypt the metadata about the actual data. All that is completely possible. And what do you do, right, and, again, I'm going to give you a real example, when we're working around this consent idea, right? We have a client consent custody, we're working with them, their custodian, a fiduciary around consent. So you know, the NFT, the actual token ID is public, right? The transaction ID, which is which is a transaction that goes on our ledger, desk public, our signature, like a core signature, report, their signature, or encrypted, cryptic, cryptographic signature, that's public. And some metadata, for instance, mayday, that says, I get this transaction with a consent transaction, that's public, however, nothing else is public, everything else essentially is encrypted, and stored in the off the chain. And if you want to, if you're, if you're off the chain, if you're on the private database, obviously, after you have credentials you log in, and their security and normal things like this. But if an auditor Cotton's, if there is there is a need for discovery, and somebody says, Hey, Jim, you know, here's this, this NFT. And it basically references five transactions, all of which are encrypted, because we can't really tell what the transaction means, prove to us what they are, with the right, you know, with the regulator in place with with the right permission, business permission, we're able to traverse from the ledger to the private databases, and show Well, here's the actual transactions, right? Oh, as an example, if you're using GDPR, if a patient says, Hey, I want to exercise my right to be forgotten, or it can be deleted, right? You know, and then show me prove to me that this happened, we can show that, you know, here's a, here's our transaction, our database says, you know, dosha, has record has been removed or redacted, or whatever it is, you know, here's a corresponding, you know, timestamp, I'd like, like, an immutable time spent timestamp on a public ledger that shows a corresponding transaction. So they basically match. That's the idea.

Darshan

So So here's my basic question. I've never understood who, who gives these rights. So the person who sets up the the blockchain, that specific blockchain is the one who controls administrative rights. Is that correct?

Jim

No, no, no, this is so you know, again, there's multiple things, the blockchain piece really if using a public blockchain, there's some it's basically code, right? The code allows you to turn things. So really, it's in terms of like, what you're asking if I understand it correctly, the permissions. Who can do what what goes where that's really part of the application architecture. That's why like somebody like me, or my team would build you the right word for like, for instance, for a clinical trial, patient recruitment application. That's all like private application development, shorting the thing that really connects the public ledger to, you know, to what's happening privately, is when you create an example, when we create a patient, right, to be able to then take that transaction and have a reference, not everything, obviously, just some reference to that on a public ledger, which says, Hey, you know, this application created something, here's a transaction, ID, you just don't know much more about it. Right. You know, it allows a transparency and traceability, but it doesn't divulge your privacy.

Darshan

No, I get that part. But I'm afraid that question properly is what was what the problem is. Let me let me try that, again, let's take exactly the situation you're talking about, which is let's say we're going to, we're going to track a patient's consent, right? That that's something that your technology, for example, does, in this specific instance, we, we've got the patient so when the patient comes in, someone's got to assign that individual, a patient role of a different person comes in and they are the physician, they get different rights, and someone's gonna assign the physician role. Yeah. And, and then there's the FDA role. How, who makes that decision as to who is what role?

Jim

Yeah, you know, I mean, that that's your traditional kind of like, business administrator or your admin or whatever. And then those are really based on your business rules. Like for instance, when we were working with, with consumers, you know, and an idea, you know, right, we have a profile or roles for consumers who have slightly more permission and then less, you know, but it's mainly a read role. It's mainly like reading something, you know, sometimes there's a, you know, as we move on, there'll be right capability as well because they can initiate the consent directly. Typically, the right may come to an organization Because the consent was really done for a legacy process like a PDF or form, and now they're essentially writing that as a bundle as individual consent onto our database. So so all that really is done by the by the administrators if you like,

Darshan

which makes sense. And the reason I'm asking that question is, to me, that seems like there's an opportunity for fudging there. And the reason is, if I, for example, if I'm the administrator, and I mistakenly mistakenly assign someone, the FDA role, suddenly, I can access everything worse.

