What implications do the EUs General Data Protection Regulations have on blockchain technology?

General data protection Regulation PDF


,It will be of substantial value for everything except personal data: notably, demonstrating that your compliance audit trails (metadata as to your operations as distinct from personal data about your individuals) werenu2019t invented after someone complained.

I intend to add blockchain to some compliance products as and when pdf audit trails are deemed insufficient.

,Otherwise, at its simplest: Donu2019t hold personal data in blocks.

If you do, it becomes impossible in practice to comply with Articles 13u201322 (especially 16u201320) because both the purpose (authenticity/certainty) and functionality of blockchain act so as to frustrate exercise of many of the data subject rights, most importantly erasure and rectification.

,That leads to cascading problems for holding financial transactions of individuals (notably in cryptocurrencies).

You canu2019t use shared identifiers (such as social security numbers etc) because by definition theyu2019re known by more than one company, thus identifiable by third party controllers, thus personal datau2026,Whereas if you use local identifiers (such as pseudonyms or other unique keys to tables never used outside the enterprise), by definition theyu2019re useless for blockchain (which is about sharing across large groups for purpose of verifying authenticity) until and unless the original controller discloses their meaning to legitimately interested third parties.

At which point you may have a Notification lacuna as well as an additional data subject rights headache.

,Blockchain is wonderful, elegantly simple, dead easy to implement, extremely inefficient, sometimes only marginally practical, and a solution or partial solution for many things (including unusual categories such as police corruption)u2026 but not including direct implementation of data protection compliance law, which in my view blockchain can only impede.

General data protection Regulation (UK)

In the medium term, nothing.

,UK consumers like the protections.

,UK businesses are broadly compliant.

,Thereu2019s no incentive to change.

,The purpose of Brexit isnu2019t to u201cundo everythingu201d.

Itu2019s to ALLOW such changes as the UK government want.

,Thereu2019s nothing on the regulatory radar that suggests any party want to roll back GDPR at this point.

GDPR principles

Here is a really good blog post explaining the 6 principles:,The GDPR: Understanding the 6 data protection principlesThanks,,Max


General Data Protection Regulation in EU law on data protection and privacy for individuals within the European Union.

GDPR was adopted on April 2016 and it becomes enforceable from May 2018.

GDPR requires businesses to comply the key guidelines i.


,,Obtain consent,Ensure rights of individuals,Demonstrate accountability,Conduct data protection impact assessment,Report data breach and much more.

,Springbord - leading data management company offers a comprehensive database of GDPR professionals, influencers, data protection officers, etc.


They provide database of 250 GDPR experts.