Public, permissionless blockchains and the EU’s GDPR: The coming clash between technology and the law?

From a blog by VALID advisor Christian Sillaber, Senior Researcher on IT-Security

The European Union’s General Data Protection Regulation (GDPR) came into effect on May 25, 2018. It is already clear that the new law, which is in many respects ground-breaking, is struggling to keep up with the pace of technological change. If this issue is not addressed, the GDPR will undermine citizens’ ability to use blockchain.

The core of the problem is that, in addition to the explicit declaration of the rights of the data subject (access to data, data portability, right to erasure, right to correction etc.), the GDPR also mandates that data controllers and processors abide by the principle of “data protection by design and default”. This means designing services and software with privacy as a foundational consideration rather than as an afterthought or add-on. The implied design requirements and goals seem to be at odds with the fundamental ideas behind blockchain and other emerging distributed ledger technologies — in particular transparency, immutability and egalitarian access to the data.

The GDPR applies to the processing of personal data (Art. 2 para. 1 GDPR), that is, any information relating to an identified or — by the use of additional information — identifiable person (Art. 4 para. 1 GDPR). Although the cryptographic identities used by most participants of public permissionless distributed ledger systems are not directly linked to identified natural persons, it is — under certain circumstances — possible to identify participants through additional information (e.g. correlation of the person’s activities with third party data). Therefore, data stored and processed in most public, permissionless blockchain systems should be considered personal data. Little doubt also remains that territorial applicability can also be established for most distributed ledger systems, as they are either (partially) operated from within the EU or are actively used to process data from data subjects located in the EU.

Public, permissionless distributed ledger systems enable their participants to maintain a public database without the need for a trusted central authority or mutual trust. Any participant may enter or leave the system at any time and, therefore, access the data of the ledger at any time.


Image Credit:  Valid

News This Week

Quantum dots in brain could treat Parkinson’s and Alzheimer’s diseases

Tiny particles called quantum dots reduce symptoms in mice primed to develop a type of Parkinson’s disease, and also block formation of the toxic protein clumps in Alzheimer’s. They could one day be a [...]

Three Huge Ways Tech Is Overhauling Healthcare

We are on the brink of a revolution in healthcare. AI is making the drug discovery process >100X faster and cheaper, and 90 percent more likely to succeed in clinical trials. Mobile health is [...]

Building a robotic eel that swims through your body

Physicist Seth Fraden is developing a new generation of machines modeled on living creatures. His latest invention might one day treat disease by swimming its way through our blood. As a kid, physicist Seth [...]

Richard Feynman “Tiny Machines” Nanotechnology Lecture Video

Richard Feynman gave his famous talk "There's Plenty of Room at the Bottom" (Original Transcript Available Here : on December 29th 1959 at the annual meeting of the American Physical Society at [...]

Boosting immune cells with nanoparticles

Programming the body’s immune system to attack cancer cells has had promising results for treating blood cancers such as lymphoma and leukemia. This tactic has proven more challenging for solid tumors such as breast [...]

Analysis of Nanoparticles in Commercial Sunscreens

Postnova Analytics has published a new application note that describes a new approach for analysis of titanium dioxide nanoparticles in commercial sunscreens. The technique, which combines Inverse Supercritical Fluid Extraction (I-SFE) and Miniaturized Asymmetrical [...]

Future Space Tourists Might Have To Train Before Their Trips

Leave it to Richard Branson to find motivation to go to the gym in traveling to space. On Tuesday, a ship from Brason’s space flight company, Virgin Galactic, achieved supersonic speed in a test [...]

Artificial Intelligence to Boost Liquid Biopsies

Machine-learning algorithms tuned to detecting cancer DNA in the blood could pave the way for personalized cancer care. copyright by Modern cancer medicine is hampered by two big challenges—detecting cancers when they are [...]


Leave A Comment