Jim

Yeah, I mean, that's completely true. You have to have other checks and balances for managing have nothing to do with blockchain. Right, you know, largely procedural, you know, this kind of goes back to things like your training and, you know, this, you know, around pretty much of HIPAA is is really about process and documentation, you know, much things like high trust and Sox, it is really about, like training and roles and policies. So it's, you know, I think it's, it's naive to think just because like, you know, I'm technologists, and we're talking about this at all, by technology, there's so much more to it, right? There's more nuances. I think, with good technology, you can impute some, like trust, some governance and some compliance, but it doesn't do everything and it can't like it can't think for you and kind of come up with, with the right. workflow and processes, right, because those things, I mean, maybe at some point, it could, but certainly not right now, I think right now is largely about you need to understand as solution developers, and organization what needs to happen, and then, you know, call upon the right technologies where they make sense.

Darshan

Which, which, which totally makes sense. But the question that comes out of that, for me, as we start thinking about it, is there a role? And is this something that is done where you put in those checks and balances? So let's say I assume I give Jim, the FDA roll by mistake? Is there a approved the last double check system? Is that something that happens right now, or that's realistically just not done?

Jim

Well, look, is it something that happens? I mean, from my experience in healthcare, it Yeah, happens. reactively? You know, it does happen? Because, you know, again, it's a highly regulated industry in and regulators do check in and you have to be certified for labs and things like this, and, but by Is it done practically? Is it is it done using blockchain or other like, like code based approaches where you could systematically, you know, kind of make sure that things are done as well as possible? Yeah, the answer is no. I mean, I get a really good example. Right? It's in the news right now. Right? So you probably know that Elizabeth Holmes, you know, see, right now is that the trial starts today. Right? And

Darshan

could you remind everyone what their nose is about before we jump into it?

Jim

I'm sure most everyone knows, but basically, is this, you know, kind of, quote, revolutionary Silicon Valley company that is able to take, you know, just a couple drop of your blood and basically, you know, through through a proprietary system called Edison, you know, kind of, essentially kind of diagnose anything that that you may have, like up to 200 tests, those are the claims. The reality was, it was a giant fraud, right, you know, for many, many years that they raised well over a billion dollars a company was worth over 10 billion, right? You know, they were, again, I don't john kerry row from wealthy gentleman wrote a book called Bad Blood, which is a very, very good book last, because I've talked about this, so I don't need to rehash that. But I do want to say, you know, is this like, um, and we know this because, again, I've read the book and and there's a lot of information about this, the regulators, but this was a highly secretive organization, which ironically, you know, Holmes was going around saying that one of the most transparent healthcare companies were says a lot about transparency about health care if you believe that, right. And again, you and I have talked about transparency and health care, which is generally an oxymoron. So you know, all to say, the regulators need to see what's going on. And almost nobody knew that there was a lot of like, like smoke and mirrors and a lot of shenanigans, a lot of lies, and frankly, a lot of bullying, a lot of no disrespect to you a lot of lawyer a, like David Boies, on this team. And, you know, I have a lot of information, there was a lot of bad things happening. My point, though, is is that, you know, if you had first Imagine if you use blockchain for for traceability of a data input and results that you received from theranos, right, if there was a public ledger kind of recording or references of the data, caption and results, given this idea of people getting results that that were somebody else's, or getting completely erroneous data without any way of chasing back whether or not that really was their plan. drug that would have been significantly lowered In my opinion, just because there's a public traceability angle. Also, we've talked a lot about NF T's, right? You can imagine, as example, this this whole again, it's completely ludicrous that somehow caught the government and or theranos, lost lost, basically years of clinical data results in a database right there in the US and hold somehow losted you know, in this day and age where everything's backed up, 1000 times over, right, you know, and we all know that. And then also, the government basically has a database is useless, because encryption key, you know, essentially has been provided, nobody has it. So so like, you could use a non fungible token, you know, with multiple admin keys, but you say, like, three out of five admin keys must be used to decrypt this. And then you don't have this singular key kind of concept. And that NFT, that non non fungible token could represent literally the entire database. So all to say that the ways in which we could apply some of these these things we're talking about, even to this kind of scenario, where, you know, obviously, it's an extreme example, it's kind of a heinous example. But this is more than just just frauds more than just that the loitering and all the craziness that they went through. It's really about the impact to patients, right, it's impacted human lives and erroneous information and stress and all kinds of other things not to kind of belabor it is all kinds of other things that that really could and should be prevented, right, you know, in every way. And if we can essentially shine some layer of traceability not traceability relying on one organization, traceability relying on a public ledger, where where journalists and third parties like you and I, or whoever regulators can actually go and look at the flow of transactions, you know, that we have, I think helped, right, it's not that would have not had been a silver bullet, don't get me wrong, this is way more nuanced, and then to trivialize it by saying blockchain would have would have been the difference, but certainly could have made a difference. And I give you another little thing here. And again, this is public knowledge, right? theranos spend more money on the lawyers when they were operating under engineers. So that kind of makes me think, where most of the priority, right was a priority, kind of maintaining the narrative and beating down anyone who essentially question the narrative versus building a truly, like, powerful engineering team could actually build this stuff. Anyway, long story short, I think there's a lot of ways is a lessons learned for all of us, hopefully, because nobody wants to repeat this kind of thing, right? It's just, you know, it's bad for everyone who is in this industry, whether we're technologies or healthcare or some kind of a cross section. But but I think this this idea of, of using the technologies we have available to us, that provides some kind of public traceability, some kind of public accountability, some kind of layer of trust, really important.

