数据确权需要技术与法律规则的相互融合,我们此前已经对基于区块链技术的数据确权做了专门总结。和元宇宙、NFT一起,Web3.0也是近段时间人们对下一代互联网讨论的热词。其核心思想是将生产和所有权交还给参与生态、使用平台的用户,而不是由互联网平台或者说控制互联网平台公司的少数人拥有。和NFT一样,Web3.0也由区块链技术支持得以展望和实践,不过目前仍处于早期萌芽阶段。也有观点指出,互联网经过30年的发展,如今正处在Web2.0向Web3.0演进的重要时点。本文以一个实例为对象,对基于Web3.0应用的数据确权方案予以总结。
The idea is to return production and ownership to the users involved in ecology, using the platform, rather than to the minority of companies that control the Internet platform. Like NFT, Web3.0 is also viewed and practiced by block chain technical support, although it is still in its early infancy. There are also views that the Internet, after 30 years of development, is now at an important point in the evolution of Web2.0 to Web3.0. This paper is aimed at one example and summarizes the data validation programme based on Web3.0 applications.
1
Web3.0 简介及其数据确权概述
Web 3.0是一个互联网版本,通常基于开放的API、开放的软件和区块链等技术,创建利用AI和分布式计算的智能网络 。1纵观互联网环境的发展,Web1.0处于互联网普及的早期阶段,只能提供“读”服务;Web2.0加入了“写”功能,实现了用户与网站的交互,但跨站点脚本攻击(XSS)、跨站点请求伪造(CSRF)和SQL注入等网络攻击导致了大量信息泄露2等数据隐患;Web 3.0继续扩展读写交互功能,并通过区块链等其他技术,聚焦隐私、数据、权利和审查等问题,实现更安全的网络环境3。
Web 3.0 is an Internet version that creates smart networks using AI and distributed calculations, often based on technologies such as an open API, open software and block chains. 1 Throughout the development of the Internet environment, Web1.0 is in the early stages of Internet penetration and provides only “reading” services; Web 2.0 has been added to the “write” function, allowing users to interact with websites, but cyberattacks such as cross-site script attacks (XSS), cross-site requests for forgery (CSRF) and SQL injections have resulted in a large number of data leaks; Web 3.0 continues to expand reading and writing interactive functions and to achieve a safer network environment through other technologies, such as block chains, focusing on privacy, data, rights and censorship.
在Web3.0的构想中,用户数据可以使用IPFS传输协议分布式的数据库存储,并将区块链作为核心技术。区块链不可篡改、信息透明等特点从机制上确保任何想要获得用户数据的行为都需要获得用户自身的授权,从而保障用户的数据确权和价值归属。而IPFS协议4作为区块链的主流底层存储协议,将文件拆分为若干大小相等的文件碎片,并将碎片及相关文件的哈希值分布式存储在不同的数据库中。未得到授权时,他人无法通过哈希值单向破解原文件内容;即使通过枚举等方式暴力破解,也只能得到原文件的部分内容。且同一哈希值会被备份存储于多个数据库中,当权利人请求访问时,协议会自动计算并调取最短路径数据库中的内容;而当一个数据库损毁时,备份存储的方式也能尽可能保证原文件完整性不被破坏。
In the Web3.0 concept, user data can be stored using the IPFS transfer protocol distribution database, with block chains as a core technology. The blocks chain cannot be tampered with, information transparency etc. ensures that any attempt to obtain user data requires institutional authorization from the user itself, thereby guaranteeing user data validity and value attribution. IPFS 4 serves as the mainstream bottom storage protocol in the block chain, dissecting documents into several file fragments of equal sizes and storing the Hashi distribution of fragments and associated documents in different databases. Without authorization, others cannot decipher the content of the original file in a Hashi single-way way; even if broken by way of example, the same Hashi value is stored in multiple databases, the agreement automatically calculates and retrieves the contents of the shortest path database when the rights person requests access; and when a database is destroyed, the back-up storage method can also ensure the integrity of the original document as much as possible.
