User-Oriented, Secure, Trustful and Decentralized Social Media

April 21st, 2021 by

EUNOMIA’s partners Pinelopi Troullinou (Trilateral Research), Nelson Escravana (INOV) and Sorin A. Matei (SIMAVI) participated in a webinar organized by the Decentralized Series of the University of Nicosia. Soulla Louca (UNIC), also partner of EUNOMIA, was the moderator of the discussion.

The event took place on March 16, 2021 and was followed live by 200 people.  The discussion revolved around the following topics.

  1. The role of information trustworthiness and decentralization in social media
  2. Key technologies that enable the development of decentralized social media platforms
  3. The ethical and societal aspects of such platforms
  4. Use cases such as the EUNOMIA project

In this post, we summarize the main points discussed in the webinar.

Misinformation is not a new phenomenon.  Occurrences of misinformation have been reported from the pre-printing era.  With the rise of digital media and channels the spread of the news, whether fake or not is done at an accelerated rate. The information era has converted traditional societies into digital, resulting in an exponential increase of the rate at which misinformation is proliferated as well as the potential audience for consumption. Results may be devastated, ranging from simply destroying trust, to ruining businesses and people’s lives.

Technology does not only enable the widespread of misinformation but also provides innovative ways to produce false content including text, images, and videos with the intent to deceive people, leveraging powerful techniques from machine learning and artificial intelligence to manipulate or generate audio and visual content.  The use of blockchain technology in a social media platform supports transparency in the system in order for the people to determine if the news is false or not. In addition, it permits their traceability and immutability. Blockchain-enabled applications can trace the authenticity of news from the start till the present, preventing the readers to fall for the misinformation as it cannot be altered, changed or deleted.

Importance of trustworthiness

The word “trust” is usually perceived as something good.  Something that we need within our society and we expect from the technology we interact with.  Looking at it from the cyber security perspective, trust is actually the root of the problems that exist in security as the difficulties begin when you need to trust something and that something you trust is not working as expected. We are placing our trust on businesses, banks, regulators, on the member states, on the EU and many more.  When it comes to social media, trust is placed to mainly private companies that we believe they will handle our data correctly and that their technology is good enough to protect them.

Trust can be good and can be bad. Good trust is the one that gives you the opportunity to take good decisions based on data and bad trust is when you trust something and even when there are indicators that you should not, you still keep on trusting it. Decentralization on the other hand, enables trust between unknown parties. Trust is spread among a group and as long as that group is mostly honest it works.  So, decentralization in social media is not only a solution for the trustworthiness problem that we have today but also the future as social media consists of the centralization of opinions and the centralization of information sources.

If we have the ability to recognize what information we can trust, we can have the ability to act upon it so to slow down the spread of misinformation. It is equally important in terms of trustworthiness to move to platforms that support trustworthiness in its essence and address other pathogens that we can see now on social media like censorship privacy etc. Decentralized systems that are based on open source software they can play a key role as they allow users to assess the data in a network, giving more control and autonomy to them while promoting transparency.  In that sense trust is enhanced and moved towards the community and the key technologies for enabling information trustworthiness and decentralization.

Key Technologies

One of the key technologies is open source social media platforms.  When we get out of the mainstream corporate social media, then we can actually decentralize. There is no reason for a corporate social media platform to be decentralized as it is managed and governed by a single entity. Another important technology is peer-to-peer communication networks and that allow us to exchange information without having a central hub where all the data is stored. In addition, we need a technology we can trust for authentication and integrity of the data, a technology that will enforce governance principles and protect the data that is stored on all these platforms. For that, blockchain plays a central role as it is like an entity you can trust but by nature, it is decentralized. So, trust is not placed on a single entity but a quorum of entities.   

Societal Dimensions

The vision around decentralized social media networks looks towards a utopian future that ensures users’ privacy to provide them total control over their personal data. It is like a network based solely on users’ votes and without a single authority to make changes. Trust is placed on the community. When we develop these decentralized networks, we need to take into consideration how the operation of decentralized social media platforms will ensure freedom of expression while at the same time they will protect the users from damaging the content. In addition, they need to promise advanced security and privacy without users having to reveal their personal data. At the same time, we need to keep in mind that new security threats might arise in this new era in social media like for example managing public keys.

Another social dimension to consider is that of transparency. This is probably one of the factors that need to be considered when you create a decentralized privacy system as there is a natural trade-off between transparency and privacy. 

