Safeguarding privacy with smart contracts: QCMP rundown

Picture of Thomas Oei

If the location data supply chain was a river, it would look pretty murky. This lack of transparency comes from two main concerns: the complicated and entangled relationships between suppliers and buyers of data, and the issue of consent. 

In this article, we will focus on the second problem and explain why consented data is especially important in today’s market and show you how Quadrant is developing new ways to clean, track, verify, and bring transparency to the industry with blockchain technology and the Quadrant Consent Management Platform (QCMP). 

Transparency and consent in the data supply chain 

When it comes to data, explicit user consent is becoming the norm. Governments around the world have started to enact and enforce privacy laws after high-profile data breaches such as the Facebook — Cambridge Analytica data scandal. These laws have underlined the need for privacy and questioned the notion that data is a universal resource for anyone’s taking. Companies now need to ensure that the data they procure adheres to new laws such as the GDPR and CCPA. 

At Quadrant, we’ve always welcomed this change. Our company was founded on the premise that data can make the world a better place from mundane conveniences like faster food delivery to better distribution of public services and quicker emergency response. Our way to promote ethical data practices in the industry is the Quadrant Content Management Platform (QCMP). 

Consent management and blockchain 

QCMP is a consent management platform that is augmented with blockchain technology. Consent management platforms (CMPs) are not new; they have existed for years as tools that businesses can use, store, manage, and share their customers’ data. 

Integrating blockchain technology is a natural development in consent management. A blockchain’s distributed ledger capabilities allow secure, efficient, and tamper-proof authentication of data, while smart contracts help improve the overall operational efficiency. 

At Quadrant, we have been using blockchain technology since 2018 and we have integrated it with all of our current products. We have a separate blockchain arm, Quadrant Protocol, dedicated to developing all the underlying technology and operating the Quadrant Chain — a Proof of Authority enterprise Ethereum instance. 

As the Quadrant Chain is Ethereum-compatible, we can deploy smart contracts to trustlessly automate most of the features of a traditional consent management platform, including user opt-ins and opt-outs, as well as do-not-sell requests. 

How QCMP works 

QCMP comes in the form of an SDK, which can be integrated into any mobile app with just a few lines of code. On top of consent management, QCMP also takes care of all the frontend, displaying the required dialogs to the user. 

Once a publisher integrates QCMP, it connects to the Quadrant Chain ecosystem and logs every user’s consent-related actions utilizing smart contracts. Because these events are “stamped” forever on the chain, publishers and compliance teams can view them confidently knowing that the data is untampered. 

QCMP rundown

Every publisher in QCMP is represented by an account and is given a randomly generated unique private key for every app they have on the Quadrant Chain. Consent events are logged as transactions, or more precisely as smart contract calls initiated by these accounts.

block explorer 1

Since every transaction on the Quadrant chain is available for public viewing via the Quadrant Protocol Explorer, we can see these calls in action. 

In the example below, we can see that a user has chosen to opt-in to their data being managed by the publisher. The transaction itself is a smart contract call (addSdkUserConsentAuditTrail), and it has multiple relevant parameters. 

block explorer 2

The QCMP smart contracts, among others, record: 

  • The type of the request, in this case “sdk_user_opt_in” 
  • The regulatory framework the consent falls under, in this case CCPA; QCMP is equipped to intelligently manage frameworks based on the user’s location 
  • The device ID of the user 
  • The app the consent is given to, represented by an address 
  • A timestamp (“capturedAt”) in UNIX format 

In this other example, we see that a user has chosen to opt-out from their data being managed by the publisher. Again, this transaction is also a smart contract call (“addSdkUserConsentAuditTrail”), and contains the same relevant parameters: 

  • The device ID of the user 
  • The app to which the opt-out is applied 
  • A timestamp (“capturedAt”) in UNIX format 

block explorer 3

In this last example, we can see how the QCMP smart contract records a “do not sell” request on chain: 

  • The type of the request, in this case “sdk_user_do_not_sell” 
  • The device ID of the user 
  • The app the consent is given to, represented by an address 
  • A timestamp (“capturedAt”) in UNIX format 

block explorer 4

In Summary 

We believe that authenticity, transparency, and efficiency should be the guiding principles of the data supply chain. With the power of tamper-proof and accessible data that blockchain technology enables, Quadrant Protocol will continue to integrate products with the Quadrant Chain with the ultimate goal of cleaning up that proverbial murky river. 

Interested in leveraging QCMP to monetize your apps ethically and sustainably? Fill out the form below and one of our consent specialists will contact you soon. 



Great updates

Subscribe to our email newsletter today!