It's Time for Decentralized Communications
A conversation with David Iseminger and the IronWeave marketing team on the need for decentralized communications apps. David explains how IronWeave is creating a new type of blockchain infrastructure that will enable decentralized Real Time Communication (RTC) dApps for text, voice or video.
This interview has been edited for length and clarity.
The Problem
IronWeave: There’s a growing awareness that the communications apps that we have all come to rely on for personal and business communications are not trustworthy. Messaging apps, Zoom, Google Meet, Slack and similar companies are in the news. The claim is, they put our security and privacy at risk. Is this concern warranted?
David Iseminger: When you send text, images or video,it goes through a central repository. And you don't have the keys. Those keys enable someone to access that data are also held centrally by Zoom for example. A recent article highlights the Zoom user license or the EULA that says it can take that information, store it, dissect it, share that with partners, et cetera, where they were grabbing that information.
Zoom initially, I understand, was grabbing that information and farming it off to Facebook for people who had Facebook accounts or even for people who didn't. So the problem comes down to privacy and the corollary is security. If those real time communication services are aggregating that data and sending it through their servers, storing it on their servers - whatever, in the end, they quite possibly, quite probably and almost certainly, have the keys to decrypt it and get that data and use it for whatever reason that they desire.
In the 2023 IBM Cost of a Data Breach Report, 95% of breached organizations surveyed experienced more than one data breach.
IronWeave: Right. Is the same true for the encrypted apps, WhatsApp and say Signal?
David Iseminger: So for encrypted apps, messaging apps, for example, that are encrypted where those keys are held on a central server, they're supposedly private. But the keys are kept on a central server. You are just hoping that they're being good actors wherever those central servers are, and that they're not using the keys that are on those central servers to decrypt what you're doing.
And so in the end it comes down to, again, if those keys are not only yours and only accessible to you, and if they're stored on a central server, whether your data is encrypted or not. That data is only as secure as those keys that are stored on a central server. Not your keys, not your tokens, not your keys, not your data.
Why It Matters
In the first three quarters of 2023, one in four people in the US had their health data exposed in a data breach.
IronWeave: Why should a normal, law abiding person care about privacy?
David Iseminger: The example I give at times is, privacy is a mechanism for security. And freedom and safety. If somebody can aggregate data of yours that’s gathered from various places, it could say, Okay, you just did some sort of value exchange where you transferred some of your ETH into cash, or whatever.
And then, oh, it found out that your calendar, your online calendar, that's not properly encrypted or secured, says that you're going to Mexico. Oh, and it says something else. Well, if they can aggregate that data, then all of a sudden, they know you're going to Mexico and can figure out where you're staying, because they go and crack some sort of messaging app that you have, that lets them know you're staying at some resort.
Then they could find out you're there where you're vulnerable or they could say, ‘They're not going to be home. Let's go ransack their house.’ There are all sorts of implications, that for privacy and security, that protect good people from bad actors. And it's not always for profit. It can be a multitude of different things.
None of which should be subject to a third party seeing just because you're interacting in the world. Our world is increasingly online and digitized. Just because you're interacting in that world and you want to be pretty private and secure doesn't mean you're up to no good. And it doesn't mean that that implication of security and privacy are being secured against good people who want to make sure you're doing the right thing.
That’s some sort of nanny state. No. It's mainly about protecting good people from bad actors who would otherwise be putting you at risk, whether it's you or your property or your health. And doing things that, with access to information about you that you otherwise wouldn't want them to have, and there's no reason for them to have.
What’s the Fix?
IronWeave: Right. So, bringing it back to IronWeave, What solution can IronWeave offer, and to whom?
David Iseminger: Great question. That brings us to the idea of decentralized real time communications. And that can be - real time communications can be anything from texts to videos, to video chats like this.
So, the advantage that IronWeave has is if it's your chain, it's your keys, and you have basic sovereignty over the data that's created with your chain and any interactions you have. So, on IronWeave, you can create a real time communications app that only interacts and only shares the data created in that real time communication with you and whomever you're interacting with.
Whereas Zoom and other real time communications platforms aggregate all that data into some central server. They let everybody connect to that central server where data is being created and stored in real time there. That’s the centralized paradigm.
In contrast, IronWeave is what you could call a kind of a centralized hub and spoke. In IronWeave, the fundamental architecture enables an unlimited number of chains. And each of those chains could engage in a real time communication with the other without having to reconcile that or store that or connect to some sort of centralized server.
So, in IronWeave, you have a technological architecture that enables real time communication to go between two chains, not to some centralized location and then out. All the data in there is protected, secured, and encrypted in the same way that any interaction in IronWeave is secured. The important difference in IronWeave and, for example, other blockchains is that the block creation time is so fast, measured in milliseconds that it enables real time communications.
IronWeave: So if you and I establish some kind of communication link, be it text or video, we're creating a shared block?
David Iseminger: Yeah. Well, you're probably creating a whole series of shared blocks between us, but yes. Your Chain. Your Keys. Your Data.
IronWeave: Okay. And who has permissioning rights to safeguard the data on that shared block or shared blocks? Could I have a conversation with you and as a participant have access to that block or blocks and then grant access to someone else without your permission?
David Iseminger: So, currently. In the existing paradigm, the idea of sharing is that, without any other further constraints, yes, you could share that data with someone else. Because you can create block types of any type with constraints that are necessary. But if you need to have a super secure conversation, for example, you could create and define a block type that does not allow for sharing.
IronWeave: Would that have to be a property of that block type?
David Iseminger: So if we were defining a real time communications mechanism and it was set to Secure Communication, for example, “No Sharing”. That is simply a mechanism of the block constraint such that when we engage in that conversation - it could even have a badge in the corner of the real time communication - that said, I'm private and unable to share.
If you attempted to share it, you wouldn't be allowed to. So that's where the flexibility comes in because there may be requirements for highly secure communications and you would simply use that block type. For example, let's say there's an entire category of block types that's called RTC.
Real time communications and you could have an unlimited number of block types as templates so to speak that said okay, ‘Shareable’ or ‘Not Shareable’. You can even set different types of encryption on that if you have highly sensitive data or highly sensitive conversations or communications that you're going to have.
IronWeave provides the ability to create your own custom block types and block categories that intentionally provide, effectively, an unlimited amount of flexibility in the sort of interactions and how you control them.
And importantly, how you control them, not somebody else. It's your data. If you initiated the interaction, it's your creation, your data, and you can put whatever constraints or freedoms on that that you want.
There are all sorts of things that can get dicey when you have platforms that don't have privacy, security, and access rights built in as inherent core elements of the architecture. And bolting them on can get difficult. With IronWeave, we intentionally designed the entire shared block architecture to have security, privacy, flexibility, and the idea of sharing in various levels of access rights to be built at a block level. That’s a better solution.