Darshan

So So it's interesting, you talk about that, because the part that really jumps out to me is this idea that if we had that level of public traceability, we could have prevented it. So in your experience, could be another thing. Maybe that's unfair, could have helped is a better

Jim

end of the day to regulators. Sure, yes. Because Because it's not going to be available for anyone anytime to read it. And it may not even make sense by the regulators to educate enough and if they are alerted what could be done, they could have made a difference, right? Because Because then we they were talking about regulators, all these auditability and unlike like, kind of logging and traceability all these things are really kind of tools at some point that regulators have to tap into in our industry. If you look at Bitcoin, you and I can go and look at every single transaction that's happening on the Bitcoin network, a wall time, right you and I can do it right? blockchain for that. We just, it's very, very simple for us to do it. And we can look at the full transaction by in this case of healthcare, but we can we've talked about but that is privacy preserving preservation idea, you and I cannot diagnose or not we cannot see the full picture we need the regulator's to step in so this is not a tool necessarily for for just any anyone in public to be able to like tell the full story, but we can certainly improve it.

Darshan

So but but I guess the point I was actually going after was do you see I guess I'm trying to understand what you're seeing the industry I'm what I'm seeing the industry is people first developed their products, then they say how can we optimize that and then add the blockchain or, or this other type of transparency protocols. So what I hear you almost advocating for is the flip side of that, which is build privacy build traceability into the system, the beginning,

Jim

absolutely privacy by design, like blockchain, and much of security relates infrastructure, right? You've heard me talk about this up before this, this idea that like You know, imagine that you're in your kitchen, right? And you know, and you're looking at options for you for your sake, and maybe going to your shower and looking at different showerheads and whatever, underneath the tiles, like the pipes that are going around your house, that's really that's infrastructure, right? You're going to build, like, you're gonna have this thing built on top of your piping for your kitchen. Right? That's really blockchain infrastructure. So So if you think about this, you know, kind of privacy by design. A trust layer by design is already baked in, this should not be an afterthought, right? You know, we're at that stage where you can, and you can do it, especially now I can do it in a way where it's actually economical, we can do it where it's not intrusive, it doesn't, you know, change, or it has very low impact on user experience. You know, and so that's exactly what I'm advocating, you know, if this is an afterthought, or some kind of a gimmick, you know, you missed the point.