A new trust model is required, a model that ensures transparency, accountability, without revealing the integrity of the users and safeguarding privacy. Such technology is available nowadays. The above properties can be achieved through decentralized systems that rely on cryptographic protocols but there are several debates in regards to back-dooring cryptography which is used by authorities, to intercept communications by terrorists and criminals. But this is the same technology that can protect us on a decentralized setting creating a trustful environment for us. There has to be a balance to the needs of the authorities with the needs of a decentralized mechanism for distributing media, or even other types of communication such as the protocols for e-voting, for our bank accounts or sending messages since the same cryptographic primitives are used.

EUNOMIA

EUNOMIA is a multidisciplinary ongoing EU-funded project that proposes a new paradigm that utilizes information trustworthiness and decentralization. It is the first social media environment designed to prioritize trust over likes. It is supported by a unique peer-to-peer and blockchain infrastructure. 
EUNOMIA uses a federated social media platform, currently mastodon, but it is independent from the actual platform. Decentralization is supported by a distributed and decentralized peer-to-peer file system where data resides and access control is enforced by cryptographic primitives that are backed up by blockchain. Blockchain plays the role of the trusted entity to store keys and manage permissions as well as implement the network governance principles. An open-ended e-voting protocol allows users to vote on the trustworthiness of posts while preserving their anonymity.

Challenges Ahead

Some of the open challenges that exist include the adoption by critical mass along with a technology that will address ethical and social concerns while keeping the diversity.

In EUNOMIA, our aim is to address all of the above issues and provide society with at user-oriented and trustful decentralized platform that will mitigate misinformation.

EUNOMIA’s blockchain engine acts as a trust machine

April 14th, 2021 by

Data integrity is a term that refers to the reliability and assurance (validity) of data. One of the main challenges of social media is how to create assurances of data validity, at the same time safeguarding that the data have not been tampered.

In EUNOMIA, all posts are annotated with a “magic” icon (see the image below). When this special icon appears on a post, it means that its blockchain technology guarantees that the integrity of the data e.g., number of trusts, the number of followers and other information related to the post have not been tampered by any administrator or cyber attacker. However, it does not validate whether the post is trustworthy or not. This is for you to decide!

But why is data integrity so important? In cyberspace, online data are likely to be exposed to data manipulations by malicious actors that could use this to their advantage. Especially in social media such actors are distributing compromised pieces of data to their advantage, either to make others act on such data by spreading misinformation (e.g., propagate rumors) or by leveraging on the credibility of other people to claim authorship on certain pieces of digital work (either in plain text or in some visual form).

From the other hand, the actual content creators of such digital artifacts would like to guarantee data integrity towards their online communities (i.e., consumers) of such data. Lastly, and most importantly, they would like to be ensured that there are safeguards in place preventing such manipulation events from happening by other online users.

But how can one certify and prove that the data being presented are free from any data manipulation? EUNOMIA is using a trust engine which builds on a blockchain backbone to provide integrity assurance of the information stored. In addition, the blockchain layer of EUNOMIA creates audit trails of the information to log all the state changes or revisions made to the data.

But isn’t this the same as logging data in some database? Audit trails stored in the same way as the application data are equally vulnerable to tampering and manipulation attacks. There is no mechanism to make hard assertions about data integrity or validate the integrity of such data. In EUNOMIA, we are using a blockchain backbone to make such assertions that can validate the integrity of arbitrary data, and provide for traceability.

But how is this ensured? Blockchain technology builds on a peer-to-peer network where clients (aka nodes) maintain replicas of a distributed data structure (i.e., the blockchain). This data structure organizes pieces of information in the so-called blocks that are linked together with the use of a cryptographic hash function. In brief, the cryptographic hash function is used to create hashes of the information from each block that are linked with each other; since the hash of a block encapsulates the hash of the previous block as a pointer, thus forming a reversed linked list (aka the chain).

This unique characteristic of this data structure is critical for ensuring data integrity. If an attacker attempts to change any piece of information within a past block then the hash of the block changes, resulting in an unresolved pointer breaking the chain. This unreferenced block will not be accepted by the rest of the network.

In addition to cryptographic hashes that build a unique data structure, a blockchain network employs a safeguard mechanism (so-called consensus) that allows independent nodes to, coordinate, approve, and agree on which data should be appended on the data structure. Since the consensus algorithm operates under a distributed environment this ensures that there is no single point of failure, and no central control of the information that could be compromised.

EUNOMIA’s blockchain backbone leverages on the unique characteristics of: blockchain-based hash validation, and consensus offered by the technology to safeguard data attestations and guarantee the integrity of the data.