Web3.0作为网络生态的新兴发展方向,其上搭载的平台与软件在数据确权方面也贡献出了新的实践方案。
As an emerging development direction for web ecology, the platforms and software on board have also contributed new practical programmes in data validation.
2
Web3.0的数据确权应用:以Swash为例
(一)Swash简介 5
(i) Swash Introduction 5
Swash是一个于2019年在英国启动的项目,由4位联合创始人共同创立,其宣称的使命是“通过将利润回馈给人们来创建公平的数据经济”(To create a fair data economy by giving profits back to people),官方首页如图1所示。根据其官方网站的当前信息,其安装量到了22万,收集的数据点达到1亿,向用户分配的数据利润为100万SWASH代币。
Swash, a project launched in 2019 in the United Kingdom and co-founded by four co-founders, claims that its mission is “to create a fair data economy by giving benefits back to people” (To create a fair data economy by giving benefits back to people), as shown in figure 1. Based on the current information on its official website, it is installed at 220,000, collected at 100 million data points and distributed to users at a profit of 1 million SWASH tokens.
图1 Swash的官网首页
Figure 1 First page of Swash's official network
Swash是Web3.0中一个由工具和服务组成的生态系统,其中个人、企业和开发者可以通过汇集数据、安全共享数据价值并从中获利等方式释放数据的潜在价值。Swash致力于重新构想数据所有权,使数据经济的所有参与者能够在流动的数字生态系统中获取、访问、构建和协作。Swash系统设计的四大关键原则:
Swash is an ecosystem of tools and services in Web3.0 in which individuals, businesses and developers can release the potential value of data by pooling data and sharing them safely title="data value" target="_blank" data value. Swash is committed to reconceptualizing data ownership so that all participants in the data economy can access, access, build and collaborate in mobile digital ecosystems. Four key principles of the Swash system design are:
· 激励:为用户提供一种方式,让他们从自己的数据中获得收益,并通过向社会组织捐赠数据的方式来充分利用这些数据;
. Incentives: provide users with a way to benefit from their data and make full use of the data by donating them to social organizations;
· 访问:便利企业和数据科学家对高质量、零方数据(zero-party data)的访问;
. Visit: Facilitating access by business and data scientists to high-quality zero-dimensional data (zero-party data);
· 构建:鼓励开发者和企业家加入新一代数据解决方案;
. Build: Encourage developers and entrepreneurs to join the new generation of data solutions;
· 协作:与生态系统合作者一起工作,以实现互操作性和大规模采用,实现数据广阔的未来愿景。
. : Work with ecosystem collaborators to achieve interoperability and large-scale adoption and a broad vision for the future of the data.
(二)Swash主体服务
(ii) Swash Main Service
在Swash的数据权利框架下,个人可以勾选控制配件选项6 ,在保留隐私的同时分享他们的数据以赚取收入,其本质是用户授权Swash自动收集用户的网络数据(主要是非敏感数据),Swash汇集开发用户的数据并获取收益,收益以代币支付,该代币可以在代币市场兑换成法定货币。此外,企业以可持续和合规的方式访问高质量、零方数据;开发者可以在协作开发框架内便捷的设置和构建系统。对于企业和开发者而言,其本质是为Swash平台引入数据开发商,他们可以开发Swash获取的用户数据,也可以直接向Swash的用户提供数据开发服务。其核心商业模式是销售市场情报产品,主要服务介绍详见表1。
In the framework of Swash’s data rights, individuals can tick option 6 for the control of accessories, share their data for revenue while preserving privacy, the essence of which is that the user authorizes Swash to automatically collect user network data (mainly non-sensitive data), that Swash compiles and collects user data and gains in currencies, which can be converted into legal currency in a proxy market. Moreover, enterprises have access to high-quality, zero-side data in a sustainable and compliant manner; and that developers can easily set up and build their systems within a collaborative development framework. For enterprises and developers, the essence of this is to introduce data developers for the Swash platform, who can develop user data for the Swash platform, and can also provide data development services directly to Swash’s users.
