Blockchains and the General Data Protection Regulation

Blockchain Regulation and Governance in Europe Pub Date : 2018-07-06 DOI:10.1017/9781108609708.004

L. Ibáñez, K. O’Hara, E. Simperl

{"title":"Blockchains and the General Data Protection Regulation","authors":"L. Ibáñez, K. O’Hara, E. Simperl","doi":"10.1017/9781108609708.004","DOIUrl":null,"url":null,"abstract":"Blockchain technologies have emerged as a revolutionary way of executing business processes in a decentralised way. Spearheaded by their use as cryptocurrency as a way to transact digital assets without the need of a bank blockchains have attracted the attention of the general public and mainstream media. Beyond cryptocurrencies, large companies, entrepreneurs, and investors have recognized the potential of the underlying technologies as a game-changer in the way we formalise and manage digital relationships in the Web. According to the Worldwide Semiannual Blockchain Spending Guide published by IDC, blockchain technologies received $945M of investment in 2017, and are estimated to get a staggering $2.1 billion by the end of 2018. In parallel, the European Union has recently introduced the General Data Protection Regulation (GDPR) to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy, with particular emphasis in reducing the power asymmetry between organisations that manage and exploit personal data, and the individual to which these data belongs. Unfortunately, despite the fact that from a philosophical perspective blockchains also pursue the empowering of individuals and reducing the influence of centralised parties, several scholars and practitioners have raised concerns about the conflict between the way blockchains work and some articles of the GDPR. This ‘collision course’, as some enthusiasts and developers have called, on the one hand generates anxiety about the possibility that GDPR might hinder European innovation in blockchain technologies, while on the other, opens potential opportunities in the use of blockchain technologies as a tool for enforcing GDPR. In this paper, we review the legal and technological state of play of the GDPR-Blockchain relationship. Next, we analyse three interaction scenarios between data subjects and blockchain systems, and propose possible ways of achieving GDPR compliance by using state of the art technologies. Finally we review current efforts in the use of blockchains to enforce GDPR principles, in particular ‘Data Protection by Design’","PeriodicalId":382801,"journal":{"name":"Blockchain Regulation and Governance in Europe","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"36","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Blockchain Regulation and Governance in Europe","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1017/9781108609708.004","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 36

Abstract

Blockchain technologies have emerged as a revolutionary way of executing business processes in a decentralised way. Spearheaded by their use as cryptocurrency as a way to transact digital assets without the need of a bank blockchains have attracted the attention of the general public and mainstream media. Beyond cryptocurrencies, large companies, entrepreneurs, and investors have recognized the potential of the underlying technologies as a game-changer in the way we formalise and manage digital relationships in the Web. According to the Worldwide Semiannual Blockchain Spending Guide published by IDC, blockchain technologies received $945M of investment in 2017, and are estimated to get a staggering $2.1 billion by the end of 2018. In parallel, the European Union has recently introduced the General Data Protection Regulation (GDPR) to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy, with particular emphasis in reducing the power asymmetry between organisations that manage and exploit personal data, and the individual to which these data belongs. Unfortunately, despite the fact that from a philosophical perspective blockchains also pursue the empowering of individuals and reducing the influence of centralised parties, several scholars and practitioners have raised concerns about the conflict between the way blockchains work and some articles of the GDPR. This ‘collision course’, as some enthusiasts and developers have called, on the one hand generates anxiety about the possibility that GDPR might hinder European innovation in blockchain technologies, while on the other, opens potential opportunities in the use of blockchain technologies as a tool for enforcing GDPR. In this paper, we review the legal and technological state of play of the GDPR-Blockchain relationship. Next, we analyse three interaction scenarios between data subjects and blockchain systems, and propose possible ways of achieving GDPR compliance by using state of the art technologies. Finally we review current efforts in the use of blockchains to enforce GDPR principles, in particular ‘Data Protection by Design’

查看原文本刊更多论文

区块链和通用数据保护条例

区块链技术已经成为一种以分散方式执行业务流程的革命性方式。区块链作为一种不需要银行就可以交易数字资产的加密货币，已经引起了公众和主流媒体的关注。除了加密货币，大公司、企业家和投资者已经认识到底层技术的潜力，它将改变我们在网络中形式化和管理数字关系的方式。根据IDC发布的全球半年度区块链支出指南，区块链技术在2017年获得了9.45亿美元的投资，预计到2018年底将获得惊人的21亿美元。与此同时，欧盟最近推出了《通用数据保护条例》(GDPR)，以保护和授权所有欧盟公民的数据隐私，并重塑整个地区组织处理数据隐私的方式，特别强调减少管理和利用个人数据的组织与这些数据所属的个人之间的权力不对称。不幸的是，尽管从哲学的角度来看，区块链也追求赋予个人权力，减少中心化政党的影响，但一些学者和从业者对区块链的工作方式与GDPR的一些条款之间的冲突提出了担忧。正如一些爱好者和开发者所称的那样，这种“碰撞过程”一方面引发了人们对GDPR可能阻碍欧洲区块链技术创新的担忧，另一方面，也为使用区块链技术作为执行GDPR的工具提供了潜在的机会。在本文中，我们回顾了gdp -区块链关系的法律和技术状态。接下来，我们分析了数据主体和区块链系统之间的三种交互场景，并提出了通过使用最先进技术实现GDPR合规性的可能方法。最后，我们回顾了目前在使用区块链来执行GDPR原则方面的努力，特别是“设计数据保护”。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Blockchain Regulation and Governance in Europe

自引率

0.00%

发文量