Teresa speaking for Circularise at 00.46.00 for 5 min, and then 01:30:00
As digital product passports (DPP) are rapidly taking shape and the actual implementation is approaching, stakeholders - and in particular small to medium enterprises (SMEs) - are closely observing the discussions with one big concern in mind: how will I protect my data while maintaining ownership? While we are all aware that the implementation of digital product passports will greatly accelerate steps toward a green society and circular economy, stakeholders also express concerns about the security of such a database, especially if it's centralised. And rightfully so. We need to identify these concerns and find viable solutions sooner rather than later. In order to do so, Circularise was invited to share their knowledge and advice during a recent public hearing on digital product passports organised by the Committee on the Internal Market and Consumer Protection (IMCO). In this article, you’ll read more about Circularise’s contribution to the public hearing, and how sovereignty (confidentiality and data ownership) can be protected.
While we are all aware that the implementation of digital product passports will greatly accelerate steps toward a green society and circular economy, stakeholders also express concerns about the security of such a database, especially if it's centralised. And rightfully so. We need to identify these concerns and find viable solutions sooner rather than later. In order to do so, Circularise was invited to share their knowledge and advice during a recent public hearing on digital product passports organised by the Committee on the Internal Market and Consumer Protection (IMCO). In this article, you’ll read more about Circularise’s contribution to the public hearing, and how sovereignty (confidentiality and data ownership) can be protected.
On May 16th 2022, IMCO held a public hearing as part of the ongoing discussions to implement product passports on a European level: “Digital product passports: enhancing transparency and consumer information in the internal market”.
The IMCO hearing addressed the aforementioned challenge of stakeholder data privacy and protection, along with practical implications for European businesses and SMEs. It also covered how digitalisation, using digital product passports as a core instrument, can enhance supply chain traceability.
The IMCO committee invited Circularise as a supply chain transparency expert to share learnings and to shine a light on the data security challenge. Based on experience with global partners in various industries, Circularise discussed their solution to secure stakeholders' data protection at the IMCO hearing: a decentralised public blockchain combined with Smart Questioning technology.
Before diving into digital product passports challenges and solutions, it is important to take a step back and understand the fundamentals. An extensive guide to digital product passports can be found here. Then, we can dive into the challenges faced by a digital product passports system.
The first speaker of the IMCO hearing, Mr Thomas Götz from the Wuppertal Institute, explained the current landscape of digital product passports and how it brings together data in one place. To produce a complete digital product passport, information must be aggregated from multiple sources, but in order to maintain data sovereignty and process efficiency, this must be done in a decentralised manner.
“A decentralised approach using data from different sources is - especially from the beginning phase onwards - very important because the spread data has to be brought together. It’s reasonable to use existing data and link to it from the DPP so that (...) all needed information is collected and can be found in one place.”
Generally speaking, we’re all aware of the great advantages of a digital product passport. At the IMCO hearing, Circularise’s EU project lead Ms Teresa Oberhauser, opened her talk by pointing out the most important ones:
“driving growth, mitigating risk, and reducing costs.”
So what’s the problem?
Companies, suppliers, and customers don’t fully trust the idea of a product passport yet because they are worried about what happens to their data if it is collected in one place.
Ms Oberhauser explains: “What we see is that a true DPP is only possible if we have cooperation from an entire industry. We only get this cooperation if we can secure the main protection of their business. First of all, that means making sure that we can implement a DPP in a way where their core recipes and competitive advantage are protected. And secondly, a way where intermediaries, suppliers, and customers in the supply chain are also protected."
“We need to enable companies to engage proactively by [helping] them keep ownership of their data. For that we need to make sure that there’s no risk to their confidentiality, and that there’s no centralisation, so as to prevent data leaks like we saw in the Covid situation.”
This need for data protection is also mentioned by the Deputy Director General of Business Europe, Mr Alexandre Affre. He mentions five requirements for a successful digital product passport implementation, including:
“We must ensure that disclosure of confidential and sensitive information is avoided. To give an example: some product information [about suppliers] can be a trade secret, and also not necessarily relevant for [enabling] a circular economy. Trade secrets and confidential information need to be protected.”
In short, digital product passports need to be shaped in a way where all stakeholders and data are fully protected. Failing to do so prevents some stakeholders from cooperating which means the concept of digital product passports altogether won’t succeed.
To show how a decentralised approach will help in implementing digital product passports, Ms Oberhauser first points out the current bottlenecks in supply chain transparency:
“If we look at supply chain transparency today it is very labour intensive, prone to errors, reactive, and not scalable because it’s usually one person who’s responsible for gathering all data.”
The technology for doing that is also outdated. Using excel sheets, pdf documents, and long email chains is not scalable. She explains that it is Circularise’s mission to solve these challenges through decentralisation:
“What Circularise does, and what we see as the future of DPP, is decentralisation. Not only in the sense the data is [stored] in different places and is brought together, but more importantly: decentralisation in the sense that we store the data where it originates at each single step of the supply chain. So that every stakeholder is responsible for their own data at their own step of the supply chain. These data points are connected via the decentralised blockchain. This means full decentralisation of the data, so no one [party is] storing data in a place where it could be tampered with.”
In short, implementing digital product passports using a decentralised blockchain approach will give power to the data providers, who are often suppliers. It will also secure data protection, confidentiality, and privacy when needed. This will enable them to cooperate proactively, which increases the successful implementation of digital product passports as a whole.
Over the past years, Circularise has developed a Smart Questioning system using zero-knowledge proofs, that makes it possible to share insights instead of the full data when creating digital twins.
Ms Oberhauser explains: “Zero-knowledge proof technology is a mathematical calculation that makes it possible to give information about your material and prove that the answer is correct without actually sharing the full bill of materials. Because we need proof of the [answers to questions] that we have about the material but we don’t actually need to see the full bill of materials.”
Circularise has built its system on a public blockchain to avoid centralisation and enable cooperation that is needed for digital product passports. Ms Oberhauser says:
“What’s important to keep in mind about [public] blockchain is that it makes sure that we can work with data in a decentralised fashion. This means that not us as Circularise or anyone [else who is a part of the] blockchain system is actually the owner of the data.”
Unlike centralised platforms and private blockchains, a public blockchain ensures that each individual is the owner of their own data, it also ensures that data cannot be maliciously edited or deleted. Meaning that “we can trust the system itself. That is why we need a public blockchain that is fully decentralised.”
While zero-knowledge proof technology ensures that no sensitive data is shared publicly, but still provides key insight to members of the value chain.
Since 2016, Circularise has been trusted by various big partners to improve their supply chain transparency, using the Circularise digital twin system as a type of product passport. This includes partners from various industries including the polymers and chemicals, metals, and rare earth elements industries, covering different sectors from automotive, to electronics, to household appliances, to textiles, and consumer products. By building on a public blockchain that is fully decentralised, partners are guaranteed that they keep ownership of their own data and Smart Question technology ensures their data is protected.
Over the next couple of years, there will be several more regulations announced which will dictate firm requirements for digital product passports in other industries. Circularise will continue to work with businesses to set up systems to enable them to meet the regulatory requirements, and more importantly: reap the financial and social benefits of having a fully traceable supply chain. Moreover, Circularise will continue consulting governments and advisory bodies to establish a set of best practice protocols.