表1 Swash主要服务
Table 1 Swash main services
3
Swash的技术架构
Swash Technology Structure
Swash技术架构包括五个部分:数据结构、数据分析和市场模块、应用和服务环境、智能合约和数据合规框架,如图2所示。其中,前三者为主要部分,Swash智能合约用于自动化交易和创建半分散的生态系统,辅以数据合规框架,以确保符合所有参与者、服务和应用的Swash数据合规标准。
The Swash technology architecture consists of five components: data structure, and market modules, application and service environments, smart contracts and data compliance frameworks, as shown in figure 2. Of these, the first three are the main components, and the Swash smart contract is used to automate transactions and create semi-dispersive ecosystems, supported by a data compliance framework to ensure compliance with the Swash data compliance standards of all participants, services and applications.
图2 Swash的技术架构
Figure 2 Technical architecture of Swash
(一)数据结构
(i) Data structure
“数据结构”部分是数据处理的基础,不同场景中sCollector和集成层按照规则收集和初步处理数据,并将数据存储在静态数据层。用户可以在符合合约要求下,对数据进行查询和搜索,并获得数据集。本文整理了“数据结构”部分不同层级、功能及其交互的框架如图3所示。
The "Data Structure" section is the basis for data processing. In different scenarios, sCollector and ICs collect and pre-process data according to the rules, and . Users can search and search data and obtain data sets, subject to contractual requirements. The framework for different layers, functions and interactions of the "Data Structure" part is organized as shown in Figure 3.
图3 Swash“数据结构”部分的框架
Figure 3 Framework for the “Data Structure” part of Swash
(二)应用和服务环境
(ii) Application and service environment
该部分包含了五大应用和服务,并通过sChannel等通道与数据结构部分进行交互。其框架如图4所示。
The section contains five applications and services and interacts with the data structure through channels such as schannel. The framework is shown in figure 4.
图4 Swash“应用和服务环境”部分的架构
Figure 4 Structure of the Swash “Applications and Service Environment” component
(三)数据分析和市场模块
(iii) Data analysis and market module
该部分提供了更多的商业化功能。数据产品提供者与其他部分交互并处理数据,供以其他功能模块调用;sIntelligince通过处理平台内数据,向企业基本竞争指标;市场集成者管理Swash数据产品,并运营代币业务。其框架如图5所示。
This part provides additional commercialization functions. Data product providers interact with other parts and process data for use in other functional modules; sIntelligince, by processing data from within the platform, provides basic competitive indicators to enterprises; market integrators manage Swash data products and operate currency operations. The framework is shown in figure 5.
图5 Swash“数据分析和市场模块”部分的架构
Figure 5 Structure of the “Data Analysis and Market Module” part of Swash
(四)数据合规
(iv) Data compliance
在Swash框架下,无论用户使用哪种功能,都应该遵守sCompliance框架,以保证Swash数据的安全性和与总体Swash任务的一致性。
Under the Swash framework, regardless of the functionality used by the user, the sCompliance framework should be adhered to to to ensure the security of the Swash data and consistency with the overall Swash task.
sCompliance引入了以下步骤,为数据流、管理、隐私和安全制定了标准和实践:
The following steps have been introduced to establish standards and practices for data flow, management, privacy and security:
· 数据源识别:确定哪些数据源可以被识别为“静态数据”或“动态数据”,并捕获和维护数据源的地理位置,以确保符合不同地区、国家和州的不同法律和法规。
· 数据图创建:确定是否有数据被sCollectors收集,如何收集,存储在静态数据层,数据的购买者是谁,以及数据将如何出售。
. Data maps are created to determine whether data are collected by sCollectors, how they are collected, stored in static data layers, who is the buyer of the data and how the data will be sold.
· 数据治理:一旦创建了数据源清单和数据图,系统将记录来自不同法规的隐私规则,再设计治理模型,记录流程和程序,并通过Swash治理契约建立Swash业务术语和数据源之间的链接。sCompliance使用区块链技术透明地记录所有合规活动。
· 隐私披露:系统在数据收集之前提供公开的隐私披露,包括收集者收集数据的项目和类别、数据的来源以及购买数据的公司类型等。
. Privacy Disclosure: The system provides public privacy disclosure prior to data collection, including items and types of data collected by collectors, sources of data and types of companies that purchase data.
