**4. Methodology: the ten-step decision path**

Blockchain technology has several drawbacks and might not be suitable for all applications. Technically, as blockchain technology is a new way of recording information, any existing database can be converted to a blockchain database. However, as argued concretely by Pedersen et al. [8] every database is not suitable for converting into blockchain databases. Thus, Pedersen et al. [8] developed a ten-step decision path which can be used to determine the suitability of any blockchain technology application. They argued that they developed this framework based on years of consulting experience in both the public and private sectors. They validated their framework by conducting interviews with representatives from a Danish maritime shipping company as well as the Danish Maritime Authority which regulates the shipping industry of Denmark. Below, we discuss the ten-step decision path in more detail.

The first step is to determine whether there is a need for a shared common database. It is important to recognize that not all databases are needed to be shared. For example, private information does not need to be shared. Proprietary information or a trade secret (which might be discussed and recorded intentionally or unintentionally in a meeting minute) is a clear example of information that companies do not want to share. Another important factor to be considered is the demand for a shared database. For some information, there is a low or infrequent demand. This kind of information does not need to be shared. Another important aspect of the first step is the need to share "the same" data. This will be important when consistency of data is crucial for using this database. For example, medical records of patients that can be shared among hospitals must be exactly the same in order to prevent misdiagnosis which could result in serious injuries, illnesses, or even death.

The second step is to determine whether there is more than one party that needs to engage with the database. In some contexts, several parties, rather than one, are needed to interact with the database to enhance the value derived from the database. For example, financial transactions recorded in cryptocurrency such as bitcoin need

#### *CSR Reporting and Blockchain Technology DOI: http://dx.doi.org/10.5772/intechopen.105512*

one party to create the data and another party to validate (i.e., miners) the data. In some cases, the party that creates the data is one party, and the party that uses the data is another party (e.g., companies create CSR reporting to be used by potential investors). A benefit of blockchain technology in this context would be to use the decentralized feature of blockchain technology to distribute work to the right parties to enhance the value derived from the database.

The third step is to determine whether different parties have conflicts of interests which could create trust issues. According to the trust triangle model [35], there are three factors which are the determinants of trust. The first factor is third-party enforcement, which includes laws and regulations. The second factor is related-party enforcement, which includes market forces and reputational capital. The third factor is first-party enforcement, which includes ethics, integrity, and culture. Thus, in a situation when all three factors in the trust triangle are missing, the benefits of blockchain technology can be significant as blockchain technology can be a third-party enforcement that can completely transform a trustless system into a trustful system.

The fourth step is to determine whether it is possible and desirable to avoid using a trusted third party which normally arises to reduce or eliminate the trust issues discovered in the third step. As blockchain technology uses a decentralized network to record data, it can eliminate the need to use a centralized third party. In some situations, it is not possible to avoid using a trusted third party, such as when it is required by laws or regulations that a certain trusted third party must be used (e.g., applying for a VISA or work permits). In this case, it is not possible to use blockchain technology. Also, in some situations where a centralized trusted third party can effectively reduce or eliminate the trust issues better than using blockchain technology (since blockchain technology does have several drawbacks such as high energy usage, damaging the environment, and high latency such as in bitcoin), using blockchain technology will not be suitable in this case.

The fifth step is to determine whether the rules for accessing the database by different parties are the same or not. If all the parties have the same access rights, then blockchain technology is not suitable because a typical relational database such as MySQL would be enough to develop a shared common database among different parties with potential conflicts of interest. However, if it is desirable to give different parties different database access rights such as one party creates the data, one party validates the data, and one party uses the data, then it is suitable for using blockchain technology.

The sixth step is to determine whether the rules for transacting are frequently changed in a way that these changes cannot be anticipated or not. As blockchain technology is algorithmic in nature, all transactions are executed automatically by preprogramed codes. When changes to the rules for transacting are frequent, the costs for commencing these changes can be significant. Furthermore, some types of rules are not possible to be changed. An obvious example is a set of rules in a smart contract that have already been recorded on the blockchain.

The seventh step is to determine whether there are significant benefits from having an immutable database. Immutability occurs when it is impossible to change the recorded data. There could be several benefits from having an immutable database. First, an immutable database enhances the auditing process by ensuring that the data used for auditing is the original recorded data. Data tampering is a frequent problem that can arise in various contexts ranging from tampering with survey data [36], medical data [37], and even officially announced data [38]. Second, an immutable database can be used to encourage desirable behaviors. A study by Piza et al. [39] who conducted a systematic review using meta-analysis of 40 years of research relating to the effect of closed-circuit television (CCTV) on crime prevention found a compelling support that CCTV works. If people know that they are being watched and their actions will be recorded, it is less likely that they will act in an illegal manner. Thus, if immutability adds significant benefits to users of the database, then blockchain technology is suitable. However, if the benefits are small or negligible such as when small errors in the data are acceptable (e.g., for calculating statistical averages), then blockchain technology is not suitable.

If a blockchain application passes through the seventh step, then blockchain technology is suitable for this application. The eighth to tenth steps are intended to determine what kind of blockchain architecture is the most suitable for the current application. The eighth and the ninth step determine whether public access to the database is required or not. The eighth step focuses on the write eligibility (i.e., who can write to the database) while the ninth step focuses on the read eligibility (i.e., who can read from the database). If the public is required to write and read from the database, then a permissionless public blockchain is required. Finally, the tenth step is used to determine whether a permissioned private blockchain or a permissioned public blockchain is required. If the decision regarding who is eligible to read or write to a database is decided within an organization, then a permissioned private blockchain is required. Otherwise, this blockchain application requires a permissioned public blockchain architecture.
