When speaking on digital transformation, it’s typically in present or past-tense; something we’ve just gone through or are currently in the middle-of. While transformation at any organization of any size is daunting, exhausting, and expensive – if done correctly, it should be a constant. As they say, the only constant is change. There’s only one guarantee; that at the end of whatever digital transformation you're in the midst of, it is inevitably the start of your next. And, the next 3-letter acronym that will be as transformative and disruptive as “GPT” might be “ZKP”, Zero-Knowledge Proofs.
Last week was the anniversa. And, today “generative AI strategy” is the #1 topic in just about every board room across the country from start-ups through the Fortune 100. Big Data is most certainly back with a vengeance because of this global fascination and unprecedented vision of the potential future. And as Uncle Ben would have told us, with great data comes great responsibility.
This disruptive transformation is most certainly not about GPT and this is also much bigger than ZKP. This is about the future of how we store, manage, and protect consumer data. More importantly, this is about how we ourselves, as consumers, take control and ownership over our own data. This is bigger than PII (personal identifiable information), this is a new era in how we think about designing and developing privacy preserving interfaces.
We’ve long been warned that “if the product is free, you are the product” – this primarily alluded to advertising based revenue models powered and personalized by troves of our own data. Regardless of the company, industry, or monetization strategy, data is becoming increasingly more valuable and proprietary; especially in the context of an ever-growing LLM (large language model) dependent world. GitHub sent a shocking revelation through the product community when it launched CoPilot two years ago – we had to ask, what if the data behind GitHub was now more valuable than the product of GitHub itself? Which in turn introduced yet another “feedback loop” for product managers everywhere, the “data feedback loop”. An infinite loop of value-delivery where the data collected delivers a value for the purpose of obtaining more data to drive more value to collect more data … continuously.
ZKPs are a powerful tool for protecting sensitive data and building secure and private systems. As consumers become more aware of the value of their personal data and the risks of sharing it, they are likely to adopt technologies that give more control over how their data is used – this is the opportunity.
I believe the best way to understand zero-knowledge proofs are to start with a classic data collection problem that is as old as time. In the classic “boy meets girl” romcom scenario, everything hinges on the first impression that most typically starts with a simple and harmless introduction:
So, let’s say you’re out-and-about and there’s someone who catches your eye that you’d like to get to know better.
You might go up, introduce yourself, and ask their name. If they’re so inclined, they’ll share their first name – success!
Now, if you were to ask for their full legal name, there would likely be an awkward hesitation.
But, what if you asked for their age, and not just their age, but their full date-of-birth? That would be considered inappropriate by most.
Let’s not stop there, what if you were to ask for their weight? Now you’re being rude (and in danger of being slapped).
But, you persist, you next ask for their home address — this would now be a safety concern.
Most of us would never entertain this line of questioning, more-or-less answer. We might even call this scenario of data collection impossible. If we so obviously refuse to give up this level of personal data during this kind of interaction; the question would be, where did we, moments earlier, freely and willingly divulge this information, and not even realize it? The answer is … the bouncer at the door; a trojan-horse of data collection.
All that the venue required was a binary, a yes-or-no; if you’re 21 or older. However, in blind “trust”, we hand-over our ID exposing our full name, home address, date-of-birth, weight, eye/hair color, and even donor status to a part-time stranger with no data security experience. We don’t think twice about it because we do whatever is asked of us to get on the other side of that door. And, we do this everyday with the websites we visit as well as the apps we download; blindly agreeing to the terms of service and privacy policy. Zero-Knowledge Proofs are that binary.
ZKPs are like showing your ID in a sealed envelope; the person checking knows it's valid without seeing it, ensuring your privacy. It's a way to prove you know something without revealing what it is. We are entering an era where that blind-trust can now be replaced by proof. “Proof" is a technical method of demonstrating that a statement is true without revealing any additional information. It's a concrete, verifiable demonstration, based on mathematical principles. While “trust” is more abstract, based on belief. Proof is technical and verifiable. This is a moment where a new and emerging technology will fundamentally change our relationships with the brands we interact with everyday.
Zero-knowledge proofs are a key component in blockchain and decentralized technologies, which can reduce or eliminate the need for intermediaries. In a decentralized system, transactions and data exchanges can be verified independently by the network. ZKPs can streamline various business processes by providing a more efficient way to verify transactions and data without compromising security. This reduces the counterparty risk typically associated with transactions and business operations, moving the paradigm from one of trust in a single entity to trust in a robust, transparent system.
It is time to get comfortable with trustlessness. As businesses and organizations seek to protect their customers' privacy and comply with ever-changing data protection regulations, the use of ZKPs will inherently become more widespread.
A common pillar among the Fortune 100 is “trust”; everyone says they have it, but who can prove it? More importantly, what happens when consumers demand “proof” over blind-trust? Above all else, consumers want confidence in the brands they engage with. The question becomes less if you have their trust, but rather, if your competitor can prove it. Users increasingly demand transparency and data protection. By implementing ZKPs, organizations of all sizes across all verticals can provide consumers with proof of data security and ethical practices without exposing underlying internal or proprietary information. This not only enhances customer confidence, but also customer loyalty as they no longer need to rely solely on trust in the brand but can have verifiable assurances.
Trust in a corporation traditionally hinges on its reputation and history of compliance. However, with ZKPs, corporations can now provide cryptographic evidence of compliance with regulations and internal policies. This form of proof-based accountability can supplant the traditional trust-based system, offering more concrete assurances to regulators, stakeholders, as well as the general public. Trust was never given, it was earned; the ZKP construct now fundamentally alters the power dynamic the 100+ year old incumbent had over upstarts. This is a transformative step-change, a disruptive accelerant.
As these technologies become more widely adopted, the corporate reliance on trust, stemming from brand reputation or historical performance, could shift towards a model where cryptographic proof plays a more central role. The move towards a proof-based operational model could herald a new era of corporate transparency, security, and efficiency.
While the term sounds counterintuitive, we're moving towards a trustless future; a better future.
Zero-knowledge proofs are like a magic trick where you prove you know a secret without ever revealing the secret itself. It's a way to say "I know something" without showing what that something is, ensuring privacy and security. This magic is extremely beneficial in a world now riddled with data breaches and security hacks. And, this is no longer just about exposing our usernames and passwords – our credit card numbers, banking information, and social security numbers are on the line.
But wait, there’s more …
When Pizza Hut processed the first internet transaction back in 1994, we could never conceive of a world 30-years later where we now share everything online from our sleep data to our DNA. ZKPs will be a driving force behind enhanced data security and privacy of all of our data, bringing with it increased transparency and accountability. This is about embracing innovation as the ultimate competitive advantage in a world where big data keeps getting bigger, and more valuable (to all of us).
This isn’t innovation, this is inevitability. While “GPT” is at the center of this current digital transformation, “ZKP” is most certainly on deck; trust me. 😂