Urbit as GDPR Solution: A Research Grant Proposal

Proposal Summary

Several key parts of the Urbit tech stack (self-sovereign ID, p2p networking, and default-local clients) have immense potential to obviate the need for Internet businesses to operate in the current centralized client-server paradigm which necessitates the storing of sensitive customer data. This necessity has created an immense business moat via mandated compliance with GDPR and similar regulatory regimes which are intended to safeguard customer data held by third parties. GDPR compliance moats are an immense impediment to startups and protocols which wish to compete with entrenched Internet companies on the product and execution levels.

We propose to conduct an in-depth analysis of both the potential economic impact of obviating the GDPR compliance moat for competitors, and the specific (technical + regulatory) compliance requirements and resulting design opportunities which can point the way to future, Urbit-native primitives of interest to would-be platform competitors. We see this as extremely valuable work in order to show entrepreneurs and investors the potential for Urbit as a way to unlock competition in stagnant market sectors, and thereby bring talent and capital into the Urbit ecosystem.

We envision this grant as the first of three stages in a larger project to develop Urbit primitives which solve GDPR compliance issues for startups, however it also works as a standalone outreach tool.

Deliverables

Whitepaper (10pg +) on GDPR compliance as Internet platform moat:

• Will begin with a literature review of estimated economic impacts via blocked competition, explore different aspects/industry sectors in terms of economic impact, and tie together a Total Addressable Market narrative for prospective startups that can reasonably be unlocked by Urbit-based primitives and protocols which obviate the GDPR compliance moat
• Will, at a high level, identify the methods of enforcement and standards of qualification for GDPR coverage, in order to inform Urbit primitive design at a later stage

Blog post on GDPR compliance moats, Urbit’s potential, and protocolization:

• 1500+ words; written for a tech/business-savvy but lay audience (developers, entrepreneurs, VCs) in order to explore possibilities of Urbit-based primitives which obviate the GDPR moat

Milestones

Milestone 1: Literature review to demonstrate the research areas. 1 star. Delivered by July 8, 2024.

Milestone 2: Final draft of whitepaper and blog post. 4 stars. Delivered by August 1, 2024.