[Originally published in January 2018, but still relevant, so I am re-running it.]
There’s nearly a 90% chance you don’t know what “blockchain” is, and that means today’s quality professionals are at great risk of becoming extinct. A new generation will pop up, pushing aside who didn’t keep up. Tens of thousands of people are going to lose their jobs and begin new careers as Wal-Mart greeters all because they weren’t paying attention to a new industrial revolution happening right now.
I get it, though. Our profession is not filled with inspiring leaders, nor are we particularly interested in educating ourselves. Instead, we rely on dated information peddled by a set of crotchety geezers from the 1950’s, who we’ve elevated to the (insultingly) quasi-religious state of “gurus.” We do this, by the way, out of pure laziness, not actual respect. Many Deming promoters haven’t even read him (that includes nearly all of ISO TC 176, by the way.) It’s easier to worship than to lead. Sycophancy is comforting and often rewarding in our profession. ASQ has built an entire empire on this concept, selling willing dupes a set of “certification” programs that it invented from thin air, to those who would rather pay a few hundred bucks for a piece of paper than actually go out and invent, inspire or innovate.
So it’s nothing less than a miracle, then, that ASQ published an astonishingly fresh article by Nicole Radziwill on “Blockchain and Quality.” It should be mandatory reading for all quality professionals. I’ll go even further than Radziwill, but first we need to understand what blockchain is, and what it isn’t.
Blockchain is an innovative approach to a database based on the concept of decentralization. Invented by an anonymous person or group going under the pseudonym “Satoshi Nakamoto,” blockchain came out of the realization that banking transactions were inefficient, untrustworthy, corruption-prone, and opaque. Nakamoto — let’s just pretend it’s a real person — looked at the peer-to-peer computing trends of the 2000’s, and saw what was underway. Programs (we didn’t call them “apps” back then) like Napster and Limewire were being used to connect average internet users to each other, to leverage the combined computing power of their discrete PCs. Alone, a single PC can’t do much, but linked together, they become exponentially more useful. In fact, one of the first usages of this model was done even earlier — in 1995! — by the SETI Institute, which launched a program that aided in the “search for extraterrestrial intelligence” (SETI); downloading the program would allow users computer’s RAM and CPU during idle time to analyze radio telescope data for anything that might be coming from an intelligent source in the universe. (In fact, you can still grab that program here.)
Peer-to-peer, or “P2P,” continues to be used primarily for internet piracy, through the BitTorrent network which allows people to download movies, books, TV series and programs in violation of all sorts of international laws. Where I live in Peru, for example, there is no network of legal video stores, and thus all the local video stores are filled with copies of DVDs made from “torrented” files downloaded via BitTorrent; it’s a national institution, at this point, and the government shrugs. They have no idea a major portion of the Peruvian entertainment economy is built on P2P networking.
Nakamoto saw a way to use the concept fo P2P to fix the banking problems, which were in the news in the late 1990’s and 2000’s. He came up with a way to make a database operate using peer-to-peer principles. Entries would be made into this single database, cross-referenced and checked by multiple other connected users’ PCs, with a permanent record made that could be referenced forever, and never altered. Since the entire thing was P2P, it meant no banks were involved, no governments, no censors, no bad actors. Only raw computing.
The database was built on an accounting ledger principle, with one entry feeding the next. In accounting, you start with a number — say, your cash on hand — and then you add and subtract to that number as you make money and spend money. That first entry, however — your cash on hand — started it all.
Blockchain began on a single entry — now called the “Genesis Block” — and grew from there. Millions of entries have been made, forked and branched, but still trace back to that Genesis Block. Since each transaction is reacting to the one before it, it took the name “blockchain.”
The most famous application of blockchain right now is Bitcoin. But Bitcoin is not blockchain; don’t confuse them.
Nakamoto, remember, was upset about the world’s banking problems and various nations’ poor handling of their finances. So he intended blockchain to be used as a financial tool. (As we will see, it can do more than that; but stick with me for now.) So out of blockchain arose a new type of currency, a “virtual coin” that could be used to buy and sell stuff anywhere in the world. The ledger behind it? Blockchain.
I won’t get into how Bitcoin works, except to say that it is based on the idea that rare things cost more. It’s why you pay more for a diamond than you do a bucket of sand. Bitcoins are generated when a computer arrives at the solution for a very complex mathematical equation, sort of like calculating prime numbers but even more complicated than that. They don’t physically exist; the math idea was used to enable people to (a) derive something that was rare and (b) do it in a way that was honest; math is always brutally honest.
