GDPR: In conflict with blockchain?

BitClave
BitClave
May 30, 2018 · 4 min read
Image for post
Image for post

Is the new General Data Protection Regulation (GDPR), newly effective in the European Union but with global ramifications, incompatible with blockchain? This is a timely question as the law just went into effect in the EU last week. Here, we will consider two dimensions of the law, one to do with the platform of user rights it puts forward, and the technical side of trying to appease a law written mostly to regulate centralized agencies.

User rights are a good thing

With a centralized system, personal data is uploaded to the system of an organization (the controller) for further processing. While this is possible under the rules of GDPR it’s putting a large burden on the organization to make sure the data is stored safely and isn’t being used in any other way than described by the data agreement.
via

As this makes clear, centralization is the real target of this law, and the power it gives back to users and terminology it is mainstreams are good for privacy advocates.

Implications for blockchain companies

“Like many other things associated with GPDR, the immutability of blockchain may be a real issue. Or it may not be,” says Haff.

“One option is to store personally identifiable information off the blockchain itself — that is, use the blockchain to store the transaction, but not all the details of the transaction,” Haff says. “But that at least partially defeats the purpose of using an immutable blockchain in the first place. Alternatively, personal data on the blockchain could be encrypted with a private key that could be revoked on request or after some interval.

“What we can probably safely say is that immutability should be taken into account when deciding what data is to be stored,” Haff adds. “Simply deleting a database record at some future date isn’t really an option with blockchain.”

Creating compatible ecosystems will be an upcoming challenge, but they could look something like the workaround Andries Van Humbeeck devises here. In this instance, data is stored off the blockchain while requests and accesses to the data are verified by the blockchain. Of course, this approach is clunky and has greater potential for breaches because of its greater complexity.

It’s really early, in terms of both blockchain and GDPR

Meanwhile, lawsuits all already being brought against the greatest exploiters of user data. As these cases move through the legal system, other agencies will gain a greater understanding of the law and what regulators are prioritizing. Meanwhile, blockchain companies are incentivized to create efficient solutions that combine the security and anonymity of blockchain with the erasure mandated by GDPR.

BitClave

Decentralized Search Ecosystem based on Blockchain…

BitClave

Written by

BitClave

The future of search is here! World's First Decentralized Search Ecosytem. 🔎 Blockchain based. 🔗 Check Desearch.com 🚀

BitClave

BitClave

Decentralized Search Ecosystem based on Blockchain Technology

BitClave

Written by

BitClave

The future of search is here! World's First Decentralized Search Ecosytem. 🔎 Blockchain based. 🔗 Check Desearch.com 🚀

BitClave

BitClave

Decentralized Search Ecosystem based on Blockchain Technology

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store