· 数据保护:系统在所有分数层中实施加密、假名化和匿名化等加密技术以及安全程序和流程。
· 用户请求处理:系统制定流程来处理成员的查询,例如在隐私法允许的时间范围内提供副本或删除数据。
. User requests processing: systems develop processes to handle queries from members, such as providing copies or deleting data within the time allowed by privacy law.
· 审计:系统制作报告并向监管机构展示,对sCollectors收集的内容、成员数据存储地址、数据处理方法以及数据购买者进行充分调研。
. Audits: Systematic production of reports and presentation to regulators, adequate research on the content collected by sCollectors, member data storage addresses, data-processing methods and data purchasers.
(五)智能合约
(v) Smart contracts
Swash使用智能合约来构造一个可信且透明的生态系统。智能合约被部署在以太坊主网中,用于提供数据质量、访问控制、令牌交换和收入共享等功能。Swash网络将所有参与者的钱包地址视为身份。该部分包括三个子组件:记录日志且公开的侧链sChain、规定权限的访问控制机制和数据收入结构。
Swash uses smart contracts to construct a credible and transparent ecosystem. Smart contracts are deployed on the Ether Housenet to provide , access control, token exchange, and income sharing functions. The Swash Network considers the wallet addresses of all participants as identity. The section consists of three subcomponents: logs and publicly accessible side chainss schain, access control mechanisms and data revenue structures.
4
总结
Swash依据不同地区、国家的法律法规制定符合要求的数据合规框架,并由此生成数据收集、存储、处理和调用的代码规则,数据结构、应用和服务环境、数据分析和市场模块这三大核心部分的交互行为受代码规则约束,并由智能合约全程管理及记录,以保证数据的权属性及安全性。
Swash develops the required data compliance framework in accordance with the laws and regulations of different regions and countries, resulting in code rules for data collection, storage, processing and deployment. The interactive behaviour of the three core parts of data structure, application and service environment, data analysis and market modules are subject to code rules and are managed and recorded through smart contracts to ensure the ownership and security of data.
在Web3.0平台下,Swash在数据确权方面的技术方案有所突破,但也存在不足。Swash明确表示:“我们不对任何已经提供给买家的数据的滥用负责(WE ARE NOT RESPONSIBLE FOR ANY MISUSE OF DATA PROVIDED TO THE BUYERS)6 ”。Swash的管理仅包括收集、管理、汇集和销售数据所需的技术方案,而没有对数据的下游使用进行后续监管;用户也无法决定谁可以使用数据。
Under the Web3.0 platform, Swash's technical options for data validation have been breakthroughs, but there are also shortcomings. Swash has made it clear: “We are not responsible for any misuse of data that has been provided to buyers (WE ARE NOT RESPONSIBLE FOR ANY MINUSE OF DATA PROVIDED TO THE BUYERS).6 The management of Swash includes only technical options for the collection, management, compilation and sale of data, without following up on the downstream use of data; users cannot decide who can use the data.
还有一些软件可以提供与Swash相似的服务。Nielsen7?提供了一个可被安装在手机或计算机上的应用程序,该程序可收集个人数据并提供奖励;Solipay8?与Swash功能类似,但将实际货币而非代币作为支付手段,用户对收集内容的控制权限较少但可以决定向谁开放数据。这些软件使用不同的技术方案确定数据权属,并允许用户从中获益。
There are also software that can provide services similar to Swash. Nielsen7? provides an application that can be installed on a mobile phone or computer that collects personal data and provides incentives; Solipay8? is similar to the Swash function, but uses actual currency rather than tokens as a means of payment, and users have less control over the collection but can decide to whom to open the data. These software uses different technical options to determine data tenure and allow users to benefit from it.
虽然Swash的技术方案及商业模式尚待完善,但其提出的数据治理方案与用户参与式管理框架为Web3.0的数据确权提供了可行的方法,有较大的借鉴意义。
While Swash's technology programme and business model have yet to be refined, its presentation of and the user's participatory regulatory framework provide a workable methodology for data validation for Web3.0.
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论