Darshan

But But, so first of all, Jim, I know, you've had some experience with fuse, but I just thought it might be relevant to our listeners to see that the FDA is looking at exactly that type of approach, which is building in and creating a way to work with, with technology groups, to actually build privacy and build technology into the systems themselves. And this meeting is going to be on September 13, to the 15th 2021. So for those of you who are interested, feel free to jump in. But I guess the question I'm asking, Jim, is that I'm not thinking about myself, let's say I have a new new idea for a new product. It's gonna be the next great medical device, Allah, Thera knows, what I hear you saying is, you need to build privacy by design, you need to build a sort of traceability by design. But if I'm trying to raise the money to do it, I'm gonna have a much harder time convincing people to give me the money to to build privacy. What I haven't even proven that my technology itself works. So what is the magic? moly, don't think? Well, I

Jim

mean, I, you know, if you will, I think that's that's, that is a hypothesis that that we're gonna write, you know, that's, I don't know, if that's necessarily the case, I think especially now, I think we can, you know, you know, and again, I hear what you're saying, because you're saying, hey, like, that really wasn't the case before. So you know, all these people raise billions of dollars from VCs, they didn't talk about privacy by design, they didn't go out there and talk about a trust layer things like this. However, the narrative is changing, right? And I think there's plenty of evidence around this. There's this whole idea of data dignity, I think we've spoken about that this this idea that we're people don't want to be Facebook or Google Amazon's product, right? You know, because that's exactly what we're at. And the fact that four companies basically essentially ruled the internet was supposed to be always a decentralized platform. I think all those things are part of it. But But really, I think this is how you go about, you know, shaping your pitch is is you are a conscious income practive you know, startup and you're thinking about this, because you know, it's relevant.

Darshan

So I'm going to ask question, because I think is going to tie into another concept. We've been talking about privacy, we've been talking about identification using technologies like blockchain. How does this work? And then you just mentioned the the four companies that sort of control the internet. One of the things that's come up over and over and over again, recently has been this idea of a metaverse and Facebook is saying that we want to control it, Google's talked about it as well. I don't fully understand the concept. Have you seen this thing before? Or do you know what I'm referring to?

Jim

I've seen it I don't, I haven't looked into it in enough detail to really have a firm opinion.

Darshan

That's fair enough. Nine, honesty is great. What I was trying to figure out is, I don't fully understand what the concept is. But I imagine what it is is basically something similar to you'll have it you'll basically be in different formats. And at the same time, what I've been trying to figure out is, if that is the that is metaverse, if you will for lack of a better term. Will you be able to track your identity across all them? Or do you need multiple identities? And does that have an impact on the blockchain?

Jim

Yeah, you know, I mean, it's a it kind of raises a lot of this is why and again, I kind of know about this, but but it raises a lot of questions in my mind that I don't have great answers for, for instance, there's all kinds of ethical questions that come to mind, right? Which is to say, you know, if you have one identity across the physical world and metaverse and in the virtual space and all this, does that, you know, how does that protect your your rights does that protect your privacy? Does it In fact, it doesn't even make sense. You know, if you all these things are things that I'm not sure I certainly haven't thought about in huge detail. But then beyond that, then there's this idea of, okay, like, and we talked last time, I think, but identity, if we had, and we don't, right now we're nowhere near if we had this idea of a decentralized identifier, identifier, so called, we're using a blockchain technology, there's only one unique identifier for me as an individual, right, and then it's got all of my various attributes and things that I do or whatever, as I choose to reveal it as I choose to, to manifest it, you know, it's available, download work, because then you, essentially you on your phone away, ever have a way of controlling, or at least knowing that your identities in one is singular and unique, but also is being referenced in these places. But right now, we don't have that right now, you know, I am one persona and personality and ID on Google, I'm a whole different one on Facebook, you know, and so on, and so forth. They're not the same nevermind your healthcare, where all of us have seven or eight to 15, different, you know, profiles and, and kind of data associated to us. So I think to me, honestly, the thing that comes to me the most is this idea of the ethical lines around this. And I think this is one that that really requires some thinking.