Again, though: behind it all is blockchain. When someone buys something using Bitcoin, the entry goes into blockchain and remains there permanently. When someone sells something, the transaction is also permanent. No bank or government or corporation can fudge the books. No one can alter the data. It’s been reviewed and calculated by the P2P network, locked down and cannot change. Ever.
It doesn’t mean that Bitcoin can’t be used for bad things; on the dark web, it’s used to hire hit men and buy illegal drugs. But there’s a record. Anonymity can be had, but it’s not as easy as those on the internet boast, and a lot of those people are finding out after being sentenced to really, really long jail terms.
But blockchain doesn’t care. It’s neutral. It’s just a really big, really weird notebook. Your notebook doesn’t have an opinion what you write in it; it can be the next Hemingway novel, or a death threat to an ex-lover. Your notebook doesn’t judge, and neither does blockchain.
This is why it’s interesting for the quality profession. But forget about Bitcoin; it’s not relevant to this discussion. Instead, we have to focus on its backbone: blockchain.
Dr. Radziwell came up some interesting applications for blockchain in quality:
In addition to enhancing provenance and traceability, one of the biggest envisioned applications of blockchain databases is to support machine to machine transactions. As intelligent agents grow in complexity and are trusted to handle more tasks, and as the Internet of Things (IoT) expands, there needs to be a high-quality record of how those objects and agents interact with other objects and agents – and with humans. Blockchain could also be used to support new business models like decentralized energy markets, where you can consume energy from the local power plant, but also potentially generate your own and contribute the excess energy to your local community for a fee. It could potentially transform middleware as well, which is software that allows different software systems to communicate with one another.
In principle, transactions logged to a blockchain make it impossible to defraud participants in the process, and impossible to manipulate records after they are recorded. They are self-auditing and fully traceable. Blockchain won’t make quality assurance, tracking, or auditing EASY, but you should expect it to make the business landscape different – new business models will be possible, and it will be possible to entrust intelligent agents with more tasks.
That last part is the crucial takeaway, and I can’t stress it enough: blockchain will make the business landscape different. Every profession will be impacted. Those that don’t get up to speed will be replaced that already have their pedal to the metal.
“Different” doesn’t necessarily mean “better,” mind you. As I will discuss, blockchain isn’t perfect, and there’s already work underway to exploit blockchain in the quality profession by the usual bad actors. But if something is going to fundamentally change the way you work, store information, issue reports, read data… you should know about it.
When rolled out as intended, a blockchain dataset will be encrypted, impossible to alter, and nearly hack-proof. That latter part is critical: because the data is distributed between the peers, hacking a blockchain is a monumentally complex task, requiring massive computing power; some have theorized it would take the next-evolution computing technology — quantum computing — to accomplish a blockchain hack. The fact is, that most blockchain data — even digital currencies — simply wouldn’t yield enough return on the necessary investment to conduct the hack. That’s good news.
So if blockchain can provide a permanent storage of data, immune to hacking, while allowing a fully traceable ledger of transactions, what use is that to the quality profession? Let me pose some practical applications that can be accomplished right now:
- ISO 9001, AS9100 and other audits will be conducted under a new set of rules, ensuring near total objectivity, with the reports uploaded to a secure blockchain, available for independent verification at any time. ANAB’s job just got a lot easier, and those cost reductions can be passed down to the user. Blockchain will make audits more transparent, more reliable, and less expensive. Win-win-win.
- ISO certifications themselves will be fully transparent, available for review and verification by all, and relying on CB participation in some global database will be moot. CBs won’t be able to fudge the numbers anymore. For example, the CBs behind Deepwater Horizon and Takata have scrambled to hide their role in certifying the companies that later killed people; under a blockchain application, that won’t be possible. CBs will have to issue certs only to companies that actually deserve them, since the records will be permanent.
- ISO standards development can utilize blockchain to maximize world participation in committees, finally breaking the monopoly of BSI and private consultants; the feedback and public commenting records could be stored permanently, open for review at any time, whereas now they can be secretly edited or deleted entirely without anyone knowing.
- Quality inspection data for materials and products can be uploaded to a blockchain, verified, and then available later for audit; the Kobe Steel fiasco or the VW emissions falsifications could not have happened if the data were put into blockchain, for example.
To set up a blockchain, one need only develop the database structure based on the open-source, published schema developed for blockchain. The creator can assign the peers, the amount of data to be stored, the verification methods, etc. It can be done relatively cheaply, with the main expense being related to obtaining the necessary expertise to develop and structure the blockchain. Because so few understand blockchain, there’s a growing industry forming around blockchain developers; that’s important, but it also means they aren’t cheap.
