Lawyers, laboratories, auditors or banks often need data containing sensitive personal information to provide their services. Examples of sensitive services include genetic testing, paternity testing, STD testing, credit scoring or legal advice.
The processing of personal data, especially when providing services involving sensitive data such as health records, biological material or legal documents, exposes both users and service providers (SPs) to privacy risks. SPs are at risk of violating GDPR, CPAA and other legal regulations, while customers are at risk of losing their privacy.
We observe that personal data is often only used for logistical purposes, such as payment or communication, and could be provided anonymously if such methods were available.
We present a solution that allows services to be provided without collecting personal data. We use anonymous payment methods such as cash and anonymous cryptocurrencies, blockchain to achieve fairness, and distributed content-addressable storage networks to deliver results.
Compared to other solutions, our protocol achieves anonymity with weaker assumptions, supports physical materials and conflict resolution, and does not require the customer to interact with the blockchain in conflict-free transactions, demonstrating better practicality.
In this work, we analyse the fairness of our protocol and implement it using Ethereum technology as a message board, Monero as an anonymous payment method, and Powergate (IPFS and Filecoin) as a decentralised storage network.