Darshan

So it's interesting, you talk about the ethical lines, I think that's really the big question, right? It's, it's, that to me, the biggest ethical question is, should Facebook or LinkedIn or Microsoft, or whoever you want to use have the ability to know who I am across these different platforms? On the other hand, who should should the government know that? For example, as we know, China does monitor people across the internet? Yeah,

Jim

that's interesting. I think the answer is, I mean, my my thought is no, they shouldn't. They're independent organizations who are profit oriented, have their own agendas, even after the ship, if you singularly This is the idea of a decentralized enterprise. If you had your verify credentials, and you had it, you had an ID that you control as an individual. And then this is where the whole I get the consent of the blockchain comes in, you provided consent percent organizations, to maybe use your information or your ID in different contexts or go across different applications, because it makes sense to you, then, yeah, sure. Because you as an individual are empowering all that to happen, as opposed to somebody else making decisions on you. Or frankly, all of it happening without any of your knowledge, which is exactly what's happening now. Right, you know, and it's the number of companies right now that are working to billions of dollars none of us know about this is not the Googles of the world. Yeah, nope, Ivan but they have massive profiles, but every one of us and then make huge amounts of money because of it like pounder. There's a few I, I don't I don't want to name.

Darshan

Don't name them. I don't have to worry about it. But yeah, but

Jim

But yeah, that's the real I mean, we know it's there, you know, yeah, we have come across it. And I think that is wrong, right? You know, yeah, yeah. One that disproportional power, you know, over individuals and individuals really have very little say or knowledge to man is can get extremely unethical. I mean, extremely unethical. And, and even if it's just not verted, right, you know, hacking happens and things like this, even if it's purely accidental. It's a huge explosion.

Darshan

So that really raises that that next question to me, which is this concept actually discussed yesterday with another guest I have. So if people are listening in, I had Shula on yesterday, and Shula and I were talking about blockchain as well. And one of the things we're talking about is under GDPR, and under ccpa, etc, you have a quote unquote, right to be forgotten. And, and which is great. Sounds like a great idea. But it is a it is a up in right in that you have to ask to be forgotten, as opposed to an opt out, right, which is you're automatically forgotten after a certain amount of time. GDPR, I believe has some opportunities for that. Do you think that as we move towards a more privacy by design, structure, using technologies like blockchain, we will land up with a opt out designed for privacy where people will be forgotten after 30 days and you have to re establish and renew identity, if you will. And that is it's helpful that

Jim

I mean, I think, you know, again, unfortunately, it's goes back to regulators, right? Because somebody come up with your scene or someone is going to have to come up with policies and laws and then enforce it right. And my big worry and again, I just I'd work with the government and in various chapters before My big worry is is other regulators aware enough? You know, and there's, there's a number of issues that there's there's inertia that there's there's lack of real knowledge, there's, you know, all kinds of things. But are they really aware enough to kind of do this? Because the alternative is all that easier. Right? You know, that's the first thing. The other thing, though, I think, is all to do with, you know, where do incentives line up, right? Because if you're looking at somebody like Google, right, there are all these big organizations, the incentive, right, this is not to nudge you to be more compliant, right? Or more aware, or more individual rights oriented, the incentive is for you to do what is best for that. So you know, and again, we have the same issue in healthcare, right. But one of the biggest issues, if not the biggest one is misaligned incentives across the different stakeholders, right? No big stakeholder, you know, in healthcare is is aligned to collaborate with another big stakeholder. We know that right? So I think these are the kind of the rubber hits the ground, you know, problems? Because, you know, I you I mean, is Google really ever gonna nudge us to kind of not opt in? I don't I don't think so. Right? Yeah. But he's comes and says, you know, hey, Thou shalt not do this, they won't generally do it.

Darshan

It's interesting, you talk about that, I think that regulators are going to have a much bigger role to play if they choose to take it. The question is, do they have the knowledge base to do that, and we can have a whole discussion about that next time, because we are my friend. I know, you know that I am 15 to 20 minutes conversations, were 37 minutes so far. So as always, just a super fun Converse conversation. So thank you for coming on. You know, I'm gonna ask you four questions. So So the first question, what's something you want to ask the audience based on what we discussed,

Jim

I really wanted to see if anybody else in the audience is as you know, kind of fired up further, maybe it's the wrong term, but but just just worried about what's going on with, you know, with the turnoff isn't the news, but worried in the context of, you know, is it just going to be another big loitering exercise because a lot of money is involved, and it will just be shoved under the carpet, because that's what I'm worried about, right? At the end of the day, this trial would go to mid December and a year and a half later, right? You know, what we hear is, is hey, you know, Elizabeth Holmes got off with that, you know, little kind of tap on the bag, let up, you know, hey, you shouldn't have done this. But you know, life is okay type of thing. Because I think what that's gonna do is, is send a message out there that you can literally do whatever you want to do. I can there's no repercussion, I bet at the highest scale. So that's, that's what's on my mind.