But the fact that anyone can develop a blockchain means the bad actors will try to dominate, as usual. This is where the risks lie.
Beware BSI Becoming “Blockchain Standards Institute”
Already, ISO and the usual suspects — BSI and Standards Australia — are positioning themselves to dominate the blockchain standards world. We have these same three bodies to thank for “risk-based thinking,” the biggest scam ever perpetrated in the international standards field. So allowing these parties to control the discussion, through the publication of their standards (in violation of WTO regulations, of course), is a direct threat to the quality profession’s effective use of blockchain.
For example, under an ISO-developed blockchain structure — which will be published with the false imprimatur of authenticity that every ISO standard gets — conflicted parties can structure the blockchain to suit their own needs, and thus get around the “immutable P2P” aspects of blockchain that make it desirable to begin with. For example, under Bitcoin blockchain, each transaction is calculated by the peers and verified. Those “peers” are anyone in the world who wants to join the chain.
Under an ISO developed model, the blockchain developer will likely select who gets to participate, and then shut it off from other peers. For example, in my suggestion above, where I say blockchain can be used to verify ISO 9001 certificates, the ISO blockchain may not have such transactions verified by a thousands of general public peers, but only by a tiny set of conflicted registrars — the same folks who have corrupted all chances to have an honest database of certificates for the past 30 years!
This problem is called the “blockchain immutability myth.” Sez Multichain:
Every chain employs some sort of strategy to ensure that blocks are generated by a plurality of its participants. This ensures that no individual or small group of nodes can seize control of the blockchain’s contents. Most public blockchains like bitcoin use “proof-of-work” which allows blocks to be created by anyone on the Internet who can solve a pointless and fiendishly difficult mathematical puzzle. By contrast, in private blockchains, blocks tend to be signed by one or more permitted validators, using an appropriate scheme to prevent minority control.
Therein lies the problem. Accountable to no one, ISO and its allies, such as SA and BSI, can create a private blockchain with only the usual suspects as the “permitted validators.” That will include, of course, ISO and BSI. Both of these organizations hide their true motives behind the disingenuous claim that they are “private, not for profit” organizations, so the typical Joe Public will confuse them with “charities” or “NGO’s” doing good works. In reality, they exist to drive revenue to the salaries of their officers, and no one else. ISO and BSI will then allow some friendly organizations sympathetic to their cause, like Standards Australia and probably JAS-ANZ, ANAB, UKAS and even ASQ, to participate. In the same way that ISO makes it impossible for standards users to participate directly in standards development, they will make it impossible for users to participate in their blockchain applications.
If ISO is allowed to dominate such blockchain rollouts for the quality profession or international standards, they will ensure its eventual corruption. Instead, open source blockchains must be utilized in the quality profession, and most especially to validate ISO 9001 certificates, ISO audit results and more. It can’t be left to the same group of corrupt players.
So far, the IAF and ISO have pushed forward on a certification database that is blissfully unaware of blockchain, led by a single software engineer named Jerry Norris, who seems to know little of blockchain except for its Bitcoin application. That’s a good thing, since Norris is already conflicted and shouldn’t be put anywhere near the ISO cert database. The IAF rollout is doomed to fail for a million reasons, and an open source blockchain method must be developed that will ensure trust, transparency, full-time availability and security of the data. Oxebridge will continue to pursue this avenue.
But ISO is, as I said, signaling that they intend to jump on the blockchain bandwagon by developing standards related to blockchain. That’s particularly nefarious, since ISO only develops standards that benefit itself — remember “risk-based thinking?” — even when they cause chaos in the user community. The world’s governments, interested in saving money and lowering taxes by offloading standards development to ISO, will play along, oblivious to the fact that they handed over blockchain to a private company answerable to no one. It’s not like politicians understand blockchain anyway, since they think the internet is a “series of tubes.”
It will fall upon independent organizations, governments and public institutions to properly develop trusted blockchains that support the quality profession. Where that comes from is anyone’s guess. Which is why it’s so important for quality professionals to study this new technology, and determine the best ways to roll it out.
Blockchain is here, and it will either aid the profession or consume it. Remaining ignorant will allow ISO and its bad actor pals to corrupt the technology to its advantage, and that cannot happen.
About Christopher Paris
Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001:2015. He reviews wines for the irreverent wine blog, Winepisser.