In the United States, 92 per cent of individuals reported concern over their privacy while using the internet, highlighting how recent massive data breaches and narratives around Big Tech data monetization have eroded internet users’ trust. This has been especially heightened by the rise of opaque artificial intelligence systems and evolving sociopolitical landscapes.

Gaps in regulation

While the European Union’s General Data Protection Regulation in 2018 set a benchmark as the first comprehensive legal act aimed at enhancing internet users’ privacy rights, it is not without its shortcomings.

GDPR and subsequent regulatory frameworks have largely been ineffective at enforcing and holding Big Tech companies, particularly Google and Meta, accountable for collecting and selling user data. Claims surrounding potential GDPR violations have reportedly taken years, sometimes more than four, to be handled. The delays stem from complex procedures involving multiple agencies and countries handling complaints against specific companies, creating significant backlogs and weakening the act’s ability to enforce and uphold its mandate.  

In the United States, the absence of federal legislation on data protection has led numerous states to take matters into their own hands. The US’s patchwork regulatory reality may create more harm than good, as variations on specific matters create endless compliance complexities for businesses operating across numerous states.

Users then receive varying degrees of data protection based on their location at any given time. Furthermore, for small- and medium-sized businesses, developing individual compliance programs for individual state regulators heightens costs that limit their ability to compete with Big Tech and other large corporations.

Meanwhile, Big Tech has been throwing its weight around with intense lobbying efforts, claiming any sort of legislation with real teeth to it will undermine innovation. While this is a discussion worth having, companies whose business model is highly dependent on data-based ad revenue don’t want increased consumer data protections. 

Despite heightened awareness surrounding the value and vulnerability of personal data privacy, centralized entities, in the form of Big Tech conglomerates and governments, hold powerful sway over our user data. Regulatory protections are usually welcomed, but the lack of transparency between the intentions of Big Tech and governments won’t repair the distrust many have toward both.

Web3’s heightened role

This is precisely where web3’s decentralized infrastructure can bypass centralized entities, whose interests may not align with most users, to provide a higher standard of data protection. 

Blockchain—and web3 more broadly—have had countless iterations and use cases of its technology designed to try and build wealth through games, crypto schemes, or other avenues. However, many projects and developers are either missing or choosing to ignore the potential they have in protecting user data.

Thanks to blockchain’s inherent encryption technology and immutable ledger, some web3-based privacy projects are staking their claim as an alternative to the current web2 system that dominates online interactions to profit from ad revenue. One such example is tomi, a DAO-governed project that leverages web3’s data-preserving strengths to create a decentralized, privacy-focused “alternative internet.”

tomi’s modus operandi is to champion security, data privacy, and freedom of speech throughout its operations and product offering. This includes offering services that advance its mission in material ways—including a VPN, storage, and private messaging service for its users to safeguard their browsing and communications by leaning into web3’s capacity for data privacy. Since the project is governed by a community and works on a unified model to keep the familiarity and UX of web2, tomi’s focus lies in making decentralized technology as intuitive and accessible as possible.

The reality is that as much as regular users would like to take more steps to preserve their data privacy, they’re unlikely to take these measures if there’s any inconvenience involved. This simple fact creates an obstacle that many web3 infrastructure projects don’t feel comfortable trying to overcome.

So, what is the takeaway here? For one, web3 projects must take themselves more seriously as champions of data privacy and protection within a cratered regulatory landscape worldwide. By stepping in with alternatives for those who are concerned about both Big Tech and regulatory overreach, developers have a strong and compelling use case that won’t fizzle out during a market downturn. However, preserving privacy cannot come at the expense of UX, and this must remain at the forefront if projects ever want a significant user base to transition to web3.

Modularity has made significant progress in expanding the web3 developer design space by unbundling the monolithic stack. Yet, with new capabilities comes new challenges that are our duty as protocol builders to overcome. 

As the modular ecosystem stands today, there is no single tutorial that guides builders end to end. Developers must take on multiple journeys and educate themselves about every component part before they can start building their dApp. We must create better tools to help them interact with these technologies more productively. The onus is on us to simplify the developer journey, and we must do so by working together.