Darshan

That's a really interesting question. So I'm gonna, as you know, I try to answer the question, give you one opinion, and going from there. I think that I have theranos fatigue at this point, in that, for the last five years, we've seen this probably would have would have cared a lot more probably about five years ago. I there's a aspect of me as a lawyer that wants justice done. The question is what is justice? And I think on one hand, I think she definitely needs to be held responsible for fraud to the extent that that was perpetrated. But But I'm less, I'm less worried that you won't be held responsible for that because there are some very, very strong hours, the powers that be that are going to hold responsible everything from the DOJ to a multibillion dollar venture capitalists and the like, we're going to say You took my money and you committed fraud so I'm less worried about that. The question is what what is the bigger worry? Is there the argument that she should be criminally charged in which case I don't know the charges, but I expect that criminal charges are in there anyways. So to me, the loitering exercise as you put it, is probably a good thing. I I want my lawyer to fight for me. And, and yeah, I don't I don't really have a problem with that. But I see you say, from your perspective, I think you think that she's going to try to weasel out and I don't think she can there's not much

Jim

I mean that this is this is why this is where I'm you know, that's why I'm asking the question because I think Yeah, raise this Bengali defense, right? That you know, she was Yeah, for for 15 years without a name plus some, you know, some old older gentleman that she was having an affair with and nothing that she said or did or all, none of those, you know, 20 or 50 you know, fortune and Forbes covers were on doing that. I mean, that just means such an age. I think You know, if people are able to get away with that what that says is like this this culture, you know, will propagate itself again, we saw an area right, you know, and that the the rapid, you know, the COVID rapid test results, you know, and the company making up 10s of 1000s of results. Thankfully the regulator's, you know, caught that, but I think this this idea that you can basically, you know, especially healthcare kind of more or less charlatan your way through these things, I mean, it's really alarming.

Darshan

I can I can respect that I can see the concern that you have, but I think I'm gonna hold my judgment until I see. I think that people are throwing things at the wall. But I don't know how likely it is that will stick. I think the next question is, you know, that I'm going to ask is, what is something you've learned in the last month that you think the audience might be might find interesting?

Jim

Yeah, you know, we talked a lot about NF T's. You know, last couple conversations, I think what I've learned, you know, is actually that, and I mentioned it briefly in our conversation, that it's actually quite possible to have a pretty sophisticated way where you can essentially democratize how an NFT could be, you know, essentially decrypted, or either hide the data from it, but not the actual token, obviously, if you do it, and you do it correctly, it could be done in a way where, you know, even like, going back to their nothing, you could have the FDA as an example, as a regulator you could have, you could have to, you know, the defendants and the prosecutors, you could have the companies, you could have a collection of be be able to essentially be represented, and then, like something majority of them will have to be involved, you know, and of course, that's the only that requires some kind of a process to be able to then, you know, like, let's say, decrypted data as an example, in this case. So I think that's, that's interesting. I guess that's it, there's quite a bit sophistication around this. And that's one of the things that we've just discovered. And I think that's good, because it just gives you more options.

Darshan

So one of the things I wanted to ask you about though, and we didn't get a chance to get into this, and this is to me a conversation that's gonna come up in the next next talk that we do is I'd be curious on your take on this. That the hacking of cryptocurrency because I've always sort of thought that the entire point of Bitcoin the entire point of blockchain was it's relatively unhackable.

Jim

Right, you know, so block Well, the Bitcoin network is has never been hacked. But this idea of cryptocurrency ice, this is so easy. I mean, it's, it's, I mean, actually, I would, I would venture to say, way more than 600 million has been lost, just because people forgot their private key, or they forgot where they store, you know, their 12 word, you know, kind of recovery phrase, right? You know, or the hard drive where the word where the Bitcoin was stored was lost. I think that's, you know, so I think blockchain and in the Bitcoin network, they're really separate from this cryptocurrency heist, because that really has been happening at the wider exchange level, not at the network level. If that makes sense. You're still there?

Darshan

Sorry. I hear you. But when you look at this, it says the amount of money you have, is one of the biggest in defy history. Yeah, for me, it's not a loss of password kind of situation. This is

Jim

no, right. This is where the exchange has been hacked. Right? Right. There's been I mean, that's happened a number of times, right? So that right, next change, really, you know, again, imagine and I'm just gonna kind of lay this out. So imagine a cooler you know, we build a cryptocurrency exchange, we built our software, we put it on Amazon secure cloud, or whatever it happens to be, you know, we're doing interactions and transactions from the Bitcoin network, the public blockchain, but our software is is where your you know, your personal account and profile is stored, and your you know, kind of your like, your private, your public, kind of, well, the public key get that goes with your private key, desperate, that's stored, and that's where the cryptocurrency is being managed. That's really what we're talking about. So that's, it's that scenario of being hacked. As you can see the exchanges being hacked.

Darshan

So it's not so what you're saying is it's not the actual chain itself.

Jim

It's not for some Bitcoin itself. It's really the software that third party developer like us as example or any other third party developer built that leverages the Bitcoin network.

Darshan

Good to know. Um, thank you for that clarification because that's a pretty important clarification. Um, the the third question I have for you, as you know, is what's something that's made you happy in the last week?

Jim

Um Gosh, I think this conversation It was really quite thought provoking as always, and I do want to go back I'm just thinking about the last question Darshan, I think it would be remiss if I didn't, if we one little additional thing so like you have an exchange it's a whole lot more convenience if you like to retain your cryptocurrency on an exchange, you know, you going there and kind of like if you use I don't know, Charles Schwab or TD Ameritrade or whatever, but you do have because it's decentralized you do have the ability to essentially take your your money your cryptocurrency and put it you know, on your own wallet, or just like, you know, take the essentially chance fearing for yourself, which means now that you are solely responsible for your cryptocurrency, right? That crypto exchange doesn't have your cryptocurrency, data, your account, but the actual money, quote money, that's not there. Now most people that don't do that, right? Most people they leave their cryptocurrency on the exchange is easier in terms of trading, you don't pay fees to transfer it back and forth. But now you're susceptible to an exchange being hacked, and losing your money, right? Because if you did get money, and you basically put it you that the numbers essentially that you transfer and put on a QR code on a piece of paper on your own wallet or wrote it down somewhere. Now you're solely responsible for it. So if somebody hacked that exchange, it wouldn't steal your money. This is somebody else's, but not yours.

Darshan

Which again, speaks to the maturity of these, these sort of systems in that I've never worried about whether TD Ameritrade or ETrade is going to get hacked. Like I expect that they'll manage it, and they have systems in place for that. But

Jim

yes, they're FDIC insured. Right, you know, say, Well,

Darshan

I don't think I don't think trade trade systems are FDIC insured.

Jim

Now, maybe they're not but certainly banks. Right. Banks are absolutely consider your your cryptocurrency exchanges as some kind of holding. You obviously don't have FDIC insurance.

Darshan

Right, right. Um, and as you know, the going back to the questions that we do, how can people reach you, Jim, and I've been flashing it all throughout the whole thing, but how can people reach you?

Jim

Yeah, just the usual Twitter or LinkedIn.

Darshan

Perfect, and just to Jim's being modest, but if you have a technology and you think that Jim can help you, you can go to Twitter at Jay Nasser or you can go to LinkedIn and that's still Jay Nasser, and he is very easily reachable. And Jim, it was wonderful as always having you on and hopefully we can have have you back soon. I know you're very very,

Jim

thank you.

Jim

This is the DarshanTalks podcast, regulatory guy, irregular podcast with host Darshan Kulkarni. You can find the show on twitter at DarshanTalks, or the show's website at DarshanTalks.com.

More from this show

Recent posts

Newsletter

Make sure to subscribe to our newsletter and be the first to know the news.