The modular developer journey

Let’s paint a picture of the current developer journey. Before a developer can start building, they must determine the infrastructure that will support their dApp. In web2, this can be as simple as selecting an operating system or even no-code software tools available online. With monolithic blockchains, it comes down to selecting the layer-1 (or layer-2) that best meets their technical and business requirements. In modular web3, the technical diversity and long-term social unknowns make choosing a protocol an already overwhelming task. 

In the modular paradigm, a developer must understand how to construct the blockchain stack one layer at a time. However, many modular solutions are still in highly developmental stages, and it will take time to battle-test them for reliability and long-term relevance.  

Additionally, many technical integrations and critical bridges that make modular architecture functional are incomplete or challenging to build with. Most blockchain roadmaps evolve over time; plans and priorities change, and no promises are certain. 

This puts an immense cognitive load on developers to educate themselves about the differentiators of countless new protocols, associated security risks, trust assumptions, and overall technical readiness. And even once this is all figured out, there is a lack of shared resources that sufficiently guide developers on how to stack these technologies together. 

DApp development is, therefore, high-risk, inconvenient, and very complex in its current form. Until we think more tactically about how these pieces fit together, it will be challenging for any developer to build consumer-friendly products.

We’ve been here before

There are plenty of lessons from the evolution of web2 that can and should be applied to web3. In its earlier phases, developers would run their own servers and might build sophisticated client-server interactions to produce web2-like applications, but it was an arduous and cumbersome process. It wasn’t until significant advances in cloud computing, JavaScript, AJAX, and responsive design that developers had fertile ground to build a web2 capable of achieving mass adoption.

Once the common traits of web2 systems were abstracted away from programmers, it became simple enough for large-scale experimentation. This eventually led to the phenomenal successful consumer applications we see today. This is what we must achieve for web3.

Building on a monolithic chain has edged closer to this state. Take Ethereum (ETH) as an example. Despite its constraints, developers have a clear understanding of how to build a dApp. It created the first true generation of web3 developers who eventually moved on to experiment with other blockchains.

Now, developers’ motivations have evolved past initial curiosity and experimentation, and they want to build sophisticated products that solve problems and create impact. These products require the flexibility and agility of modular solutions to work. 

However, this flexibility introduces significantly more complexity. Exponentially, more decisions must be made when composing a modular framework. If we are to enable bolder experimentation and product development in web3, these complexities must be abstracted away in the same way they were in web2.

Building bridges, not islands

As modular protocol builders, we must acknowledge that this is a messy process but one we can systematize. We must create streamlined pathways between protocols and simplify the integration process so that any developer—web3 native or not—can build in easy steps.

There are three primary opportunities where we can collectively begin tackling these challenges.

Cross-platform networks. Core developers from different modular protocols could work together to create shared tools and interfaces that help developers build streamlined products. Developing these shared prototypes that package multiple protocols together will improve the developer experience, as they will be better able to identify the optimal setup according to their dApp’s needs, and seamlessly integrate these elements into their stack. 

Shared documentation. Create content, tutorials, and documentation that clearly illustrate how to stack various modular protocols together, express how integrations function, and how one system might complement another. It will help developers better assess their needs, make more educated choices, and ultimately build stronger dApps.

Shared experiment weeks. Coordinate partnered initiatives that bring developers across multiple modular communities together and invite them to experiment and build. This would help developers better understand the dApp-building process across the modular stack, unlock new opportunities for shared development, and catalyze dApp production through experimentation. 

The Cambrian explosion of modular solutions means that we see innovation in every corner, but we cannot continue to work in silos. For our protocols to achieve their fullest potential, we must move beyond the competition that consumes our time and energy at each layer and think about how we can collaborate across it. We only succeed when we reach the stage where developers can just focus on building their products, not the infrastructure we have designed to underpin them. 

Erick de Moura

Erick de Moura, co-founder of Cartesi, brings over 20 years of software industry expertise, encompassing software business, development processes, and system architecture. Prior to Cartesi, he led teams and projects in diverse sectors, including healthtech, e-commerce, and infrastructure. Currently, Erick serves as a board member and advisor to The Cartesi Foundation.